Enable HTTP metrics for Keycloak by default (#28088)

Closes #27924 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-03-21 16:18:03 +01:00 · 2024-03-21 16:18:03 +01:00 · c4fdf1cee7
commit c4fdf1cee7
parent 91c89c28e7
4 changed files with 17 additions and 7 deletions
--- a/docs/documentation/upgrading/topics/changes/changes-25_0_0.adoc
+++ b/docs/documentation/upgrading/topics/changes/changes-25_0_0.adoc
@ -3,6 +3,19 @@
 Metrics for the embedded caches are now enabled by default.
 To enable histograms for latencies, set the option `cache-metrics-histograms-enabled` to `true`.
 = Metrics for HTTP endpoints enabled by default
 The metrics provided by {project_name} now include HTTP server metrics starting with `http_server`.
 See below for some examples.
 [source]
 ----
 http_server_active_requests 1.0
 http_server_requests_seconds_count{method="GET",outcome="SUCCESS",status="200",uri="/realms/{realm}/protocol/{protocol}/auth"} 1.0
 http_server_requests_seconds_sum{method="GET",outcome="SUCCESS",status="200",uri="/realms/{realm}/protocol/{protocol}/auth"} 0.048717142
 ----
 = Nonce claim is only added to the ID token
 The nonce claim is now only added to the ID token strictly following the OpenID Connect Core 1.0 specification. As indicated in the specification, the claim is compulsory inside the https://openid.net/specs/openid-connect-core-1_0.html#IDToken[ID token] when the same parameter was sent in the authorization request. The specification also recommends to not add the `nonce` after a https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokenResponse[refresh request]. Previously, the claim was set to all the tokens (Access, Refresh and ID) in all the responses (refresh included).
--- a/docs/guides/server/configuration-metrics.adoc
+++ b/docs/guides/server/configuration-metrics.adoc
@ -69,6 +69,9 @@ The table below summarizes the available metrics groups:
 |Database
 |A set of metrics from the database connection pool, if using a database.
 |HTTP
 |A set of global and individual metrics from the HTTP endpoints
 |Cache
 |A set of metrics from Infinispan caches. See <@links.server id="caching"/> for more details.
--- a/quarkus/runtime/src/main/resources/application.properties
+++ b/quarkus/runtime/src/main/resources/application.properties
@ -8,13 +8,6 @@ quarkus.banner.enabled=false
 # Disable health checks from extensions, since we provide our own (default is true)
 quarkus.health.extensions.enabled=false
 # Disable http metrics binder as URL parameters are only shown with placeholders for '/resource' URLs, but not
 # for '/admin' and '/realms'. Neither the IDs of entities nor the realm name should be part of the metric names
 # to avoid an explosion of metric names which would lead to memory exhaustion in Keycloak and to a resource
 # exhaustion in the connected monitoring systems.
 # See https://github.com/keycloak/keycloak/issues/17281 for a discussion
 quarkus.micrometer.binder.http-server.enabled=false
 # Enables metrics from other extensions if metrics is enabled
 quarkus.datasource.metrics.enabled=${quarkus.micrometer.enabled:false}
--- a/quarkus/tests/integration/src/test/java/org/keycloak/it/cli/dist/MetricsDistTest.java
+++ b/quarkus/tests/integration/src/test/java/org/keycloak/it/cli/dist/MetricsDistTest.java
@ -48,6 +48,7 @@ public class MetricsDistTest {
        when().get("/metrics").then()
                .statusCode(200)
                .body(containsString("jvm_gc_"))
                .body(containsString("http_server_active_requests"))
                .body(containsString("vendor_statistics_hit_ratio"))
                .body(not(containsString("vendor_statistics_miss_times_seconds_bucket")));