Merge branch 'master' into doc-improvements-prometheus-holmes

arikalon1 · web-flow · commit 480345623d7a · 2025-04-27T19:11:15.000+03:00
diff --git a/docs/_static/custom.css b/docs/_static/custom.css
@@ -298,6 +298,37 @@ h3 {
     margin-bottom: 20px !important;
 }
 
+/* Back to Top Button */
+.back-to-top {
+    position: fixed;
+    bottom: 30px;
+    right: 30px;
+    width: 50px;
+    height: 50px;
+    background-color: var(--md-primary-fg-color);
+    color: white;
+    border-radius: 50%;
+    text-align: center;
+    line-height: 50px;
+    font-size: 20px;
+    text-decoration: none;
+    opacity: 0;
+    visibility: hidden;
+    z-index: 1000;
+    transition: opacity 0.3s, visibility 0.3s;
+    box-shadow: 0 2px 5px rgba(0, 0, 0, 0.3);
+    cursor: pointer;
+}
+
+.back-to-top.visible {
+    opacity: 0.7;
+    visibility: visible;
+}
+
+.back-to-top:hover {
+    opacity: 1;
+}
+
 .sd-sphinx-override p {
     margin-bottom: 0px;
 }
diff --git a/docs/_templates/base.html b/docs/_templates/base.html
@@ -1,6 +1,10 @@
 {% extends '!base.html' %}
 {% block site_meta %}
 {{ super() }}
+<!-- Back to Top Button -->
+<a href="#" class="back-to-top" aria-label="Back to top">
+  <span>↑</span>
+</a>
 <!-- PostHog and Segment -->
 <script>
   !function(t,e){var o,n,p,r;e.__SV||(window.posthog=e,e._i=[],e.init=function(i,s,a){function g(t,e){var o=e.split(".");2==o.length&&(t=t[o[0]],e=o[1]),t[e]=function(){t.push([e].concat(Array.prototype.slice.call(arguments,0)))}}(p=t.createElement("script")).type="text/javascript",p.async=!0,p.src=s.api_host+"/static/array.js",(r=t.getElementsByTagName("script")[0]).parentNode.insertBefore(p,r);var u=e;for(void 0!==a?u=e[a]=[]:a="posthog",u.people=u.people||[],u.toString=function(t){var e="posthog";return"posthog"!==a&&(e+="."+a),t||(e+=" (stub)"),e},u.people.toString=function(){return u.toString(1)+".people (stub)"},o="capture identify alias people.set people.set_once set_config register register_once unregister opt_out_capturing has_opted_out_capturing opt_in_capturing reset isFeatureEnabled onFeatureFlags".split(" "),n=0;n<o.length;n++)g(u,o[n]);e._i.push([i,s,a])},e.__SV=1)}(document,window.posthog||[]);
@@ -27,6 +31,26 @@
     document.getElementById('__palette_1').onclick = () => refreshRobustaLogo(true);
     document.getElementById('__palette_2').onclick = () => refreshRobustaLogo(false);
 
+    // Back to top button functionality
+    const backToTopButton = document.querySelector('.back-to-top');
+    
+    // Show button when page is scrolled down
+    window.addEventListener('scroll', function() {
+      if (window.pageYOffset > 300) {
+        backToTopButton.classList.add('visible');
+      } else {
+        backToTopButton.classList.remove('visible');
+      }
+    });
+    
+    // Smooth scroll to top when button is clicked
+    backToTopButton.addEventListener('click', function(e) {
+      e.preventDefault();
+      window.scrollTo({
+        top: 0,
+        behavior: 'smooth'
+      });
+    });
   }, false);
 </script>
 {% endblock %}
diff --git a/docs/configuration/holmesgpt/index.rst b/docs/configuration/holmesgpt/index.rst
@@ -18,7 +18,7 @@ Robusta can integrate with `Holmes GPT <https://github.com/robusta-dev/holmesgpt
 
 When available, AI based investigations can be launched in one of two ways:
 
-1. Click the ``Ask Holmes`` button in Slack. The AI investigation will be sent back as a new message.
+1. Click the ``Ask HolmesGPT`` button in Slack. The AI investigation will be sent back as a new message.
 
