Add metrics for http origin latency (#30)

* add metrics

Signed-off-by: myajima <myajima@yahoo-corp.jp>
Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* add metrics config

Signed-off-by: myajima <myajima@yahoo-corp.jp>
Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* fix metrics config

Signed-off-by: myajima <myajima@yahoo-corp.jp>
Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* Summary to Histogram

Signed-off-by: myajima <myajima@yahoo-corp.jp>
Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* fix handler test

Signed-off-by: myajima <myajima@yahoo-corp.jp>
Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* add metrics test

Signed-off-by: myajima <myajima@yahoo-corp.jp>
Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* add metrics test

Signed-off-by: myajima <myajima@yahoo-corp.jp>
Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* add metrics ListenAndServe test

Signed-off-by: myajima <myajima@yahoo-corp.jp>
Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* update .licenserc.yaml

Signed-off-by: myajima <myajima@yahoo-corp.jp>
Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* fix authoz_proxyd_test

Signed-off-by: myajima <myajima@yahoo-corp.jp>
Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* change metrics name

Signed-off-by: myajima <myajima@yahoo-corp.jp>
Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* update

Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* fix metrics_test

Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* fix metrics.go

Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* fix metrics interface, unit test

Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* Update transport_test

Signed-off-by: taniwa <taniwa@lycorp.co.jp>

* empty

Signed-off-by: myajima <myajima@lycorp.co.jp>

* update prometheus

Signed-off-by: myajima <myajima@lycorp.co.jp>

* prometheus version

Signed-off-by: myajima <myajima@lycorp.co.jp>

---------

Signed-off-by: myajima <myajima@yahoo-corp.jp>
Signed-off-by: taniwa <taniwa@lycorp.co.jp>
Signed-off-by: myajima <myajima@lycorp.co.jp>
Co-authored-by: taniwa <taniwa@lycorp.co.jp>
Co-authored-by: t4niwa <114040262+t4niwa@users.noreply.github.com>

config/config.go

@@ -72,6 +72,9 @@ type Server struct {
 
 	// Debug represents the debug server configuration.
 	Debug Debug `yaml:"debug"`
+
+	// Metrics represents the metrics server configuration.
+	Metrics `yaml:"metrics"`
 }
 
 // TLS represents the TLS configuration of the authorization proxy.
@@ -98,6 +101,12 @@ type TLS struct {
 	EnableInsecureCipherSuites []string `yaml:"enableInsecureCipherSuites"`
 }
 
+// Metrics represents the metrics server configuration.
+type Metrics struct {
+	// MetricsServerAddr represents the metrics server listening port.
+	Port int `yaml:"port"`
+}
+
 // HealthCheck represents the health check server configuration.
 type HealthCheck struct {
 	// Port represents the server listening port.

config/config_test.go

@@ -110,6 +110,9 @@ func TestNew(t *testing.T) {
 						Dump:      true,
 						Profiling: true,
 					},
+					Metrics: Metrics{
+						Port: 6084,
+					},
 				},
 				Athenz: Athenz{
 					URL:     "https://athenz.io:4443/zts/v1",

