feat: monitoring for the vulnz cli (#230) #236
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add a .gitattributes file to enforce LF line endings for .sh and .conf files on checkout. This ensures consistent line endings across different operating systems, preventing potential issues with scripts and configuration files. Running dockerfile under Windows failed with CRLF
Introduced Prometheus metrics integration for the application, enabling metrics reporting via a scheduled file writer when metrics are enabled. Updated dependencies to include necessary Prometheus libraries and modified configurations and documentation to support this new feature. The scheduling feature can be enabled by setting the environment variable METRICS_ENABLE to true. However, metrics will only be written to the /metrics endpoint if the vulnz CLI is running. Additionally, the container's version will be printed to the console during startup.
refflinghaus
changed the title
jeremylong
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
1.) To better monitor the vulzn CLI, a scheduler has been implemented that writes metrics to the htdocs folder. These metrics can be read by a Prometheus system, for example. Metrics are only written if the vulzn CLI is also running. This feature is disabled by default and can be enabled via the ENV variable
METRICS_ENABLE=true. This is used for better analysis of memory issues. The metrics can be accessed via HTTP at /metrics. This additional metrics file does not affect the OWASP dependency check. To achieve this, new dependencies had to be added to the project. Currently, only the standard JVM metrics are being written, but it can also be extended to include custom metrics.2.) As an additional improvement to track version changes based on the log, the banner was extended to include the version number.
3.) .gitattribute added for building the docker image under Windows OS, because of CRLF and LF problems
4.) readme.md Configuration extended with missing ENV vars.
