fix: add metrics for new logs

Previously, metrics only reflected logs that were present at the initial start of the server. In order to track all the logs watched by certstream, each new log watcher must register with the prometheus metrics.

The whole prometheus metrics logic was rewritten to be centered around a PrometheusExporter struct. The logmetrics file is moved to the metrics package in order to remove import dependencies. Also the prometheus file now relies stronger on dependency injection/callback functions. That prevents issues regarding circular imports.

Also that prevents expensive nested loops to obtain certain data, since each metric now calls a single callback function to obtain the relevant data.

fixes #96

Author: d-Rickyy-b

internal/certificatetransparency/ct-watcher.go

@@ -16,6 +16,7 @@ import (
 	"github.com/google/trillian/client/backoff"
 
 	"github.com/d-Rickyy-b/certstream-server-go/internal/config"
+	"github.com/d-Rickyy-b/certstream-server-go/internal/metrics"
 	"github.com/d-Rickyy-b/certstream-server-go/internal/models"
 	"github.com/d-Rickyy-b/certstream-server-go/internal/web"
 
@@ -65,9 +66,9 @@ func (w *Watcher) Start() {
 			return
 		}
 		// Load Saved CT Indexes
-		metrics.LoadCTIndex(ctIndexFilePath)
+		metrics.Metrics.LoadCTIndex(ctIndexFilePath)
 		// Save CTIndexes at regular intervals
-		go metrics.SaveCertIndexesAtInterval(time.Second*30, ctIndexFilePath) // save indexes every X seconds
+		go metrics.Metrics.SaveCertIndexesAtInterval(time.Second*30, ctIndexFilePath) // save indexes every X seconds
 	}
 
 	// initialize the watcher with currently available logs
@@ -187,7 +188,7 @@ func (w *Watcher) addLogIfNew(operatorName, description, url string, isTiled boo
 	// Log is not being watched, so add it
 	w.wg.Add(1)
 
-	lastCTIndex := metrics.GetCTIndex(normURL)
+	lastCTIndex := metrics.Metrics.GetCTIndex(normURL)
 	ctWorker := worker{
 		name:         description,
 		operatorName: operatorName,
@@ -197,7 +198,7 @@ func (w *Watcher) addLogIfNew(operatorName, description, url string, isTiled boo
 		isTiled:      isTiled,
 	}
 	w.workers = append(w.workers, &ctWorker)
-	metrics.Init(operatorName, normURL)
+	metrics.Metrics.Init(operatorName, normURL)
 
 	// Start a goroutine for each worker
 	go func() {
@@ -232,7 +233,7 @@ func (w *Watcher) Stop() {
 	if config.AppConfig.General.Recovery.Enabled {
 		// Store current CT Indexes before shutting down
 		filePath := config.AppConfig.General.Recovery.CTIndexFile
-		metrics.SaveCertIndexes(filePath)
+		metrics.Metrics.SaveCertIndexes(filePath)
 	}
 
 	w.cancelFunc()
@@ -251,7 +252,7 @@ func (w *Watcher) CreateIndexFile(filePath string) error {
 		// Iterate over each log of the operator
 		for _, transparencyLog := range operator.Logs {
 			// Check if the log is already being watched
-			metrics.Init(operator.Name, normalizeCtlogURL(transparencyLog.URL))
+			metrics.Metrics.Init(operator.Name, normalizeCtlogURL(transparencyLog.URL))
 			log.Println("Fetching STH for", normalizeCtlogURL(transparencyLog.URL))
 
 			hc := http.Client{Timeout: 5 * time.Second}
@@ -268,12 +269,12 @@ func (w *Watcher) CreateIndexFile(filePath string) error {
 				continue
 			}
 
-			metrics.SetCTIndex(normalizeCtlogURL(transparencyLog.URL), sth.TreeSize)
+			metrics.Metrics.SetCTIndex(normalizeCtlogURL(transparencyLog.URL), sth.TreeSize)
 		}
 	}
 	w.cancelFunc()
 
-	metrics.SaveCertIndexes(filePath)
+	metrics.Metrics.SaveCertIndexes(filePath)
 	log.Println("Index file saved to", filePath)
 
 	return nil
@@ -544,7 +545,7 @@ func (w *worker) foundCertCallback(rawEntry *ct.RawLogEntry) {
 	entry.Data.UpdateType = "X509LogEntry"
 	w.entryChan <- entry
 
-	atomic.AddInt64(&processedCerts, 1)
+	atomic.AddInt64(&metrics.ProcessedCerts, 1)
 }
 