go.mod

@@ -9,6 +9,8 @@ replace (
 	github.com/google/go-cmp => github.com/google/go-cmp v0.6.0
 	github.com/google/pprof => github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd
 	github.com/mwitkow/grpc-proxy => github.com/mwitkow/grpc-proxy v0.0.0-20181017164139-0f1106ef9c76
+	github.com/prometheus/client_golang => github.com/prometheus/client_golang v1.19.1
+	github.com/prometheus/common => github.com/prometheus/common v0.48.0
 	golang.org/x/crypto => golang.org/x/crypto v0.22.0
 	golang.org/x/exp => golang.org/x/exp v0.0.0-20240409090435-93d18d7e34b8
 	golang.org/x/image => golang.org/x/image v0.15.0
@@ -36,6 +38,7 @@ require (
 	github.com/kpango/glg v1.6.15
 	github.com/mwitkow/grpc-proxy v0.0.0-20181017164139-0f1106ef9c76
 	github.com/pkg/errors v0.9.1
+	github.com/prometheus/client_golang v1.18.0
 	golang.org/x/sync v0.7.0
 	google.golang.org/grpc v1.58.2
 	google.golang.org/protobuf v1.33.0
@@ -45,19 +48,25 @@ require (
 require (
 	github.com/AthenZ/athenz v1.11.43 // indirect
 	github.com/ardielle/ardielle-go v1.5.2 // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.5 // indirect
 	github.com/kpango/fastime v1.1.9 // indirect
 	github.com/kpango/gache v1.2.8 // indirect
+	github.com/kr/text v0.2.0 // indirect
 	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
 	github.com/lestrrat-go/blackmagic v1.0.2 // indirect
 	github.com/lestrrat-go/httpcc v1.0.1 // indirect
 	github.com/lestrrat-go/iter v1.0.2 // indirect
 	github.com/lestrrat-go/jwx v1.2.26 // indirect
 	github.com/lestrrat-go/option v1.0.1 // indirect
+	github.com/prometheus/client_model v0.5.0 // indirect
+	github.com/prometheus/common v0.48.0 // indirect
+	github.com/prometheus/procfs v0.12.0 // indirect
 	github.com/zeebo/xxh3 v1.0.2 // indirect
 	golang.org/x/crypto v0.22.0 // indirect
 	golang.org/x/net v0.24.0 // indirect

go.sum

@@ -4,6 +4,11 @@ github.com/AthenZ/athenz-authorizer/v5 v5.5.2 h1:Wbmv1AKk+9Z1UejEPDCxm4Vxy1a9H3Q
 github.com/AthenZ/athenz-authorizer/v5 v5.5.2/go.mod h1:WXL+x349690VcELKsQh0srR30OoV68RYLRrVZ/T5qeU=
 github.com/ardielle/ardielle-go v1.5.2 h1:TilHTpHIQJ27R1Tl/iITBzMwiUGSlVfiVhwDNGM3Zj4=
 github.com/ardielle/ardielle-go v1.5.2/go.mod h1:I4hy1n795cUhaVt/ojz83SNVCYIGsAFAONtv2Dr7HUI=
+github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
+github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
+github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
+github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -26,6 +31,9 @@ github.com/kpango/gache v1.2.8 h1:+OjREOmuWO4qrJksDhzWJq80o9iwHiezdVmMR1jtCG0=
 github.com/kpango/gache v1.2.8/go.mod h1:UyBo0IoPFDSJypK2haDXeV6PwHEmBcXQA0BLuOYEvWg=
 github.com/kpango/glg v1.6.15 h1:nw0xSxpSyrDIWHeb3dvnE08PW+SCbK+aYFETT75IeLA=
 github.com/kpango/glg v1.6.15/go.mod h1:cmsc7Yeu8AS3wHLmN7bhwENXOpxfq+QoqxCIk2FneRk=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/lestrrat-go/backoff/v2 v2.0.8 h1:oNb5E5isby2kiro9AgdHLv5N5tint1AnDVVf2E2un5A=
 github.com/lestrrat-go/backoff/v2 v2.0.8/go.mod h1:rHP/q/r9aT27n24JQLa7JhSQZCKBBOiM/uP402WwN8Y=
 github.com/lestrrat-go/blackmagic v1.0.1/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU=
@@ -46,6 +54,15 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE=
+github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho=
+github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
+github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
+github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSzKKE=
+github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc=
+github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
+github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
+github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
 github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
@@ -82,8 +99,8 @@ google.golang.org/grpc v1.63.2 h1:MUeiw1B2maTVZthpU5xvASfTh3LDbxHd6IJ6QQVU+xM=
 google.golang.org/grpc v1.63.2/go.mod h1:WAX/8DgncnokcFUldAxq7GeB5DXHDbMF+lLvDomNkRA=
 google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
 google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

handler/handler.go

@@ -38,7 +38,7 @@ import (
 type Func func(http.ResponseWriter, *http.Request) error
 
