GitVita
New repositoryImport repositoryNew issue
Your repositories Your dashboard Sign in

cloudflare/pint

Public

mirrored fromhttps://github.com/cloudflare/pintAvailable

Watch0Fork0Star0
CodeCommitsIssuesPull requestsActionsInsightsSecurity
v0.75.0

Branches

Tags

  • No tags available.
0Branches0Tags
Go to file
Add file
Code

Clone

HTTPS

Download ZIP

pint/docs/examples

docs/examples/config.hcl

144lines · modecode

RawDownload
Latest commit unavailable.
1# Define "prod" Prometheus instance that will only be used for
2# rules defined in file matching "alerting/prod/.+" or "recording/prod/.+".
3prometheus "prod" {
4 uri = "https://prod.example.com"
5 failover = [ "https://prod-backup.example.com" ]
6 headers = {
7 "X-Auth": "secret",
8 "X-User": "bob"
9 }
10 timeout = "30s"
11 include = [
12 "alerting/prod/.+",
13 "recording/prod/.+",
14 ]
15 exclude = [
16 "alerting/prod/.+.txt",
17 ]
18}
19
20# Define "dev" Prometheus instance that will be use for all rule checks.
21prometheus "dev" {
22 uri = "https://dev.example.com"
23 timeout = "60s"
24}
25
26# Disable smelly selectors warning in promql/regexp check.
27check "promql/regexp" {
28 smelly = false
29}
30
31rule {
32 # Disallow spaces in label/annotation keys, they're only allowed in values.
33 reject ".* +.*" {
34 label_keys = true
35 annotation_keys = true
36 }
37
38 # Disallow URLs in labels, they should go to annotations.
39 reject "https?://.+" {
40 label_keys = true
41 label_values = true
42 }
43}
44
45rule {
46 # This block will apply to all alerting rules.
47 match {
48 kind = "alerting"
49 }
50
51 # Each alert must have a 'summary' annotation on every alert.
52 annotation "summary" {
53 severity = "bug"
54 required = true
55 }
56
57 # Each alert must have a 'dashboard' annotation that links to grafana.
58 annotation "dashboard" {
59 severity = "bug"
60 value = "https://grafana.example.com/(.+)"
61 }
62
63 # Each alert must have a 'severity' annotation that's either 'critical' or 'warning'.
64 label "severity" {
65 severity = "bug"
66 value = "(critical|warning)"
67 required = true
68 }
69
70 # Check how many times each alert would fire in the last 1d.
71 alerts {
72 range = "1d"
73 step = "1m"
74 resolve = "5m"
75 }
76
77 # Validate all links to ensure they point to pages that do exist.
78 link "https?://(.+)" {
79 severity = "warning"
80 timeout = "30s"
81 # Pass custom headers to all requests
82 headers = {
83 # Read X-Auth value from environment variable AUTH_KEY
84 X-Auth = "${ENV_AUTH_KEY}"
85 }
86 }
87}
88
89rule {
90 # This block will apply to all alerting rules with severity="critical" label set.
91 match {
92 kind = "alerting"
93
94 label "severity" {
95 value = "critical"
96 }
97 }
98
99 # All severity="critical" alerts must have a runbook link as annotation.
100 annotation "runbook" {
101 severity = "bug"
102 value = "https://runbook.example.com/.+"
103 required = true
104 }
105}
106
107rule {
108 # This block will apply to all recording rules.
109 match {
110 kind = "recording"
111 }
112
113 # Ensure that all aggregations are preserving "job" label.
114 aggregate ".+" {
115 severity = "bug"
116 keep = ["job"]
117 }
118
119 # Enable cost checks that will print the number of returned time series and try
120 # to estimate total memory usage.
121 cost {}
122}
123
124rule {
125 # This block will apply to all recording rules in "recording/federation" directory.
126 match {
127 kind = "recording"
128 path = "recording/federation/.+"
129 }
130
131 # All recording rules named "cluster:.+" must strip "instance" label when aggregating.
132 # Example rule that would raise a linter error:
133 # - record: cluster:http_requests:rate5m
134 # expr: sum(rate(http_requests_total[5m])) by (job, instance)
135 # Rules that would be allowed:
136 # - record: cluster:http_requests:rate5m
137 # expr: sum(rate(http_requests_total[5m])) by (job)
138 # - record: cluster:http_requests:rate5m
139 # expr: sum(rate(http_requests_total[5m]))
140 aggregate "cluster:.+" {
141 severity = "bug"
142 strip = ["instance"]
143 }
144}
145