generate a metric when domain validation fails (AthenZ#1437)

Signed-off-by: Henry Avetisyan <[email protected]>

Co-authored-by: Henry Avetisyan <[email protected]>

servers/zts/src/main/java/com/yahoo/athenz/zts/ZTSImpl.java

@@ -280,7 +280,7 @@ public ZTSImpl(CloudStore implCloudStore, DataStore implDataStore) {
             // create our data store. we must have our cloud store and private
             // key details already retrieved at this point
 
-            dataStore = new DataStore(clogStore, cloudStore);
+            dataStore = new DataStore(clogStore, cloudStore, metric);
 
             // Initialize our storage subsystem which would load all data into
             // memory and if necessary retrieve the data from ZMS. It will also

servers/zts/src/main/java/com/yahoo/athenz/zts/store/DataStore.java

@@ -18,6 +18,7 @@
 import com.google.common.cache.Cache;
 import com.google.common.cache.CacheBuilder;
 import com.yahoo.athenz.auth.util.StringUtils;
+import com.yahoo.athenz.common.metrics.Metric;
 import com.yahoo.athenz.common.server.db.RolesProvider;
 import com.yahoo.athenz.common.server.store.ChangeLogStore;
 import com.yahoo.athenz.common.server.util.ConfigProperties;
@@ -67,6 +68,7 @@ public class DataStore implements DataCacheProvider, RolesProvider {
 
     ChangeLogStore changeLogStore;
     private CloudStore cloudStore;
+    private final Metric metric;
     private final Cache<String, DataCache> cacheStore;
     final Cache<String, PublicKey> zmsPublicKeyCache;
     final Cache<String, List<GroupMember>> groupMemberCache;
@@ -98,12 +100,13 @@ public class DataStore implements DataCacheProvider, RolesProvider {
 
     private static final Logger LOGGER = LoggerFactory.getLogger(DataStore.class);
 
-    public DataStore(ChangeLogStore clogStore, CloudStore cloudStore) {
+    public DataStore(ChangeLogStore clogStore, CloudStore cloudStore, Metric metric) {
 
         /* save our store objects */
 
         this.changeLogStore = clogStore;
         this.setCloudStore(cloudStore);
+        this.metric = metric;
 
         /* generate our cache stores */
 
@@ -519,6 +522,7 @@ boolean validateSignedDomain(SignedDomain signedDomain) {
         boolean result = Crypto.verify(SignUtils.asCanonicalString(domainData), zmsKey, signature);
 
         if (!result) {
+            metric.increment("domain_validation_failure", domainData.getName());
             LOGGER.error("validateSignedDomain: Domain={} signature validation failed", domainData.getName());
             LOGGER.error("validateSignedDomain: Signed Domain Data: {}", SignUtils.asCanonicalString(domainData));
         }

servers/zts/src/test/java/com/yahoo/athenz/zts/InstanceProviderManagerTest.java

@@ -34,6 +34,7 @@
 import static org.testng.Assert.assertFalse;
 
 import com.yahoo.athenz.auth.ServerPrivateKey;
+import com.yahoo.athenz.common.metrics.Metric;
 import com.yahoo.athenz.common.server.dns.HostnameResolver;
 import com.yahoo.athenz.common.server.store.ChangeLogStore;
 import com.yahoo.athenz.zts.store.MockZMSFileChangeLogStore;
@@ -60,6 +61,7 @@
 public class InstanceProviderManagerTest {
 
     private PrivateKey privateKey = null;
+    private Metric ztsMetric = null;
     private DataStore store = null;
 
     private static final String ZTS_DATA_STORE_PATH = "/tmp/zts_server_unit_tests/zts_root";
@@ -69,6 +71,10 @@ public class InstanceProviderManagerTest {
     public void setUpClass() {
         System.setProperty(PROP_ATHENZ_CONF, "src/test/resources/athenz.conf");
         System.setProperty(ZTS_PROP_FILE_NAME, "src/test/resources/zts.properties");
+
+        // setup our metric class
+
+        ztsMetric = new com.yahoo.athenz.common.metrics.impl.NoOpMetric();
     }
 
     @BeforeMethod
@@ -88,7 +94,7 @@ public void setup() {
 
         System.setProperty(ZTSConsts.ZTS_PROP_PROVIDER_ENDPOINTS, ".athenz2.com,.athenz.com");
 
-        store = new DataStore(structStore, null);
+        store = new DataStore(structStore, null, ztsMetric);
     }
 
     @AfterMethod