Add secret repository metrics. Fixes #3942

Author: alrod

src/WebJobs.Script.WebHost/Security/KeyManagement/DefaultSecretManagerProvider.cs

@@ -5,6 +5,7 @@
 using System.IO;
 using System.Threading;
 using Microsoft.Azure.WebJobs.Host.Executors;
+using Microsoft.Azure.WebJobs.Script.Diagnostics;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
@@ -15,14 +16,15 @@ public sealed class DefaultSecretManagerProvider : ISecretManagerProvider
     {
         private const string FileStorage = "Files";
         private readonly ILogger _logger;
+        private readonly IMetricsLogger _metricsLogger;
         private readonly IOptionsMonitor<ScriptApplicationHostOptions> _options;
         private readonly IHostIdProvider _hostIdProvider;
         private readonly IConfiguration _configuration;
         private readonly IEnvironment _environment;
         private Lazy<ISecretManager> _secretManagerLazy;
 
         public DefaultSecretManagerProvider(IOptionsMonitor<ScriptApplicationHostOptions> options, IHostIdProvider hostIdProvider,
-            IConfiguration configuration, IEnvironment environment, ILoggerFactory loggerFactory)
+            IConfiguration configuration, IEnvironment environment, ILoggerFactory loggerFactory, IMetricsLogger metricsLogger)
         {
             if (loggerFactory == null)
             {
@@ -35,6 +37,7 @@ public DefaultSecretManagerProvider(IOptionsMonitor<ScriptApplicationHostOptions
             _environment = environment ?? throw new ArgumentNullException(nameof(environment));
 
             _logger = loggerFactory.CreateLogger(ScriptConstants.LogCategoryHostGeneral);
+            _metricsLogger = metricsLogger ?? throw new ArgumentNullException(nameof(metricsLogger));
             _secretManagerLazy = new Lazy<ISecretManager>(Create);
 
             // When these options change (due to specialization), we need to reset the secret manager.
@@ -45,7 +48,7 @@ public DefaultSecretManagerProvider(IOptionsMonitor<ScriptApplicationHostOptions
 
         private void ResetSecretManager() => Interlocked.Exchange(ref _secretManagerLazy, new Lazy<ISecretManager>(Create));
 
-        private ISecretManager Create() => new SecretManager(CreateSecretsRepository(), _logger);
+        private ISecretManager Create() => new SecretManager(CreateSecretsRepository(), _logger, _metricsLogger);
 
         internal ISecretsRepository CreateSecretsRepository()
         {

src/WebJobs.Script.WebHost/Security/KeyManagement/SecretManager.cs

@@ -6,6 +6,7 @@
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.Azure.WebJobs.Extensions.Http;
 using Microsoft.Azure.WebJobs.Script.Config;
+using Microsoft.Azure.WebJobs.Script.Diagnostics;
 using Microsoft.Azure.WebJobs.Script.Rpc;
 using Microsoft.Azure.WebJobs.Script.WebHost.Configuration;
 using Microsoft.Azure.WebJobs.Script.WebHost.ContainerManagement;
@@ -102,6 +103,9 @@ public static void AddWebJobsScriptHost(this IServiceCollection services, IConfi
             services.AddTransient<VirtualFileSystem>();
             services.AddTransient<VirtualFileSystemMiddleware>();
 
+            // Logging and diagnostics
+            services.AddSingleton<IMetricsLogger, WebHostMetricsLogger>();
+
             // Secret management
             services.TryAddSingleton<ISecretManagerProvider, DefaultSecretManagerProvider>();
 

src/WebJobs.Script.WebHost/WebHostServiceCollectionExtensions.cs

@@ -29,5 +29,13 @@ public static class MetricEventNames
         public const string FunctionUserLog = "function.userlog";
         public const string FunctionInvokeSucceeded = "function.invoke.succeeded";
         public const string FunctionInvokeFailed = "function.invoke.failed";
+
+        // secret managment events
+        public const string SecretManagerDeleteSecret = "secretmanager.deletesecret.{0}";
+        public const string SecretManagerGetFunctionSecrets = "secretmanager.getfunctionsecrets.{0}";
+        public const string SecretManagerGetHostSecrets = "secretmanager.gethostsecrets.{0}";
+        public const string SecretManagerAddOrUpdateFunctionSecret = "secretmanager.addorupdatefunctionsecret.{0}";
+        public const string SecretManagerSetMasterKey = "secretmanager.setmasterkey.{0}";
+        public const string SecretManagerPurgeOldSecrets = "secretmanager.purgeoldsecrets.{0}";
     }
 }

src/WebJobs.Script/Diagnostics/MetricEventNames.cs

@@ -13,6 +13,7 @@
 using Microsoft.AspNetCore.Hosting;
 using Microsoft.AspNetCore.TestHost;
 using Microsoft.Azure.WebJobs.Host.Executors;
+using Microsoft.Azure.WebJobs.Script.Diagnostics;
 using Microsoft.Azure.WebJobs.Script.WebHost;
 using Microsoft.Azure.WebJobs.Script.WebHost.Configuration;
 using Microsoft.Extensions.DependencyInjection;
@@ -32,8 +33,9 @@ public class StandbyManagerE2ETestBase : IDisposable
         protected HttpClient _httpClient;
         protected TestServer _httpServer;
         protected readonly object _originalTimeZoneInfoCache = GetCachedTimeZoneInfo();
+        protected TestMetricsLogger _metricsLogger;
 
-        public StandbyManagerE2ETestBase()
+    public StandbyManagerE2ETestBase()
         {
             _testRootPath = Path.Combine(Path.GetTempPath(), "StandbyManagerTests");
             CleanupTestDirectory();
@@ -53,6 +55,7 @@ protected async Task InitializeTestHostAsync(string testDirName, IEnvironment en
             await TestHelpers.Await(() => File.Exists(proxyConfigPath));
 
             _loggerProvider = new TestLoggerProvider();
+            _metricsLogger = new TestMetricsLogger();
 
             if (environment.IsAppServiceEnvironment())
             {
@@ -90,6 +93,7 @@ protected async Task InitializeTestHostAsync(string testDirName, IEnvironment en
 
                     c.AddSingleton<IEnvironment>(_ => environment);
                     c.AddSingleton<IConfigureBuilder<ILoggingBuilder>>(new DelegatedConfigureBuilder<ILoggingBuilder>(b => b.AddProvider(_loggerProvider)));
+                    c.AddSingleton<IMetricsLogger>(_ => _metricsLogger);
                 });
 
             _httpServer = new TestServer(webHostBuilder);

test/WebJobs.Script.Tests.Integration/Host/StandbyManager/StandbyManagerE2ETestBase.cs

@@ -36,7 +36,7 @@ public SecretManagerProviderTests()
                 .ReturnsAsync("testhostid");
 
             _provider = new DefaultSecretManagerProvider(optionsMonitor, mockIdProvider.Object, config,
-                new TestEnvironment(), NullLoggerFactory.Instance);
+                new TestEnvironment(), NullLoggerFactory.Instance, new TestMetricsLogger());
         }
 
         [Fact]