Browse Source

Add metric to breached-password check

merge-requests/126/merge
Deimos 4 years ago
parent
commit
a70cc61499
  1. 4
      tildes/tests/test_metrics.py
  2. 3
      tildes/tildes/lib/password.py
  3. 27
      tildes/tildes/metrics.py

4
tildes/tests/test_metrics.py

@ -1,12 +1,12 @@
# Copyright (c) 2018 Tildes contributors <code@tildes.net> # Copyright (c) 2018 Tildes contributors <code@tildes.net>
# SPDX-License-Identifier: AGPL-3.0-or-later # SPDX-License-Identifier: AGPL-3.0-or-later
from tildes.metrics import _COUNTERS, _HISTOGRAMS
from tildes.metrics import _COUNTERS, _HISTOGRAMS, _SUMMARIES
def test_all_metric_names_prefixed(): def test_all_metric_names_prefixed():
"""Ensure all metric names have the 'tildes_' prefix.""" """Ensure all metric names have the 'tildes_' prefix."""
for metric_dict in (_COUNTERS, _HISTOGRAMS):
for metric_dict in (_COUNTERS, _HISTOGRAMS, _SUMMARIES):
metrics = metric_dict.values() metrics = metric_dict.values()
for metric in metrics: for metric in metrics:
# this is ugly, but seems to be the "generic" way to get the name # this is ugly, but seems to be the "generic" way to get the name

3
tildes/tildes/lib/password.py

@ -7,6 +7,8 @@ from hashlib import sha1
from redis import ConnectionError, Redis, ResponseError # noqa from redis import ConnectionError, Redis, ResponseError # noqa
from tildes.metrics import summary_timer
# unix socket path for redis server with the breached passwords bloom filter # unix socket path for redis server with the breached passwords bloom filter
BREACHED_PASSWORDS_REDIS_SOCKET = "/run/redis_breached_passwords/socket" BREACHED_PASSWORDS_REDIS_SOCKET = "/run/redis_breached_passwords/socket"
@ -15,6 +17,7 @@ BREACHED_PASSWORDS_REDIS_SOCKET = "/run/redis_breached_passwords/socket"
BREACHED_PASSWORDS_BF_KEY = "breached_passwords_bloom" BREACHED_PASSWORDS_BF_KEY = "breached_passwords_bloom"
@summary_timer("breached_password_check")
def is_breached_password(password: str) -> bool: def is_breached_password(password: str) -> bool:
"""Return whether the password is in the breached-passwords list.""" """Return whether the password is in the breached-passwords list."""
redis = Redis(unix_socket_path=BREACHED_PASSWORDS_REDIS_SOCKET) redis = Redis(unix_socket_path=BREACHED_PASSWORDS_REDIS_SOCKET)

27
tildes/tildes/metrics.py

@ -9,7 +9,7 @@
from typing import Callable from typing import Callable
from prometheus_client import Counter, Histogram
from prometheus_client import Counter, Histogram, Summary
_COUNTERS = { _COUNTERS = {
@ -50,6 +50,13 @@ _HISTOGRAMS = {
), ),
} }
_SUMMARIES = {
"breached_password_check": Summary(
"tildes_breached_password_check_seconds",
"Time spent checking whether a password is in the breached list",
),
}
def incr_counter(name: str, amount: int = 1, **labels: str) -> None: def incr_counter(name: str, amount: int = 1, **labels: str) -> None:
"""Increment a Prometheus counter.""" """Increment a Prometheus counter."""
@ -80,3 +87,21 @@ def get_histogram(name: str, **labels: str) -> Histogram:
def histogram_timer(name: str) -> Callable: def histogram_timer(name: str) -> Callable:
"""Return the .time() decorator for a Prometheus histogram.""" """Return the .time() decorator for a Prometheus histogram."""
return get_histogram(name).time() return get_histogram(name).time()
def get_summary(name: str, **labels: str) -> Summary:
"""Return an (optionally labeled) Prometheus summary by name."""
try:
hist = _SUMMARIES[name]
except KeyError:
raise ValueError("Invalid summary name")
if labels:
hist = hist.labels(**labels)
return hist
def summary_timer(name: str) -> Callable:
"""Return the .time() decorator for a Prometheus summary."""
return get_summary(name).time()
Loading…
Cancel
Save