forked from prometheus/node_exporter
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SECCOPM-27660: Fix vulnerabilities #15
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Fix some mistakes * Switch to an ignore file. Signed-off-by: Ben Kochie <superq@gmail.com> Signed-off-by: Ben Kochie <superq@gmail.com>
…prometheus#2459) Bumps [github.com/jsimonetti/rtnetlink](https://github.com/jsimonetti/rtnetlink) from 1.2.0 to 1.2.2. - [Release notes](https://github.com/jsimonetti/rtnetlink/releases) - [Commits](jsimonetti/rtnetlink@v1.2.0...v1.2.2) --- updated-dependencies: - dependency-name: github.com/jsimonetti/rtnetlink dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.12.2 to 1.13.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.12.2...v1.13.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
mutex to prevent race condition. Signed-off-by: Robin Nabel <rnabel@ucdavis.edu>
Signed-off-by: Serhii Freidin <sfreydin@macpaw.com> Signed-off-by: Serhii Freidin <sfreydin@macpaw.com>
The textfile collector will now provide a unified metric description (that will look like "Metric read from file/a.prom, file/b.prom") for metrics collected accross several text-files that don't already have a description. Also change the error handling in the textfile collector tests to ContinueOnError to better mirror the real-life use-case. Signed-off-by: Guillaume Espanel <guillaume.espanel.ext@ovhcloud.com> Signed-off-by: Guillaume Espanel <guillaume.espanel.ext@ovhcloud.com>
skip over the zfs IO metrics if their paths are missing Signed-off-by: tnextday <fw2k4@163.com> Signed-off-by: tnextday <fw2k4@163.com>
* Improve metrics filesystem scanning logic * Makes ioctl syscalls to load the device error stats. * Adds filesystem mountpoint labels to existing metrics for ease of use. Signed-off-by: Marcus Cobden <leth@users.noreply.github.com>
Signed-off-by: prombot <prometheus-team@googlegroups.com> Signed-off-by: prombot <prometheus-team@googlegroups.com>
* [CHANGE] Merge metrics descriptions in textfile collector prometheus#2475 * [FEATURE] [node-mixin] Add darwin dashboard to mixin prometheus#2351 * [FEATURE] Add "isolated" metric on cpu collector on linux prometheus#2251 * [FEATURE] Add cgroup summary collector prometheus#2408 * [FEATURE] Add selinux collector prometheus#2205 * [FEATURE] Add slab info collector prometheus#2376 * [FEATURE] Add sysctl collector prometheus#2425 * [FEATURE] Also track the CPU Spin time for OpenBSD systems prometheus#1971 * [FEATURE] Add support for MacOS version prometheus#2471 * [ENHANCEMENT] [node-mixin] Add missing selectors prometheus#2426 * [ENHANCEMENT] [node-mixin] Change current datasource to grafana's default prometheus#2281 * [ENHANCEMENT] [node-mixin] Change disk graph to disk table prometheus#2364 * [ENHANCEMENT] [node-mixin] Change io time units to %util prometheus#2375 * [ENHANCEMENT] Ad user_wired_bytes and laundry_bytes on *bsd prometheus#2266 * [ENHANCEMENT] Add additional vm_stat memory metrics for darwin prometheus#2240 * [ENHANCEMENT] Add device filter flags to arp collector prometheus#2254 * [ENHANCEMENT] Add diskstats include and exclude device flags prometheus#2417 * [ENHANCEMENT] Add node_softirqs_total metric prometheus#2221 * [ENHANCEMENT] Add rapl zone name label option prometheus#2401 * [ENHANCEMENT] Add slabinfo collector prometheus#1799 * [ENHANCEMENT] Allow user to select port on NTP server to query prometheus#2270 * [ENHANCEMENT] collector/diskstats: Add labels and metrics from udev prometheus#2404 * [ENHANCEMENT] Enable builds against older macOS SDK prometheus#2327 * [ENHANCEMENT] qdisk-linux: Add exclude and include flags for interface name prometheus#2432 * [ENHANCEMENT] systemd: Expose systemd minor version prometheus#2282 * [ENHANCEMENT] Use netlink for tcpstat collector prometheus#2322 * [ENHANCEMENT] Use netlink to get netdev stats prometheus#2074 * [ENHANCEMENT] Add additional perf counters for stalled frontend/backend cycles prometheus#2191 * [ENHANCEMENT] Add btrfs device error stats prometheus#2193 * [BUGFIX] [node-mixin] Fix fsSpaceAvailableCriticalThreshold and fsSpaceAvailableWarning prometheus#2352 * [BUGFIX] Fix concurrency issue in ethtool collector prometheus#2289 * [BUGFIX] Fix concurrency issue in netdev collector prometheus#2267 * [BUGFIX] Fix diskstat reads and write metrics for disks with different sector sizes prometheus#2311 * [BUGFIX] Fix iostat on macos broken by deprecation warning prometheus#2292 * [BUGFIX] Fix NodeFileDescriptorLimit alerts prometheus#2340 * [BUGFIX] Sanitize rapl zone names prometheus#2299 * [BUGFIX] Add file descriptor close safely in test prometheus#2447 * [BUGFIX] Fix race condition in os_release.go prometheus#2454 * [BUGFIX] Skip ZFS IO metrics if their paths are missing prometheus#2451 Signed-off-by: Ben Kochie <superq@gmail.com> Signed-off-by: Ben Kochie <superq@gmail.com>