 // New creates a handler for handling different HTTP requests based on the given services. It also contains a reverse proxy for handling proxy request.
-func New(cfg config.Proxy, bp httputil.BufferPool, prov service.Authorizationd) http.Handler {
+func New(cfg config.Proxy, bp httputil.BufferPool, prov service.Authorizationd, metrics service.Metrics) http.Handler {
 	scheme := "http"
 	if cfg.Scheme != "" {
 		scheme = cfg.Scheme
@@ -93,6 +93,7 @@ func New(cfg config.Proxy, bp httputil.BufferPool, prov service.Authorizationd)
 			cfg:                  cfg,
 			noAuthPaths:          mapPathToAssertion(cfg.NoAuthPaths),
 			insecureCipherSuites: tls.InsecureCipherSuites(),
+			metrics:              metrics,
 		},
 		ErrorHandler: handleError,
 	}

handler/handler_test.go

@@ -40,9 +40,10 @@ import (
 
 func TestNew(t *testing.T) {
 	type args struct {
-		cfg  config.Proxy
-		bp   httputil.BufferPool
-		prov service.Authorizationd
+		cfg     config.Proxy
+		bp      httputil.BufferPool
+		prov    service.Authorizationd
+		metrics service.Metrics
 	}
 	type test struct {
 		name      string
@@ -573,7 +574,7 @@ func TestNew(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			got := New(tt.args.cfg, tt.args.bp, tt.args.prov)
+			got := New(tt.args.cfg, tt.args.bp, tt.args.prov, tt.args.metrics)
 			if err := tt.checkFunc(got); err != nil {
 				t.Errorf("New() error: %v", err)
 			}

handler/transport.go

@@ -19,6 +19,7 @@ import (
 	"net/http"
 	"strconv"
 	"strings"
+	"time"
 
 	authorizerd "github.com/AthenZ/athenz-authorizer/v5"
 	"github.com/AthenZ/athenz-authorizer/v5/policy"
@@ -37,24 +38,40 @@ type transport struct {
 	noAuthPaths []*policy.Assertion
 	// List to check for deprecated cipher suites
 	insecureCipherSuites []*tls.CipherSuite
+	metrics              service.Metrics
 }
 
 // Based on the following.
 // https://github.com/golang/oauth2/blob/bf48bf16ab8d622ce64ec6ce98d2c98f916b6303/transport.go
 func (t *transport) RoundTrip(r *http.Request) (*http.Response, error) {
+	var startTime time.Time
+
+	if t.metrics != nil {
+		defer func() {
+			// skip metrics if request is not forwarded
+			if !startTime.IsZero() {
+				err := t.metrics.Observe(service.HTTP_ORIGIN_LATENCY, float64(time.Since(startTime).Seconds()))
+				if err != nil {
+					glg.Errorf("cannot observe origin latency on: %s, err: %v", r.URL.Path, err)
+				}
+			}
+		}()
+	}
 	// bypass authoriztion
 	if len(r.URL.Path) != 0 { // prevent bypassing empty path on default config
 		for _, urlPath := range t.cfg.OriginHealthCheckPaths {
 			if urlPath == r.URL.Path {
 				glg.Info("Authorization checking skipped on: " + r.URL.Path)
 				r.TLS = nil
+				startTime = time.Now()
 				return t.RoundTripper.RoundTrip(r)
 			}
 		}
 		for _, ass := range t.noAuthPaths {
 			if ass.ResourceRegexp.MatchString(strings.ToLower(r.URL.Path)) {
 				glg.Infof("Authorization checking skipped by %s on: %s", ass.ResourceRegexpString, r.URL.Path)
 				r.TLS = nil
+				startTime = time.Now()
 				return t.RoundTripper.RoundTrip(r)
 			}
 		}
@@ -98,6 +115,7 @@ func (t *transport) RoundTrip(r *http.Request) (*http.Response, error) {
 	req2.TLS = nil
 	// req.Body is assumed to be closed by the base RoundTripper.
 	reqBodyClosed = true
+	startTime = time.Now()
 	return t.RoundTripper.RoundTrip(req2)
 }
 