 .. image:: /images/robusta-holmes-investigation.png
     :width: 600px
diff --git a/docs/configuration/holmesgpt/toolsets/coralogix_logs.rst b/docs/configuration/holmesgpt/toolsets/coralogix_logs.rst
@@ -41,10 +41,6 @@ Configuration
               api_key: <your coralogix API key>
               domain: eu2.coralogix.com # Your Coralogix domain
               team_hostname: my-team # Your team's hostname in coralogix, without the domain part
-              labels:
-                pod: "kubernetes.pod_name"
-                namespace: "kubernetes.namespace_name"
-                app: "kubernetes.labels.app"
 
           kubernetes/logs:
             enabled: false # Disable HolmesGPT's default logging mechanism
@@ -65,19 +61,61 @@ Configuration
             api_key: <your coralogix API key>
             domain: eu2.coralogix.com # Your Coralogix domain
             team_hostname: my-team # Your team's hostname in coralogix
-            labels:
-              pod: "kubernetes.pod_name"
-              namespace: "kubernetes.namespace_name"
-              app: "kubernetes.labels.app"
 
         kubernetes/logs:
           enabled: false # Disable HolmesGPT's default logging mechanism
 
+Advanced Configuration
+^^^^^^^^^^^^^^^^^^^^^^
+
+**Frequent logs and archive**
+
+By default, holmes fetched the logs from the `Frequent search <https://coralogix.com/docs/user-guides/account-management/tco-optimizer/logs/#frequent-search-data-high-priority>`_ 
+tier and only fetch logs from the `Archive` tier if the frequent search returned no result.
+
+This behaviour can be customised using the ``logs_retrieval_methodology`` configuration field:
+
+.. code-block:: yaml
+
+  toolsets:
+    coralogix/logs:
+      enabled: true
+      config:
+        # Possible values are:
+        #  - FREQUENT_SEARCH_ONLY
+        #  - ARCHIVE_ONLY
+        #  - ARCHIVE_FALLBACK  <- default value
+        #  - FREQUENT_SEARCH_FALLBACK
+        #  - BOTH_FREQUENT_SEARCH_AND_ARCHIVE
+        logs_retrieval_methodology: ARCHIVE_FALLBACK # default value
+        ...
+
+Here is a description of each possible log retrieval methodology:
+
+- **FREQUENT_SEARCH_ONLY** Always fetch logs using a frequent search.
+- **ARCHIVE_ONLY** Always fetch logs using the archive.
+- **ARCHIVE_FALLBACK** Use a frequent search first. If there are no results, fallback to searching archived logs. **This is the default behaviour.**
+- **FREQUENT_SEARCH_FALLBACK** Search logs in the archive first. If there are no results, fallback to searching the frequent logs.
+- **BOTH_FREQUENT_SEARCH_AND_ARCHIVE** Always use both the frequent search and the archive to fetch logs. The result contains merged data which is deduplicated and sorted by timestamp.
 
 **Search labels**
 
-You can tweak the labels used by the toolset to identify kubernetes resources. This is only needed if your
-logs settings for ``pod``, ``namespace``, and ``app`` differ from the defaults in the example above.
+You can tweak the labels used by the toolset to identify kubernetes resources. This is **optional** and only needed if your
+logs settings for ``pod``, ``namespace``, ``application`` and ``subsystem`` differ from the defaults in the example below.
+
+.. code-block:: yaml
+
+  toolsets:
+    coralogix/logs:
+      enabled: true
+      config:
+        labels: # OPTIONAL: tweak the filters used by HolmesGPT if your coralogix configuration is non standard
+          namespace: "kubernetes.namespace_name"
+          pod: "kubernetes.pod_name"
+          application: "coralogix.metadata.applicationName"
+          subsystem: "coralogix.metadata.subsystemName"
+        ...
+
 
 You can verify what labels to use by attempting to run a query in the coralogix ui:
 
@@ -111,5 +149,5 @@ Capabilities
 
    * - Tool Name
      - Description
-   * - coralogix_fetch_logs
-     - Retrieve logs from Coralogix
+   * - fetch_coralogix_logs_for_resource
+     - Retrieve logs using coralogix
diff --git a/docs/configuration/holmesgpt/toolsets/robusta.rst b/docs/configuration/holmesgpt/toolsets/robusta.rst
@@ -3,7 +3,7 @@ Robusta :checkmark:`_`
 .. include:: ./_toolset_enabled_by_default.inc.rst
 
 By enabling this toolset, HolmesGPT will be able to fetch alerts metadata. It allows HolmesGPT to fetch information
-about specific issues when chatting using "Ask Holmes". This toolset is not necessary for Root Cause Analysis.
+about specific issues when chatting using "Ask HolmesGPT". This toolset is not necessary for Root Cause Analysis.
 
