Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-21 16:08:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 100
fleet/changes
History
Scott Gress 6bd9cc8a44
Monitor and alert on errors in cron jobs (#24347) 
for #19930 

# Checklist for submitter

- [X] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
- [X] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [X] Added/updated tests
- [X] If database migrations are included, checked table schema to
confirm autoupdate
- [X] Manual QA for all new/changed functionality

# Details

This PR adds a new feature to the existing monitoring add-on. The add-on
will now send an SNS alert whenever a scheduled job like
"vulnerabilities" or "apple_mdm_apns_pusher" exits early due to errors.
The alert contains the job type and the set of errors (there can be
multiple, since jobs can have multiple sub-jobs). By default the SNS
topic for this new alert is the same as the one for the existing cron
system alerts, but it can be configured to use a separate topic (e.g.
dogfood instance will post to a separate slack channel).

The actual changes are:

**On the server side:**

- Add errors field to cron_stats table (json DEFAULT NULL)
- Added errors var to `Schedule` struct to collect errors from jobs
- In `RunAllJobs`, collect err from job into new errors var
- Update `Schedule.updateStats`and `CronStats.UpdateCronStats`to accept
errors argument
- If provided, update errors field of cron_stats table

**On the monitor side:**

- Add new SQL query to look for all completed schedules since last run
with non-null errors
- send SNS with job ID, name, errors

