Initial proposal to create new counters/timeseries to account for tasknames and namespaces

[nistar]

Changes

Created new const values for a possible future functionality

We're trying to implement the following solution:

Having some metric statistics on container signing, meaning "this many containers were generated, this many were signed, this many weren't". Having a namespace categorization would be helpful.

Submitter Checklist

As the author of this PR, please check off the items in this checklist:

• Has Docs included if any changes are user facing
• Has Tests included if any functionality added or changed
• Follows the commit message standard
• Meets the Tekton contributor standards (including
  functionality, content, code)
• Release notes block below has been updated with any user facing changes (API changes, bug fixes, changes requiring upgrade notices or deprecation warnings)
• Release notes contains the string "action required" if the change requires additional action from users switching to the new release

Release Notes

NONE

[linux-foundation-easycla]

• ✅ login: nistar / name: Alex Vilensky (7097e28, 1e28bad, d2c736e, 6bc5b00, 0790196, b1a8c9e, 9721264, 635bd0f, b664f2a, 65b92ad, 9362db3, 9c2aedf)
• ❌ The email address for the commit (cd383dc, ea89816, 9060c18, e9054f3) is not linked to the GitHub account, preventing the EasyCLA check. Consult this Help Article and GitHub Help to resolve. (To view the commit's email address, add .patch at the end of this PR page's URL.) For further assistance with EasyCLA, please submit a support request ticket.

[tekton-robot]

Hi @nistar. Thanks for your PR.

I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[tekton-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please assign chuangw6 after the PR has been reviewed.
You can assign the PR to them by writing /assign @chuangw6 in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[PuneetPunamiya]

@nistar Can you please sign the SLA

[PuneetPunamiya]

/ok-to-test

[nistar]

/ok-to-test

@nistar Can you please sign the SLA

Done. Please, let me know if I need to provide more info

[lcarva]

How's this different than PipelineRunSignedName ?

Actually, I'm not sure how any of the ones being added are different than the existing ones. What am I missing?

[nistar]

The ones currently used produce totals across the entire cluster. We need a more detailed information, such as a namespace, taskname, success/failure and other kinds of labels attached to the counters. So my proposal is to leave the old ones alone and create a new time series that can be utilized to display info related to individual projects in Grafana or some other tool.

[lcarva]

That makes sense. Can we make the name and description indicative of this?

[nistar]

Do we have a naming convention?

[lcarva]

Not an official one. I would just like to make it obvious that certain metric is namespace based. Does that make sense?

[nistar]

Absolutely

[nistar]

Does it look ok?

[nistar]

Hi @lcarva do the names look ok to you?

[lcarva]

Sorry for the delay! Yes, that looks reasonable. Were you thinking about doing the same for TaskRuns as well?

[nistar]

Yes, just wanted to make small and manageable changes at a time.

[tekton-robot]

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File	Old Coverage	New Coverage	Delta
pkg/pipelinerunmetrics/metrics.go	84.6%	76.5%	-8.1

[tekton-robot]

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File	Old Coverage	New Coverage	Delta
pkg/pipelinerunmetrics/metrics.go	84.6%	76.5%	-8.1

[tekton-robot]

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File	Old Coverage	New Coverage	Delta
pkg/pipelinerunmetrics/metrics.go	84.6%	76.5%	-8.1

[tekton-robot]

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File	Old Coverage	New Coverage	Delta
pkg/pipelinerunmetrics/metrics.go	84.6%	76.5%	-8.1

[nistar]

It looks like we don't honor storage.oci.repository.insecure flag on every execution path and it results in https/http protocol errors when trying to communicate with insecure registries like kind. I've added a few checks to make sure it's implemented. Welcome any comments/suggestions

[nistar]

@lcarva @PuneetPunamiya I've modified a couple of files to honor the storage.oci.repository.insecure flag to be able to test with kind registry. What are your thoughts on this?

[tekton-robot]

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File	Old Coverage	New Coverage	Delta
pkg/pipelinerunmetrics/metrics.go	84.6%	76.5%	-8.1

[tekton-robot]

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File	Old Coverage	New Coverage	Delta
pkg/pipelinerunmetrics/metrics.go	84.6%	76.5%	-8.1

[lcarva]

@lcarva @PuneetPunamiya I've modified a couple of files to honor the storage.oci.repository.insecure flag to be able to test with kind registry. What are your thoughts on this?

@nistar, I don' think name.Digest queries the registry. Have you actually seen this cause an error?

[nistar]

@lcarva @PuneetPunamiya I've modified a couple of files to honor the storage.oci.repository.insecure flag to be able to test with kind registry. What are your thoughts on this?

@nistar, I don' think name.Digest queries the registry. Have you actually seen this cause an error?

@lcarva The code eventually ends up calling Ping:

resulting in "using https with http protocol" error message

[lcarva]

@nistar ah! name.NewDigest creates a new object that stores the insecure registry option. This is later used in queries to the registry. Good find!

Could you open a separate PR for that? 🙏

[tekton-robot]

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File	Old Coverage	New Coverage	Delta
pkg/pipelinerunmetrics/metrics.go	84.6%	76.5%	-8.1

[tekton-robot]

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File	Old Coverage	New Coverage	Delta
pkg/pipelinerunmetrics/metrics.go	84.6%	76.5%	-8.1

[tekton-robot]

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File	Old Coverage	New Coverage	Delta
pkg/pipelinerunmetrics/metrics.go	84.6%	76.5%	-8.1

[tekton-robot]

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File	Old Coverage	New Coverage	Delta
pkg/pipelinerunmetrics/metrics.go	84.6%	76.5%	-8.1

[tekton-robot]

The following is the coverage report on the affected files.
Say /test pull-tekton-chains-go-coverage to re-run this coverage report

File	Old Coverage	New Coverage	Delta
pkg/pipelinerunmetrics/metrics.go	84.6%	76.5%	-8.1

[tekton-robot]

@nistar: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-tekton-chains-unit-tests	9362db3	link	true	/test pull-tekton-chains-unit-tests
pull-tekton-chains-integration-tests	9362db3	link	true	/test pull-tekton-chains-integration-tests

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.