- 
                Notifications
    You must be signed in to change notification settings 
- Fork 0
[bugfix] support no-whitespace alert expressions in instance filtering #1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
Conversation
| WalkthroughA new constructor overload has been added to the  Changes
 Sequence Diagram(s)sequenceDiagram
    participant Test as RealTimeAlertCalculatorTest
    participant Calculator as RealTimeAlertCalculator
    participant MockDeps as Mocked Dependencies
    Test->>MockDeps: Set up mocks for dependencies
    Test->>Calculator: Instantiate with start=false
    Test->>Calculator: Call filterThresholdsByAppAndMetrics()
    Calculator->>MockDeps: (Uses dependencies as needed)
    Calculator-->>Test: Returns filtered alert definitions
    Test->>Test: Assert filtering correctness
Poem
 ✨ Finishing Touches
 Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit: 
 Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
 Other keywords and placeholders
 CodeRabbit Configuration File ( | 
| @coderabbitai full review | 
| ✅ Actions performedFull review triggered. | 
| @coderabbitai full review | 
| ✅ Actions performedFull review triggered. | 
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
🧹 Nitpick comments (1)
hertzbeat-alerter/src/main/java/org/apache/hertzbeat/alert/calculate/RealTimeAlertCalculator.java (1)
116-116: Consider adding thread safety to the now-public startCalculate method.Since this method has been made public for testing purposes, it could potentially be called multiple times, which might lead to redundant worker threads being created.
public void startCalculate() { + // Add a synchronization mechanism or flag to prevent multiple calls + // For example: use AtomicBoolean to track if threads are already started Runnable runnable = () -> {
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
- hertzbeat-alerter/src/main/java/org/apache/hertzbeat/alert/calculate/RealTimeAlertCalculator.java(4 hunks)
- hertzbeat-alerter/src/test/java/org/apache/hertzbeat/alert/calculate/RealTimeAlertCalculatorTest.java(1 hunks)
🧰 Additional context used
🧬 Code Graph Analysis (1)
hertzbeat-alerter/src/test/java/org/apache/hertzbeat/alert/calculate/RealTimeAlertCalculatorTest.java (1)
web-app/src/app/pojo/AlertDefine.ts (1)
AlertDefine(20-41)
🔇 Additional comments (7)
hertzbeat-alerter/src/test/java/org/apache/hertzbeat/alert/calculate/RealTimeAlertCalculatorTest.java (3)
25-38: Setup looks good with appropriate mocks.The test setup correctly mocks all required dependencies and passes
falseto the constructor to prevent threads from starting automatically during tests, which is a good practice for unit testing.
40-60: Well-structured test for expressions with spaces.This test case correctly verifies that the filter method works properly when there are spaces in the instance expression, which is the established behavior.
62-82: Good test case for the bugfix - handling expressions without spaces.This test case directly addresses the bug described in the PR summary, verifying that alert expressions without spaces between the comma and quotes (e.g.,
equals(__instance__,"501045327364864")) are properly filtered. This ensures the fix works as expected.hertzbeat-alerter/src/main/java/org/apache/hertzbeat/alert/calculate/RealTimeAlertCalculator.java (4)
76-76: Fixed regex pattern to handle expressions without spaces.The regular expression pattern has been updated to include
\\s*(zero or more whitespace characters), which correctly handles both cases with and without spaces after commas in instance expressions.
85-90: Good constructor refactoring to support testing.The original constructor now delegates to the new overloaded constructor, passing
trueto start calculation threads by default. This maintains backward compatibility while enabling better testability.
92-114: Well-documented constructor overload for testability.The new constructor with the
startparameter is well-documented and provides better testability by allowing tests to create instances without starting alert calculation threads.
276-276: Method made public for testing purposes.This method visibility change allows direct testing of the filtering logic, which is essential for this bugfix.
| /gemini review | 
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code Review
This PR addresses an important bug in the RealTimeAlertCalculator that prevented instance filtering when alert expressions lacked whitespace. The updated regex and added unit tests enhance the robustness of the alerting system. The introduction of a constructor that allows disabling the automatic start of alert calculation threads is also a welcome addition for testing purposes.