 // foundPrecertCallback is the callback that handles cases where new precerts are found.
@@ -558,7 +559,7 @@ func (w *worker) foundPrecertCallback(rawEntry *ct.RawLogEntry) {
 	entry.Data.UpdateType = "PrecertLogEntry"
 	w.entryChan <- entry
 
-	atomic.AddInt64(&processedPrecerts, 1)
+	atomic.AddInt64(&metrics.ProcessedPrecerts, 1)
 }
 
 // certHandler takes the entries out of the entryChan channel and broadcasts them to all clients.
@@ -584,7 +585,7 @@ func certHandler(entryChan chan models.Entry) {
 		operator := entry.Data.Source.Operator
 		index := entry.Data.CertIndex
 
-		metrics.Inc(operator, url, index)
+		metrics.Metrics.Inc(operator, url, index)
 	}
 }
 

internal/certstream/certstream.go

@@ -62,11 +62,11 @@ func (cs *Certstream) setupMetrics(webserver *web.WebServer) {
 		if (cs.config.Prometheus.ListenAddr == "" || cs.config.Prometheus.ListenAddr == cs.config.Webserver.ListenAddr) &&
 			(cs.config.Prometheus.ListenPort == 0 || cs.config.Prometheus.ListenPort == cs.config.Webserver.ListenPort) {
 			log.Println("Starting prometheus server on same interface as webserver")
-			webserver.RegisterPrometheus(cs.config.Prometheus.MetricsURL, metrics.WritePrometheus)
+			webserver.RegisterPrometheus(cs.config.Prometheus.MetricsURL, metrics.Prometheus.Write)
 		} else {
 			log.Println("Starting prometheus server on new interface")
 			cs.metricsServer = web.NewMetricsServer(cs.config.Prometheus.ListenAddr, cs.config.Prometheus.ListenPort, cs.config.Prometheus.CertPath, cs.config.Prometheus.CertKeyPath)
-			cs.metricsServer.RegisterPrometheus(cs.config.Prometheus.MetricsURL, metrics.WritePrometheus)
+			cs.metricsServer.RegisterPrometheus(cs.config.Prometheus.MetricsURL, metrics.Prometheus.Write)
 		}
 	}
 }

…al/certificatetransparency/logmetrics.go internal/metrics/logmetrics.gointernal/certificatetransparency/logmetrics.go renamed to internal/metrics/logmetrics.go internal/certificatetransparency/logmetrics.go renamed to internal/metrics/logmetrics.go

@@ -1,4 +1,4 @@
-package certificatetransparency
+package metrics
 
 import (
 	"encoding/json"
@@ -22,9 +22,9 @@ type (
 )
 
 var (
-	processedCerts    int64
-	processedPrecerts int64
-	metrics           = LogMetrics{metrics: make(CTMetrics), index: make(CTCertIndex)}
+	ProcessedCerts    int64
+	ProcessedPrecerts int64
+	Metrics           = LogMetrics{metrics: make(CTMetrics), index: make(CTCertIndex)}
 )
 
 // LogMetrics is a struct that holds a map of metrics for each CT log grouped by operator.
@@ -91,6 +91,9 @@ func (m *LogMetrics) Init(operator, url string) {
 	if _, ok := m.index[url]; !ok {
 		m.index[url] = 0
 	}
+
+	// Register the metric for this operator and url with Prometheus
+	Prometheus.RegisterLog(operator, url)
 }
 
 // Get the metric for a given operator and ct url.
@@ -289,18 +292,18 @@ func (m *LogMetrics) SaveCertIndexes(ctIndexFilePath string) {
 
 // GetProcessedCerts returns the total number of processed certificates.
 func GetProcessedCerts() int64 {
-	return processedCerts
+	return ProcessedCerts
 }
 
 // GetProcessedPrecerts returns the total number of processed precertificates.
 func GetProcessedPrecerts() int64 {
-	return processedPrecerts
+	return ProcessedPrecerts
 }
 
 func GetCertMetrics() CTMetrics {
-	return metrics.GetCTMetrics()
+	return Metrics.GetCTMetrics()
 }
 
 func GetLogOperators() map[string][]string {
-	return metrics.OperatorLogMapping()
+	return Metrics.OperatorLogMapping()
 }

…rtificatetransparency/logmetrics_test.go internal/metrics/logmetrics_test.gointernal/certificatetransparency/logmetrics_test.go renamed to internal/metrics/logmetrics_test.go internal/certificatetransparency/logmetrics_test.go renamed to internal/metrics/logmetrics_test.go