 Configuration
 -------------
diff --git a/docs/configuration/sinks/Opsgenie.rst b/docs/configuration/sinks/Opsgenie.rst
@@ -14,7 +14,9 @@ We can add Prometheus alert labels into Opsgenie alert extra details by setting
 Configuring the OpsGenie sink
 ------------------------------------------------
 
-.. admonition:: Add this to your generated_values.yaml
+The OpsGenie sink supports static and dynamic team routing, optional fallback teams, tagging, and enrichment with Kubernetes labels.
+
+.. admonition:: Add this to your `generated_values.yaml`
 
     .. code-block:: yaml
 
@@ -23,13 +25,32 @@ Configuring the OpsGenie sink
             name: ops_genie_sink
             api_key: OpsGenie integration API key  # configured from OpsGenie team integration
             teams:
-            - "noc"
-            - "sre"
+            - "noc"                  # Static team
+            - "$labels.team"  # Dynamic routing based on alert labels or annotations.
+                              # For example, if an alert subject has `team=infra`, it routes to the "infra" team.
+                              # Use $labels.<label_name> or $annotations.<label_name> as placeholders.
+            default_team: "oncall"   # Optional fallback team for Dynamic team routing
             tags:
             - "prod a"
             extra_details_labels: false # optional, default is false
 
-Save the file and run
+In this example:
+
+- Alerts will be routed to the **"noc"** team by default.
+- If the alert includes a **"team" label**, it will also be routed to the value of that label.
+- If the **"team" label is missing**, the alert will be routed to the **"oncall"** team as a fallback.
+- The tag **"prod a"** will be included with every alert.
+- Kubernetes labels **will not be added** to alert details, as `extra_details_labels` is set to `false`.
+
+.. note::
+
+   - Dynamic team routing using label-based templates (e.g., ``$labels.team``) is only supported on **OpsGenie Standard** or **Enterprise** plans.
+     If you are on a Free or Essentials plan, these templates will not function as expected.
+
+   - The API key must be from a **Global API Integration** for dynamic routing to work.
+     If you use a **team-specific API key**, alerts will be routed **only to that team**.
+
+Save the file and apply the configuration:
 
 .. code-block:: bash
    :name: cb-add-opsgenie-sink
diff --git a/src/robusta/core/sinks/opsgenie/opsgenie_sink.py b/src/robusta/core/sinks/opsgenie/opsgenie_sink.py
@@ -4,6 +4,7 @@
 import opsgenie_sdk
 
 from robusta.core.reporting.base import Enrichment, Finding, FindingSeverity
+from robusta.core.sinks.common.channel_transformer import ChannelTransformer
 from robusta.core.sinks.opsgenie.opsgenie_sink_params import OpsGenieSinkConfigWrapper
 from robusta.core.sinks.sink_base import SinkBase
 from robusta.core.sinks.transformer import Transformer
@@ -22,9 +23,18 @@ def __init__(self, sink_config: OpsGenieSinkConfigWrapper, registry):
 
         self.api_key = sink_config.opsgenie_sink.api_key
         self.teams = sink_config.opsgenie_sink.teams
+        self.default_team = sink_config.opsgenie_sink.default_team
         self.tags = sink_config.opsgenie_sink.tags
         self.extra_details_labels = sink_config.opsgenie_sink.extra_details_labels
 