handler/transport_test.go

@@ -56,6 +56,7 @@ func Test_transport_RoundTrip(t *testing.T) {
 		cfg                  config.Proxy
 		noAuthPaths          []*policy.Assertion
 		insecureCipherSuites []*tls.CipherSuite
+		metrics              service.Metrics
 	}
 	type args struct {
 		r    *http.Request
@@ -449,6 +450,88 @@ func Test_transport_RoundTrip(t *testing.T) {
 			wantErr:        false,
 			wantCloseCount: 0,
 		},
+		{
+			name: "skipped t.metrics.Observe(), if request is not forwarded",
+			fields: fields{
+				RoundTripper: &RoundTripperMock{
+					RoundTripFunc: func(req *http.Request) (*http.Response, error) {
+						return &http.Response{
+							StatusCode: 200,
+						}, nil
+					},
+				},
+				prov: &service.AuthorizerdMock{
+					VerifyFunc: func(r *http.Request, act, res string) (authorizerd.Principal, error) {
+						return nil, errors.New("dummy error")
+					},
+				},
+				cfg: config.Proxy{},
+				metrics: &service.MetricsMock{
+					ObserveFunc: func(name string, value float64) error {
+						panic("t.metrics.Observe() should not be called")
+					},
+				},
+			},
+			args: args{
+				r: func() *http.Request {
+					r, _ := http.NewRequest("GET", "http://athenz.io", nil)
+					return r
+				}(),
+			},
+			want:           nil,
+			wantErr:        true,
+			wantCloseCount: 0,
+		},
+		{
+			name: "called t.metrics.Observe(), if request is forwarded",
+			fields: fields{
+				RoundTripper: &RoundTripperMock{
+					RoundTripFunc: func(req *http.Request) (*http.Response, error) {
+						return &http.Response{
+							StatusCode: 200,
+						}, nil
+					},
+				},
+				prov: &service.AuthorizerdMock{
+					VerifyFunc: func(r *http.Request, act, res string) (authorizerd.Principal, error) {
+						return &PrincipalMock{
+							NameFunc: func() string {
+								return "testPrincipal"
+							},
+							RolesFunc: func() []string {
+								return []string{"testRole1", "testRole2"}
+							},
+							DomainFunc: func() string {
+								return "testDomain"
+							},
+							IssueTimeFunc: func() int64 {
+								return 0
+							},
+							ExpiryTimeFunc: func() int64 {
+								return 0
+							},
+						}, nil
+					},
+				},
+				cfg: config.Proxy{},
+				metrics: &service.MetricsMock{
+					ObserveFunc: func(name string, value float64) error {
+						return nil
+					},
+				},
+			},
+			args: args{
+				r: func() *http.Request {
+					r, _ := http.NewRequest("GET", "http://athenz.io", nil)
+					return r
+				}(),
+			},
+			want: &http.Response{
+				StatusCode: 200,
+			},
+			wantErr:        false,
+			wantCloseCount: 0,
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -458,6 +541,7 @@ func Test_transport_RoundTrip(t *testing.T) {
 				cfg:                  tt.fields.cfg,
 				noAuthPaths:          tt.fields.noAuthPaths,
 				insecureCipherSuites: tt.fields.insecureCipherSuites,
+				metrics:              tt.fields.metrics,
 			}
 			if tt.args.body != nil {
 				tt.args.r.Body = tt.args.body

service/metrics.go

@@ -0,0 +1,60 @@
+// Copyright 2023 LY Corporation
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package service
+
+import (
+	"github.com/kpango/glg"
+	"github.com/pkg/errors"
+	"github.com/prometheus/client_golang/prometheus"
+)
+
+const (
+	HTTP_ORIGIN_LATENCY = "http_origin_latency_in_seconds"
+)
+
+type Metrics interface {
+	Observe(string, float64) error
+}
+
+type metrics struct {
+	httpOriginLatency prometheus.Histogram
+}
+
+func NewMetrics() (Metrics, error) {
+	m := &metrics{
+		httpOriginLatency: prometheus.NewHistogram(prometheus.HistogramOpts{
+			Name:    HTTP_ORIGIN_LATENCY,
+			Help:    "Origin latency in seconds",
+			Buckets: prometheus.DefBuckets,
+		}),
+	}
+
+	err := prometheus.Register(m.httpOriginLatency)
+	if err != nil {
+		return nil, errors.Wrap(err, "cannot register metrics")
+	}
+
+	return m, nil
+}
+
+func (m *metrics) Observe(name string, value float64) error {
+	switch name {
+	case HTTP_ORIGIN_LATENCY:
+		m.httpOriginLatency.Observe(value)
+	default:
+		return glg.Errorf("unknown metric name: %s", name)
+	}
+	return nil
+}