@@ -1,4 +1,4 @@
-package certificatetransparency
+package metrics
 
 import (
 	"path/filepath"

internal/metrics/prometheus.go

@@ -3,120 +3,108 @@ package metrics
 import (
 	"fmt"
 	"io"
-	"strings"
+	"log"
 	"sync"
 	"time"
 
-	"github.com/d-Rickyy-b/certstream-server-go/internal/certificatetransparency"
-	"github.com/d-Rickyy-b/certstream-server-go/internal/web"
-
 	"github.com/VictoriaMetrics/metrics"
 )
 
-var (
-	ctLogMetricsInitialized = false
-	ctLogMetricsInitMutex   = &sync.Mutex{}
-
-	tempCertMetricsLastRefreshed = time.Time{}
-	tempCertMetrics              = certificatetransparency.CTMetrics{}
-	tempCertMetricsMutex         = &sync.RWMutex{}
+var Prometheus = NewPrometheusExporter()
 
+type PrometheusExporter struct {
 	// Number of currently connected clients.
-	fullClientCount = metrics.NewGauge("certstreamservergo_clients_total{type=\"full\"}", func() float64 {
-		return float64(web.ClientHandler.ClientFullCount())
-	})
-	liteClientCount = metrics.NewGauge("certstreamservergo_clients_total{type=\"lite\"}", func() float64 {
-		return float64(web.ClientHandler.ClientLiteCount())
-	})
-	domainClientCount = metrics.NewGauge("certstreamservergo_clients_total{type=\"domain\"}", func() float64 {
-		return float64(web.ClientHandler.ClientDomainsCount())
-	})
+	fullClientCount   metrics.Gauge
+	liteClientCount   metrics.Gauge
+	domainClientCount metrics.Gauge
+
+	tempCertMetricsLastRefreshed time.Time
+	tempCertMetrics              CTMetrics
+	tempCertMetricsMutex         sync.RWMutex
+
+	skippedCertsCallback func() map[string]int64
+}
 
-	// Number of certificates processed by the CT watcher.
-	processedCertificates = metrics.NewGauge("certstreamservergo_certificates_total{type=\"regular\"}", func() float64 {
-		return float64(certificatetransparency.GetProcessedCerts())
+// NewPrometheusExporter creates a new PrometheusExporter and registers the default metrics for the number of processed certificates.
+func NewPrometheusExporter() *PrometheusExporter {
+	e := &PrometheusExporter{}
+	// Register metrics for the total number of certificates processed by the CT watcher.
+	metrics.GetOrCreateGauge("certstreamservergo_certificates_total{type=\"regular\"}", func() float64 {
+		return float64(GetProcessedCerts())
 	})
-	processedPreCertificates = metrics.NewGauge("certstreamservergo_certificates_total{type=\"precert\"}", func() float64 {
-		return float64(certificatetransparency.GetProcessedPrecerts())
+	metrics.GetOrCreateGauge("certstreamservergo_certificates_total{type=\"precert\"}", func() float64 {
+		return float64(GetProcessedPrecerts())
 	})
-)
-
-// WritePrometheus provides an easy way to write metrics to a writer.
-func WritePrometheus(w io.Writer, exposeProcessMetrics bool) {
-	ctLogMetricsInitMutex.Lock()
-	if !ctLogMetricsInitialized {
-		initCtLogMetrics()
-	}
-	ctLogMetricsInitMutex.Unlock()
+	return e
+}
 
-	getSkippedCertMetrics()
+// Write is a callback function that is called by a webserver in order to write metrics data to the http response.
+func (pm *PrometheusExporter) Write(w io.Writer, exposeProcessMetrics bool) {
+	// getSkippedCertMetrics()
 
 	metrics.WritePrometheus(w, exposeProcessMetrics)
 }
 
-// For having metrics regarding each individual CT log, we need to register them manually.
-// initCtLogMetrics fetches all the CT Logs and registers one metric per log.
-func initCtLogMetrics() {
-	logs := certificatetransparency.GetLogOperators()
-
-	for operator, urls := range logs {
-		operator := operator // Copy variable to new scope
-
-		for i := range urls {
-			url := urls[i]
-			name := fmt.Sprintf("certstreamservergo_certs_by_log_total{url=\"%s\",operator=\"%s\"}", url, operator)
-			metrics.NewGauge(name, func() float64 {
-				return float64(getCertCountForLog(operator, url))
-			})
-		}
-	}
+// RegisterGaugeMetric is a helper function that registers a new gauge metric with a float64 callback function.
+func (pm *PrometheusExporter) RegisterGaugeMetric(label string, callback func() float64) {
+	metrics.GetOrCreateGauge(label, callback)
+}
 
