fix: validate nonzero duration in AlertmanagerConfig

[kartikangiras]

Description

added a nonzero duration function for group_interval and repeat_interval in alertmanagerconfig for incorrect validation

Closes: #6594

Type of change

What type of changes does your code introduce to the Prometheus operator? Put an x in the box that apply.

• CHANGE (fix or feature that would cause existing functionality to not work as expected)
• FEATURE (non-breaking change which adds functionality)
• BUGFIX (non-breaking change which fixes an issue)
• ENHANCEMENT (non-breaking change which improves existing functionality)
• NONE (if none of the other choices apply. Example, tooling, build system, CI, docs, etc.)

Verification

Please check the Prometheus-Operator testing guidelines for recommendations about automated tests.

Changelog entry

Please put a one-line changelog entry below. This will be copied to the changelog file during the release process.

[slashpai]

Thank you for the PR

I think this would be better to handle at API level http://github.com/prometheus-operator/prometheus-operator/blob/a198a5ff2c4b99ec614d5f28463cc0b19d272430/pkg/apis/monitoring/v1alpha1/alertmanager_config_types.go#L110-L120

[slashpai]

@ikartiksh Can you address #8126 (comment)?

[kartikangiras]

Thank you for the PR

I think this would be better to handle at API level http://github.com/prometheus-operator/prometheus-operator/blob/a198a5ff2c4b99ec614d5f28463cc0b19d272430/pkg/apis/monitoring/v1alpha1/alertmanager_config_types.go#L110-L120

@slashpai i think it has been already addressed to handle at the api level.

[slashpai]

You would need to add validation // +kubebuilder:validation:Pattern in

prometheus-operator/pkg/apis/monitoring/v1alpha1/alertmanager_config_types.go

Lines 110 to 120 in a198a5f

	GroupWait string `json:"groupWait,omitempty"`
	// groupInterval defines how long to wait before sending an updated notification.
	// Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$`
	// Example: "5m"
	// +optional
	GroupInterval string `json:"groupInterval,omitempty"`
	// repeatInterval defines how long to wait before repeating the last notification.
	// Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$`
	// Example: "4h"
	// +optional
	RepeatInterval string `json:"repeatInterval,omitempty"`

ref: https://book.kubebuilder.io/reference/markers/crd-validation

[slashpai]

You would need to run make --always-make format generate after updating API

Also lets create a new test in e2e test after

prometheus-operator/test/e2e/alertmanager_test.go

Line 987 in ca5bf4a

func testAlertmanagerConfigCRD(t *testing.T) {

You can create something similar to

prometheus-operator/test/e2e/prometheus_test.go

Line 4340 in ca5bf4a

func testPrometheusCRDValidation(t *testing.T) {

[kartikangiras]

You would need to run make --always-make format generate after updating API

Also lets create a new test in e2e test after

prometheus-operator/test/e2e/alertmanager_test.go

Line 987 in ca5bf4a

func testAlertmanagerConfigCRD(t *testing.T) {

You can create something similar to

prometheus-operator/test/e2e/prometheus_test.go

Line 4340 in ca5bf4a

func testPrometheusCRDValidation(t *testing.T) {

sure, i am onto the tests for the same.

[kartikangiras]

@slashpai i have added the e2e test for the code change.

[simonpasquier]

Sorry for misleading you but it looks like group and repeat intervals with zero value are always rejected (not only for the top-level route).
One option could be that the operator "hides" the problem by not setting the field in the generated configuration if it detects a zero value but I'm not sure that we want this.

[kartikangiras]

Sorry for misleading you but it looks like group and repeat intervals with zero value are always rejected (not only for the top-level route). One option could be that the operator "hides" the problem by not setting the field in the generated configuration if it detects a zero value but I'm not sure that we want this.

@simonpasquier should i just then apply the same changes to v1beta1 along with the positive duration function and the the operator hides the problem by not setting the field.

[simonpasquier]

Ok I think that I've settled my mind :)
First think to note: zero durations are indeed forbidden for repeat/group intervals. So my plan would:

• Change the GroupInterval and RepeatInterval fields to *monv1.Duration type. It will avoid maintaining another regexp only for duration > 0.
• As a consequence when we generate the final configuration, *route.sanitize() should check the duration values and reset to the empty string if the input value is 0.

Bonus question: I suspect that the Alertmanager would also crash if we provision an 0 interval via the Kubernetes secret method?

[kartikangiras]

thanks @simonpasquier for the approach to follow up and it is good to go.

for the bonus question, yes the alertmanager would crash when provisioned with 0 internal via the k8s secret due to the misconfiguration.

[kartikangiras]

Ok I think that I've settled my mind :) First think to note: zero durations are indeed forbidden for repeat/group intervals. So my plan would:

• Change the GroupInterval and RepeatInterval fields to *monv1.Duration type. It will avoid maintaining another regexp only for duration > 0.
• As a consequence when we generate the final configuration, *route.sanitize() should check the duration values and reset to the empty string if the input value is 0.

Bonus question: I suspect that the Alertmanager would also crash if we provision an 0 interval via the Kubernetes secret method?

@simonpasquier while checking out I see that using *route.sanitize() may not be a feasible option for checking the final configuration, instead we may use CEL validation something like this // kubebuilder:validation:XValidation:rule="self == '' || duration(self) > duration('0s')",message="repeat_interval must be greater than 0"

[simonpasquier]

while checking out I see that using *route.sanitize() may not be a feasible option for checking the final configuration, instead we may use CEL validation

I'm not sure to understand... Eventually route.sanitize should always do its best to verify that the assembled configuration is valid.

[kartikangiras]

@simonpasquier made all the required changes.
thanks.

[simonpasquier]

Conclustion from our discussion after today's office hours:

• We want the 3 fields to be of type *monitoringv1.NonEmptyDuration which will ensure that the values are valid durations for Alertmanager at the API level.
• When generating the final Alertmanager configuration, the operator should reset GroupInterval and RepeatInterval values to the empty string if the value parses to a zero duration. It covers the 2 options to provision the configuration: AlertmanagerConfig custom resources and Kubernetes Secret.
• We continue validating that the values are valid durations in pkg/alertmanager/validation/v1alpha1/validation.go and pkg/alertmanager/validation/v1beta1/validation.go to account for the fact that users might update their operator without upgrading the CRDs immediatly. This extra validation can be removed starting with v0.91.

[kartikangiras]

@simonpasquier I think everything mentioned is already covered up and implemented in the code.