The IdentityManagerLastSessionRefreshErrorView appears to be a duplicate
of IdentityManagerLastUserRefreshErrorView. Adjust it to use the
matching identityManagerLastSessionRefreshError instead.
* Refactor trace config to match supported otel options
* use duration instead of int64 for otel timeouts
* change 'trace client updated' log level to debug
* update tracing config definitions
* new tracing system
* performance improvements
* only configure tracing in envoy if it is enabled in pomerium
* [tracing] refactor to use custom extension for trace id editing (#5420)
refactor to use custom extension for trace id editing
* set default tracing sample rate to 1.0
* fix proxy service http middleware
* improve some existing auth related traces
* test fixes
* bump envoyproxy/go-control-plane
* code cleanup
* test fixes
* Fix missing spans for well-known endpoints
* import extension apis from pomerium/envoy-custom
Currently there appears to be a test order dependency between a couple
of the info_test.go test cases and the Test_PrometheusHandler test. This
can be exposed by running:
go test -count 2 ./internal/telemetry/metrics
The test cases in info_test.go overwrite the global 'registry' variable,
which seems to prevent Test_PrometheusHandler from being able to export
the internal Go metrics. Add a helper method to restore the original
registry after these test cases.
The writeMetricsMux() method instantiates a buffered writer but does not
call Flush() after it is done writing. As a result the metrics output
may be incomplete.
* Initial envoy cgroup resource monitor implementation
* Add cgroupv1 support; add metrics instrumentation
* Slight refactor for more efficient memory limit detection
Instead of reading memory.max/limit_in_bytes on every tick, we
read it once, then again only when it is modified.
To support this change, logic for computing the saturation was moved out
of the cgroup driver and into the resource monitor, and the driver
interface now has separate methods for reading memory usage and limit.
* Code cleanup/lint fixes
* Add platform build tags
* Add unit tests
* Fix lint issues
* Add runtime flag to allow disabling resource monitor
* Clamp saturation values to the range [0.0, 1.0]
* Switch to x/sys/unix; handle inotify IN_IGNORED events
If a request is made to the Pomerium metrics endpoint with an Accept
header requesting the Prometheus protobuf exposition format, some
metrics will be missing from the response.
These missing metrics are obtained by replaying the incoming request to
an OpenCensus metrics exporter. This exporter honors the request for the
protobuf format, however Pomerium expects this response to be in the
text format.
We can avoid this mismatch by explicitly requesting the text format from
the OpenCensus exporter, regardless of the incoming request's Accept
header.
(Note: the Pomerium metrics endpoint always responds with text format
metrics, even if the protobuf format is requested.)
* config: add enable_google_cloud_serverless_authentication to config protobuf
* use dependency injection for embedded envoy provider
* Revert "use dependency injection for embedded envoy provider"
This reverts commit 5c08990501.
* config: attach envoy version to Config to avoid metrics depending on envoy/files