Summary of Findings
- Regex Pattern Update: The regex pattern for instance matching has been updated to handle expressions without whitespace. This resolves the bug where instance filtering failed for compact expressions.
- Unit Test Coverage: New unit tests have been added to verify the correct filtering of alert definitions based on instance ID expressions, covering cases with and without spaces.
- Constructor with Start Toggle: A new constructor has been added to allow instantiation of the RealTimeAlertCalculator without automatically starting the calculation threads. This is useful for unit testing.
Merge Readiness
The pull request is well-structured and addresses a significant bug. The addition of unit tests and the new constructor enhance the code's testability and flexibility. I recommend merging this pull request after addressing the medium severity comment regarding the visibility of the startCalculate method.
| } | ||
|  | ||
| private void startCalculate() { | ||
| public void startCalculate() { | 
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Consider if this method should be protected instead of public. Making it public exposes it unnecessarily, while protected would allow subclasses to override it if needed. If it's only used internally, it could also be private.
| public void startCalculate() { | |
| protected void startCalculate() { | 
| /refacto-test | 
| 🤖 Refacto.AI: PR Summary & Reviewer GuideWarning: Requirements context (e.g., linked ticket) was not provided. Analysis is based solely on PR metadata and code diff, which may be incomplete. 🎯 1. The Goal (Why was this PR raised?)This PR aims to fix a bug in the alert expression parsing where instance filtering expressions without whitespace between parameters were not being properly matched. The change modifies the regex pattern to make whitespace optional between the instance parameter and its value. 🗺️ 2. The Changes (What was implemented?)
 🤔 3. Key Areas for Human ReviewArea of Concern: Regular Expression Change
 Area of Concern: Constructor Changes
 Area of Concern: Method Visibility Changes
 | 
| /refacto-test | 
| Refacto is reviewing this PR. Please wait for the review comments to be posted. | 
| /refacto-test | 
| Refacto is reviewing this PR. Please wait for the review comments to be posted. | 
| /refacto-test | 
| Refacto is reviewing this PR. Please wait for the review comments to be posted. | 
| /refacto-test | 
| PR already reviewed at the latest commit: d4f628a. | 
| /refacto-test | 
| Refacto is reviewing this PR. Please wait for the review comments to be posted. | 
| Regular Expression Pattern Vulnerability in Alert Expression Filtering👍 Well Done
 📌 Files Processed
 📝 Additional Comments
 | 
|  | ||
| private static final Pattern APP_PATTERN = Pattern.compile("equals\\(__app__,\"([^\"]+)\"\\)"); | ||
| private static final Pattern AVAILABLE_PATTERN = Pattern.compile("equals\\(__available__,\"([^\"]+)\"\\)"); | ||
| private static final Pattern LABEL_PATTERN = Pattern.compile("contains\\(__labels__,\\s*\"([^\"]+)\"\\)"); | 
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Regular Expression Pattern Vulnerability in Alert Expression Filtering
The regular expression pattern for matching instance expressions is too restrictive as it requires exactly one whitespace character (\s) between the comma and the opening quote. This causes the pattern to fail when there is no whitespace or multiple whitespace characters, leading to potential missed alerts. In a security context, this could result in failing to trigger alerts for critical security events if the alert definition doesn't match the expected format exactly.
| private static final Pattern LABEL_PATTERN = Pattern.compile("contains\\(__labels__,\\s*\"([^\"]+)\"\\)"); | |
| private static final Pattern INSTANCE_PATTERN = Pattern.compile("equals\\(__instance__,\\s*\"(\\d+)\"\\)"); | 
What's changed?
apache#3220
This PR fixes a bug in RealTimeAlertCalculator where instance filtering failed when alert expressions contained no whitespace (e.g.,
equals(__app__,"redis") && equals(__instance__,"501045327364864")).The backend regex has been updated to support such compact expressions. A unit test is also added to ensure proper filtering across different formatting styles.
Checklist
Add or update API
Summary by CodeRabbit