…fixes prometheus#2482 (prometheus#2485) Signed-off-by: Darshil Chanpura <darshil@thatwebsite.xyz>
Correctly handle the new `collector.diskstats.device-exclude` flag to avoid errors when using the old `collector.diskstats.ignored-devices` flag. Fixes: prometheus#2486 Signed-off-by: Ben Kochie <superq@gmail.com>
Signed-off-by: Johannes 'fish' Ziemke <github@5pi.de>
* Bump crypto and net CVE-2022-27191 CVE-2022-27664 Signed-off-by: Jason Culligan <jason.culligan@intel.com>
We don't need to fully sanitize the hwmon label values to metric/label name strings. * Just make sure they're valid UTF-8. * Always included the label metric to avoid group_left failures. Signed-off-by: Ben Kochie <superq@gmail.com> Signed-off-by: Ben Kochie <superq@gmail.com>
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.10.1 to 1.10.2. - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](opencontainers/selinux@v1.10.1...v1.10.2) --- updated-dependencies: - dependency-name: github.com/opencontainers/selinux dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github.com/mdlayher/netlink](https://github.com/mdlayher/netlink) from 1.6.0 to 1.6.2. - [Release notes](https://github.com/mdlayher/netlink/releases) - [Changelog](https://github.com/mdlayher/netlink/blob/main/CHANGELOG.md) - [Commits](mdlayher/netlink@v1.6.0...v1.6.2) --- updated-dependencies: - dependency-name: github.com/mdlayher/netlink dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…4.0 (prometheus#2493) Bumps [github.com/coreos/go-systemd/v22](https://github.com/coreos/go-systemd) from 22.3.2 to 22.4.0. - [Release notes](https://github.com/coreos/go-systemd/releases) - [Commits](coreos/go-systemd@v22.3.2...v22.4.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-systemd/v22 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…rometheus#2446) * docs/node-mixin: add fsMountpointSelector This adds the option to add a `mountpoint` selector to filesystem related alerts. The default is `mountpoint!=""`. * docs/node-mixins: add fsMountpointSelector to dashboards Signed-off-by: Jan Fajerski <jfajersk@redhat.com>
Note however that the InetDiagMsg struct contains a InetDiagSockID member, which itself contains some members which are explicitly specified as big-endian in Linux kernel source: struct inet_diag_sockid { __be16 idiag_sport; __be16 idiag_dport; __be32 idiag_src[4]; __be32 idiag_dst[4]; __u32 idiag_if; __u32 idiag_cookie[2]; }; node_exporter currently does not use these members for anything, so this is acceptable (for now). Signed-off-by: Daniel Swarbrick <daniel.swarbrick@gmail.com>
…heus#2393) Update exporter-toolkit to v0.8.1 to enable new listener support. Signed-off-by: Perry Naseck <git@perrynaseck.com>
Some systems have broken netlink messages due to patched kernels. Since these messages can not be parsed, add a flag to fall back to parsing from `/proc/net/dev`. Fixes: prometheus#2502 Signed-off-by: Ben Kochie <superq@gmail.com> Signed-off-by: Ben Kochie <superq@gmail.com>
Bumps [github.com/prometheus/client_model](https://github.com/prometheus/client_model) from 0.2.0 to 0.3.0. - [Release notes](https://github.com/prometheus/client_model/releases) - [Commits](prometheus/client_model@v0.2.0...v0.3.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_model dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github.com/jsimonetti/rtnetlink](https://github.com/jsimonetti/rtnetlink) from 1.2.2 to 1.2.3. - [Release notes](https://github.com/jsimonetti/rtnetlink/releases) - [Commits](jsimonetti/rtnetlink@v1.2.2...v1.2.3) --- updated-dependencies: - dependency-name: github.com/jsimonetti/rtnetlink dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* Respect rootfs path config option in btrfs ioctl * Fix btrfs device stats always being zero Signed-off-by: Marcus Cobden <leth@users.noreply.github.com>