-	if len(logs) > 0 {
-		ctLogMetricsInitialized = true
-	}
+// RegisterGaugeMetricInt is a helper function that registers a new gauge metric with an int64 callback function.
+func (pm *PrometheusExporter) RegisterGaugeMetricInt(label string, callback func() int64) {
+	metrics.GetOrCreateGauge(label, func() float64 { return float64(callback()) })
+}
+
+// RegisterClient registers a new gauge metric for the client with the given name.
+func (pm *PrometheusExporter) RegisterClient(name string, callback func() float64) {
+	label := fmt.Sprintf("certstreamservergo_skipped_certs{client=\"%s\"}", name)
+	metrics.GetOrCreateGauge(label, callback)
+}
+
+// UnregisterClient unregisters the metric for the client with the given name.
+func (pm *PrometheusExporter) UnregisterClient(name string) {
+	label := fmt.Sprintf("certstreamservergo_skipped_certs{client=\"%s\"}", name)
+	metrics.UnregisterMetric(label)
+}
+
+// RegisterLog registers a new gauge metric for the given CT log.
+// The metric will be named "certstreamservergo_certs_by_log_total{url=\"<url>\",operator=\"<operatorName>\"}" and
+// will call the given callback function to get the current value of the metric.
+func (pm *PrometheusExporter) RegisterLog(operatorName, url string) {
+	label := fmt.Sprintf("certstreamservergo_certs_by_log_total{url=\"%s\",operator=\"%s\"}", url, operatorName)
+	metrics.GetOrCreateGauge(label, func() float64 {
+		return float64(pm.getCertCountForLog(operatorName, url))
+	})
+}
+
+// UnregisterMetric unregisters a metric with a given label.
+func (pm *PrometheusExporter) UnregisterMetric(label string) {
+	metrics.UnregisterMetric(label)
 }
 
 // getCertCountForLog returns the number of certificates processed from a specific CT log.
 // It caches the result for 5 seconds. Subsequent calls to this method will return the cached result.
-func getCertCountForLog(operatorName, logname string) int64 {
-	tempCertMetricsMutex.Lock()
-	defer tempCertMetricsMutex.Unlock()
+func (pm *PrometheusExporter) getCertCountForLog(operatorName, logname string) int64 {
+	pm.tempCertMetricsMutex.Lock()
+	defer pm.tempCertMetricsMutex.Unlock()
 
 	// Add some caching to avoid having to lock the mutex every time
-	if time.Since(tempCertMetricsLastRefreshed) > time.Second*5 {
-		tempCertMetricsLastRefreshed = time.Now()
-		tempCertMetrics = certificatetransparency.GetCertMetrics()
+	if time.Since(pm.tempCertMetricsLastRefreshed) > time.Second*5 {
+		pm.tempCertMetricsLastRefreshed = time.Now()
+		pm.tempCertMetrics = GetCertMetrics()
 	}
 
-	return tempCertMetrics[operatorName][logname]
-}
-
-// getSkippedCertMetrics gets the number of skipped certificates for each client and creates metrics for it.
-// It also removes metrics for clients that are not connected anymore.
-func getSkippedCertMetrics() {
-	skippedCerts := web.ClientHandler.GetSkippedCerts()
-	for clientName := range skippedCerts {
-		// Get or register a new counter for each client
-		metricName := fmt.Sprintf("certstreamservergo_skipped_certs{client=\"%s\"}", clientName)
-		c := metrics.GetOrCreateCounter(metricName)
-		c.Set(skippedCerts[clientName])
+	operatorMetrics, ok := pm.tempCertMetrics[operatorName]
+	if !ok {
+		log.Printf("No metrics for operator \"%s\"", operatorName)
+		return 0
 	}
 
-	// Remove all metrics that are not in the list of current client skipped cert metrics
-	// Get a list of current client skipped cert metrics
-	for _, metricName := range metrics.ListMetricNames() {
-		if !strings.HasPrefix(metricName, "certstreamservergo_skipped_certs") {
-			continue
-		}
-
-		clientName := strings.TrimPrefix(metricName, "certstreamservergo_skipped_certs{client=\"")
-		clientName = strings.TrimSuffix(clientName, "\"}")
-
-		// Check if the registered metric is in the list of current client skipped cert metrics
-		// If not, unregister the metric
-		_, exists := skippedCerts[clientName]
-		if !exists {
-			metrics.UnregisterMetric(metricName)
-		}
+	count, ok := operatorMetrics[logname]
+	if !ok {
+		log.Printf("No metrics for log \"%s\" of operator \"%s\"", logname, operatorName)
+		return 0
 	}
+
+	return count
 }