Fix avoidable prometheus metrics cardinality

[g00g1]

I am running decently sized crowdsec setup (more than 100k active decisions simultaneously) with significant proportion of bans added using cscli. Also, my setup requires collection of Prometheus full metrics to collect historical data regarding popularity of some decisions.

All of the above contributes to extremely large size of resulting metrics endpoint response (more than tens of megabytes), as well as RAM overhead (see screenshot 1). After manual inspection I have noticed that the problematic metrics include cs_lapi_machine_requests_total like these:

cs_lapi_machine_requests_total{machine="[redacted]",method="GET",route="/v1/allowlists/check/192.0.2.1"} 1
cs_lapi_machine_requests_total{machine="[redacted]",method="GET",route="/v1/allowlists/check/192.0.2.2"} 1

I would like to argue usefulness of exposing raw URL in metrics including query parameters like IP addresses specified above.

Instead, I propose to use func (c *Context) FullPath() string instead (available since gin-gonic/gin v1.5.0 so this change could be backported). It returns a matched route full path instead of raw URL as in original request, therefore preventing unnecessary overhead and too high labels cardinality for setups configured to offer full Prometheus metrics level without aggregation (which in fact removes some metrics instead).

I expect this to be not a breaking change.

Screenshot 1

Before / after this patch in my setup

[github-actions]

@g00g1: There are no 'kind' label on this PR. You need a 'kind' label to generate the release automatically.

• /kind feature
• /kind enhancement
• /kind refactoring
• /kind fix
• /kind chore
• /kind dependencies

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[github-actions]

@g00g1: There are no area labels on this PR. You can add as many areas as you see fit.

• /area agent
• /area local-api
• /area cscli
• /area appsec
• /area security
• /area configuration

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[g00g1]

/kind fix
/area local-api

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 62.74%. Comparing base (9b16f08) to head (0022dbd).
⚠️ Report is 2 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4080      +/-   ##
==========================================
- Coverage   62.76%   62.74%   -0.02%     
==========================================
  Files         459      459              
  Lines       33067    33067              
==========================================
- Hits        20755    20749       -6     
- Misses      10192    10196       +4     
- Partials     2120     2122       +2     

Flag	Coverage Δ
bats	46.36% <100.00%> (-0.02%)	⬇️
unit-linux	35.44% <100.00%> (-0.03%)	⬇️
unit-windows	24.81% <0.00%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[mmetc]

Good catch, thanks!