-
Notifications
You must be signed in to change notification settings - Fork 68
Expand file tree
/
Copy pathselective_disable.hcl
More file actions
89 lines (72 loc) · 1.87 KB
/
Copy pathselective_disable.hcl
File metadata and controls
89 lines (72 loc) · 1.87 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
# Example: selectively enable or disable checks for specific rules.
# This is the config-file alternative to adding # pint disable ... comments.
# It is useful when:
# - Rules are auto-generated and you cannot add comments to them.
# - The same exception applies to many rules.
# - You want all linting policy exceptions in one place.
# See: https://github.com/cloudflare/pint/discussions/830
# --- Disabling checks with advanced match features ---
# Disable promql/series only for rules that are being ADDED in a PR.
# Existing (unmodified) rules still get the check, so broken edits are caught.
rule {
match {
state = ["added"]
command = "ci"
}
disable = ["promql/series"]
}
# Disable rule/for for alerts with long 'for' durations.
# These are typically slow-burn alerts where 'for' is intentionally long.
rule {
match {
kind = "alerting"
for = "> 30m"
}
disable = ["rule/for"]
}
# Disable alerts/count for alerts that already have a validated runbook.
# We trust alerts with a runbook URL to be well-scoped.
rule {
match {
kind = "alerting"
annotation "runbook_url" {
value = ".+"
}
}
disable = ["alerts/count"]
}
# Disable promql/rate for the platform team's rules only.
# Other teams still get the full check.
rule {
match {
label "team" {
value = "platform"
}
}
disable = ["promql/rate"]
}
# Disable rule/link for rules in the staging directory,
# but NOT for rules that also have the "critical" label.
rule {
match {
path = "rules/staging/.+"
}
ignore {
label "severity" {
value = "critical"
}
}
disable = ["rule/link"]
}
# --- Enabling checks for specific rules ---
# Disable promql/rate globally, then re-enable it only for critical alerts.
checks {
disabled = ["promql/rate"]
}
rule {
match {
path = "rules/critical/.+"
kind = "alerting"
}
enable = ["promql/rate"]
}