# Testing

New automated testing was added for the functional code that gathers and
stores errors from cron runs in the database. To test the actual Lambda,
I added a row in my `cron_stats` table with errors, then compiled and
ran the Lambda executable locally, pointing it to my local mysql and
localstack instances:

```
2024/12/03 14:43:54 main.go:258: Lambda execution environment not found.  Falling back to local execution.
2024/12/03 14:43:54 main.go:133: Connected to database!
2024/12/03 14:43:54 main.go:161: Row vulnerabilities last updated at 2024-11-27 03:30:03 +0000 UTC
2024/12/03 14:43:54 main.go:163: *** 1h hasn't updated in more than vulnerabilities, alerting! (status completed)
2024/12/03 14:43:54 main.go:70: Sending SNS Message
2024/12/03 14:43:54 main.go:74: Sending 'Environment: dev
Message: Fleet cron 'vulnerabilities' hasn't updated in more than 1h. Last status was 'completed' at 2024-11-27 03:30:03 +0000 UTC.' to 'arn:aws:sns:us-east-1:000000000000:topic1'
2024/12/03 14:43:54 main.go:82: {
  MessageId: "260864ff-4cc9-4951-acea-cef883b2de5f"
}
2024/12/03 14:43:54 main.go:198: *** mdm_apple_profile_manager job had errors, alerting! (errors {"something": "wrong"})
2024/12/03 14:43:54 main.go:70: Sending SNS Message
2024/12/03 14:43:54 main.go:74: Sending 'Environment: dev
Message: Fleet cron 'mdm_apple_profile_manager' (last updated 2024-12-03 20:34:14 +0000 UTC) raised errors during its run:
{"something": "wrong"}.' to 'arn:aws:sns:us-east-1:000000000000:topic1'
2024/12/03 14:43:54 main.go:82: {
  MessageId: "5cd085ef-89f6-42c1-8470-d80a22b295f8"
2024-12-19 15:55:29 -06:00
..
.keep Issue 1009 calculate diff software (#1305) 2021-07-08 13:57:43 -03:00
8903c-table-text-wrapping Fleet UI: Clean up table text wrapping (#24827) 2024-12-17 15:22:33 -05:00
19930-alert-on-cron-errors Monitor and alert on errors in cron jobs (#24347) 2024-12-19 15:55:29 -06:00
21855-paginate-queries 21855 – Paginate and filter Queries on the server, update platform filtering from compatible to targeted platforms (#24446) 2024-12-11 10:50:28 -08:00
22444-gitops-script-missing-path Error out while parsing when script entries in a GitOps YAML file are missing paths (#24639) 2024-12-11 07:54:25 -06:00
22523-cve-500 Fix nil pointer dereference on CVEs when OS versions list hasn't been populated yet (#24735) 2024-12-12 17:23:27 -06:00
22723-jetbrains-eap-versions Swap JetBrains EAP versions for maxed last major release for vuln check purposes (#24783) 2024-12-16 14:01:38 -06:00
22884-license-error-fleetctl Validate license key if supplied before running fleetctl preview (#24627) 2024-12-11 07:57:10 -06:00
23011-dynamic-column-sort-type UI - Determine query result column sort type from actual data present (#24734) 2024-12-17 09:41:30 -08:00
23238-use-secrets-in-scripts-profiles Replace script/profile secrets. (#24841) 2024-12-18 15:27:35 -06:00
23309-mastodon-in-email-templates Add Mastodon link to server email templates (#23309) 2024-12-16 17:03:33 -06:00
23448-maintainer-policy-automations Fleet UI: Fix bug hiding manage automations dropdown from maintainers (#23808) 2024-12-11 10:19:33 -05:00
23490-null-script-software-on-policies Team policy endpoint now accepts null to unset a script or software installer (#24658) 2024-12-12 13:33:19 -06:00
23579-cve-2024-10004-false-positive Ignore iOS-only Firefox vulnerability (CVE-2024-10004) since we don't support iOS vulns (#24892) 2024-12-19 14:05:58 -06:00
23611-Update-CIS CIS Update: Q4 2024 (#24224) 2024-12-05 13:35:40 -05:00
23800-host-online-pctage UI - Display the correct percentage of hosts online, 0, when there are no hosts online. (#24858) 2024-12-18 12:53:06 -08:00
23803-leading-zeros-bug Fleet UI: Export to CSV does not trim leading zeros (#24529) 2024-12-10 14:03:20 -05:00
23886-remove-associations-on-policy-delete Delete pending installs/scripts on policy delete (#24463) 2024-12-16 11:47:34 -06:00
24006-host-query-report-team-id Added optional team_id parameter to query report endpoint (#24811) 2024-12-17 13:26:35 -06:00
24025-add-label-team-bug Fleet UI: Do not remove team selection when creating a label (#24590) 2024-12-10 14:04:04 -05:00
24033-helm-customization-options Initial support for helm cloudsql proxy in migrations (#24412) 2024-12-18 11:44:32 -06:00
24120-sw-title-id feat: add software title ID to add software activity (#24577) 2024-12-11 09:54:15 -05:00
24166-script-line-endings Replace CRLF with LF on script upload (#24760) 2024-12-16 11:25:12 -06:00
24268-update-fleetctl-deps Fleetctl: Update dependencies, improve error handling, ensure compatibility (#24845) 2024-12-18 11:22:01 -05:00
24286-vulncheck Process all vulncheck data (#24318) 2024-12-18 10:53:46 -07:00
24334-policy-truncation Fleet UI: Fix policy truncation and add tooltip (#24659) 2024-12-12 09:11:26 -05:00
24386-fleet-legacy-query-pack Stop legacy query packs from spamming errors (#24491) 2024-12-06 16:34:21 -05:00
24456-include-linux-encryption-data-only-when-enabled Include disk encryption stats only if setting is enabled for Linux host (#24457) 2024-12-17 09:43:35 -08:00
24459-chart-serrvice-annotation Add service annotations to Helm Chart (#24459) 2024-12-09 13:19:22 -06:00
24549-validate-script-profle-secrets Embedded secrets validation (#24624) 2024-12-17 17:14:12 -05:00
24725-no-private-ip-found Removed server error if no private IP was found by detail_query_network_interface (#24726) 2024-12-12 15:45:26 -06:00
24795-add-helpful-tooltip-setup-experience Add helpful tooltip to install software setup experience (#24799) 2024-12-17 10:31:00 -06:00