Copr community prometheus-exporters repository is obsoleted. Signed-off-by: Otto Sabart <seberm@seberm.com> Signed-off-by: Otto Sabart <seberm@seberm.com>
* update rtnetlink package to v1.2.3 * add RTNL version of netclass collector that have all the metrics that netdev collector provides, too. Signed-off-by: Haoyu Sun <hasun@redhat.com>
Signed-off-by: Manuel Stausberg <stausberg@denic.de>
* Refactor netclass_rtnl collector Merge the netclass_rtnl collector into the netclass collector. * Disabled by default * Followup to prometheus#2492 Signed-off-by: Ben Kochie <superq@gmail.com>
Avoid running on all CPUs by limiting the Go runtime to one CPU by default. Avoids having Go routines schedule on every CPU, driving up the visible run queue length on high CPU count systems. This also helps workaround a kernel deadlock issue with reading from sysfs concurrently. See: * prometheus#1880 * prometheus#2500 Signed-off-by: Ben Kochie <superq@gmail.com>
…us#2877) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0. - [Commits](golang/crypto@v0.14.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: prombot <prometheus-team@googlegroups.com>
…2885) Bumps [github.com/prometheus/exporter-toolkit](https://github.com/prometheus/exporter-toolkit) from 0.10.0 to 0.11.0. - [Release notes](https://github.com/prometheus/exporter-toolkit/releases) - [Changelog](https://github.com/prometheus/exporter-toolkit/blob/master/CHANGELOG.md) - [Commits](prometheus/exporter-toolkit@v0.10.0...v0.11.0) --- updated-dependencies: - dependency-name: github.com/prometheus/exporter-toolkit dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…us#2886) Bumps [github.com/beevik/ntp](https://github.com/beevik/ntp) from 1.3.0 to 1.3.1. - [Release notes](https://github.com/beevik/ntp/releases) - [Changelog](https://github.com/beevik/ntp/blob/main/RELEASE_NOTES.md) - [Commits](beevik/ntp@v1.3.0...v1.3.1) --- updated-dependencies: - dependency-name: github.com/beevik/ntp dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.17.0 to 1.18.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.17.0...v1.18.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: prombot <prometheus-team@googlegroups.com>
…s#2898) Signed-off-by: DBS-ST-VIT <dbs-st-vit@users.noreply.github.com> Co-authored-by: DBS-ST-VIT <dbs-st-vit@users.noreply.github.com>
Signed-off-by: Alper Polat <gitperr@gmail.com>
Signed-off-by: David O'Rourke <david.orourke@gmail.com>
Signed-off-by: tyltr <tylitianrui@126.com>
…rometheus#2910) Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.45.0 to 0.46.0. - [Release notes](https://github.com/prometheus/common/releases) - [Commits](prometheus/common@v0.45.0...v0.46.0) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…prometheus#2909) Bumps [github.com/jsimonetti/rtnetlink](https://github.com/jsimonetti/rtnetlink) from 1.4.0 to 1.4.1. - [Release notes](https://github.com/jsimonetti/rtnetlink/releases) - [Commits](jsimonetti/rtnetlink@v1.4.0...v1.4.1) --- updated-dependencies: - dependency-name: github.com/jsimonetti/rtnetlink dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* fix hwmon nil ptr syslink maybe lost in some cases. --------- Signed-off-by: TaoGe <6657718+yowenter@users.noreply.github.com>
Fix golangci-lint "ineffectual assignment" by correctly capturing any errors within the hwmon gathering loop. Signed-off-by: Ben Kochie <superq@gmail.com>
Signed-off-by: prombot <prometheus-team@googlegroups.com>
Signed-off-by: DongWei <jiangxuege@hotmail.com>
NodeDiskIOSaturation description should say 30m per the "for" clause Signed-off-by: Taylor Sly <slyt@users.noreply.github.com>
Add depguard to golangci-lint to enforce the no-os/exec policy. Signed-off-by: Ben Kochie <superq@gmail.com>
filesystem: surface filesystem device error Fixes: prometheus#2918 --------- Signed-off-by: Pamela Mei i540369 <pamela.mei@sap.com>
…)" (prometheus#2932) This reverts commit 9f1f791. Signed-off-by: Ben Kochie <superq@gmail.com>
Signed-off-by: prombot <prometheus-team@googlegroups.com>
eckelon
approved these changes
Feb 28, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.