+        # Check for dangerous configuration
+        has_templates = any("$" in team for team in self.teams)
+        if has_templates and not self.default_team:
+            logging.warning(
+                "OpsGenie sink is configured with templated team names but no default_team specified. "
+                "Alerts may fail to route if the required label or annotation is missing."
+            )
+
         opsgenie_sdk.configuration.Configuration.set_default(None)
         self.conf = opsgenie_sdk.configuration.Configuration()
         self.conf.api_key["Authorization"] = self.api_key
@@ -73,17 +83,55 @@ def __ack_alert(self, fingerprint: str, user: str, note: str):
         except opsgenie_sdk.ApiException as err:
             logging.error(f"Error acking opsGenie alert {fingerprint} {err}", exc_info=True)
 
+    def __get_teams(self, finding: Finding) -> List[str]:
+        """Get the list of teams for the alert, resolving any templates in the team names."""
+        teams = []
+        for team_template in self.teams:
+            try:
+                if "$" in team_template:
+                    # Only process templates that contain variables
+                    team = ChannelTransformer.template(
+                        team_template,
+                        self.default_team,  # Use default_team as fallback
+                        self.cluster_name,
+                        finding.subject.labels,
+                        finding.subject.annotations,
+                    )
+                    if team and team not in teams:  # Only add non-null, de-duped teams
+                        teams.append(team)
+                else:
+                    # Use static team name directly
+                    if team_template not in teams:  # Only add de-duped teams
+                        teams.append(team_template)
+            except Exception as e:
+                logging.warning(
+                    f"Failed to process team template {team_template} for alert subject {finding.service_key}: {e}"
+                )
+                continue
+
+        # If no teams were resolved and we have a default team, use it
+        if not teams and self.default_team and self.default_team not in teams:
+            teams.append(self.default_team)
+        elif not teams and self.teams:  # dynamic routing failed and no default team configured
+            logging.warning(f"No valid teams resolved for finding {finding.title}. Alert may not be routed properly.")
+
+        return teams
+
     def __open_alert(self, finding: Finding, platform_enabled: bool):
         description = self.__to_description(finding, platform_enabled)
         details = self.__to_details(finding)
         tags = self.tags.copy()
         tags.insert(0, self.cluster_name)
+
+        # Get teams based on templates
+        teams = self.__get_teams(finding)
+
         body = opsgenie_sdk.CreateAlertPayload(
             source="Robusta",
             message=finding.title,
             description=description,
             alias=finding.fingerprint,
-            responders=[{"name": team, "type": "team"} for team in self.teams],
+            responders=[{"name": team, "type": "team"} for team in teams],
             details=details,
             tags=tags,
             entity=finding.service_key,
diff --git a/src/robusta/core/sinks/opsgenie/opsgenie_sink_params.py b/src/robusta/core/sinks/opsgenie/opsgenie_sink_params.py
@@ -7,6 +7,7 @@
 class OpsGenieSinkParams(SinkBaseParams):
     api_key: str
     teams: List[str] = []
+    default_team: Optional[str] = None
     tags: List[str] = []
     host: Optional[str] = None  # NOTE: If None, the default value will be used from opsgenie_sdk
     extra_details_labels: Optional[bool] = False
diff --git a/src/robusta/integrations/slack/sender.py b/src/robusta/integrations/slack/sender.py
@@ -353,7 +353,7 @@ def __create_holmes_callback(self, finding: Finding) -> CallbackBlock:
 
         return CallbackBlock(
             {
-                "Ask Holmes": CallbackChoice(
+                "Ask HolmesGPT": CallbackChoice(
                     action=ask_holmes,
                     action_params=AIInvestigateParams(
                         resource=resource, investigation_type="issue", ask="Why is this alert firing?", context=context
diff --git a/tests/test_opsgenie_sink.py b/tests/test_opsgenie_sink.py

Original file line number	Diff line number	Diff line change
`@@ -353,7 +353,7 @@ def __create_holmes_callback(self, finding: Finding) -> CallbackBlock:`
`353`	`353`
`354`	`354`	`return CallbackBlock(`
`355`	`355`	`{`
`356`		`- "Ask Holmes": CallbackChoice(`
	`356`	`+ "Ask HolmesGPT": CallbackChoice(`
`357`	`357`	`action=ask_holmes,`
`358`	`358`	`action_params=AIInvestigateParams(`
`359`	`359`	`resource=resource, investigation_type="issue", ask="Why is this alert firing?", context=context`