cloudflare/pint

Public

mirrored from https://github.com/cloudflare/pintAvailable

CodeCommitsIssuesPull requestsActionsInsightsSecurity
v0.32.0

Branches

Tags

  • No tags available.
0Branches0Tags
Go to file
Add file
Code

Clone

HTTPS

Download ZIP

docs/examples/config.hcl

138lines · modecode

1# Define "prod" Prometheus instance that will only be used for
2# rules defined in file matching "alerting/prod/.+" or "recording/prod/.+".
3prometheus "prod" {
4 uri = "https://prod.example.com"
5 failover = [ "https://prod-backup.example.com" ]
6 headers = {
7 "X-Auth": "secret",
8 "X-User": "bob"
9 }
10 timeout = "30s"
11 include = [
12 "alerting/prod/.+",
13 "recording/prod/.+",
14 ]
15 exclude = [
16 "alerting/prod/.+.txt",
17 ]
18}
19
20# Define "dev" Prometheus instance that will be use for all rule checks.
21prometheus "dev" {
22 uri = "https://dev.example.com"
23 timeout = "60s"
24}
25
26rule {
27 # Disallow spaces in label/annotation keys, they're only allowed in values.
28 reject ".* +.*" {
29 label_keys = true
30 annotation_keys = true
31 }
32
33 # Disallow URLs in labels, they should go to annotations.
34 reject "https?://.+" {
35 label_keys = true
36 label_values = true
37 }
38}
39
40rule {
41 # This block will apply to all alerting rules.
42 match {
43 kind = "alerting"
44 }
45
46 # Each alert must have a 'summary' annotation on every alert.
47 annotation "summary" {
48 severity = "bug"
49 required = true
50 }
51
52 # Each alert must have a 'dashboard' annotation that links to grafana.
53 annotation "dashboard" {
54 severity = "bug"
55 value = "https://grafana.example.com/(.+)"
56 }
57
58 # Each alert must have a 'severity' annotation that's either 'critical' or 'warning'.
59 label "severity" {
60 severity = "bug"
61 value = "(critical|warning)"
62 required = true
63 }
64
65 # Check how many times each alert would fire in the last 1d.
66 alerts {
67 range = "1d"
68 step = "1m"
69 resolve = "5m"
70 }
71
72 # Validate all links to ensure they point to pages that do exist.
73 link "https?://(.+)" {
74 severity = "warning"
75 timeout = "30s"
76 # Pass custom headers to all requests
77 headers = {
78 X-Auth = "secret key"
79 }
80 }
81}
82
83rule {
84 # This block will apply to all alerting rules with severity="critical" label set.
85 match {
86 kind = "alerting"
87
88 label "severity" {
89 value = "critical"
90 }
91 }
92
93 # All severity="critical" alerts must have a runbook link as annotation.
94 annotation "runbook" {
95 severity = "bug"
96 value = "https://runbook.example.com/.+"
97 required = true
98 }
99}
100
101rule {
102 # This block will apply to all recording rules.
103 match {
104 kind = "recording"
105 }
106
107 # Ensure that all aggregations are preserving "job" label.
108 aggregate ".+" {
109 severity = "bug"
110 keep = ["job"]
111 }
112
113 # Enable cost checks that will print the number of returned time series and try
114 # to estimate total memory usage.
115 cost {}
116}
117
118rule {
119 # This block will apply to all recording rules in "recording/federation" directory.
120 match {
121 kind = "recording"
122 path = "recording/federation/.+"
123 }
124
125 # All recording rules named "cluster:.+" must strip "instance" label when aggregating.
126 # Example rule that would raise a linter error:
127 # - record: cluster:http_requests:rate5m
128 # expr: sum(rate(http_requests_total[5m])) by (job, instance)
129 # Rules that would be allowed:
130 # - record: cluster:http_requests:rate5m
131 # expr: sum(rate(http_requests_total[5m])) by (job)
132 # - record: cluster:http_requests:rate5m
133 # expr: sum(rate(http_requests_total[5m]))
134 aggregate "cluster:.+" {
135 severity = "bug"
136 strip = ["instance"]
137 }
138}
139