@hiiretail/gcp-infra-cli 0.94.0 → 0.95.0

package/generators/common-resources/monitoring/handle-yaml.js

@@ -5,30 +5,43 @@ function cleanAlerts(alerts) {
   const copy = [...alerts];
   return copy.map((obj) => {
     /* eslint-disable no-param-reassign */
-    if (_.get(obj, 'documentation.content') === ' ') delete obj.documentation;
     if (_.get(obj, 'enabled') === true) delete obj.enabled;
 
     return obj;
   });
 }
 
+const handleAlert = (templates, answers) => {
+  const alerts = [];
+
+  Object.entries(templates).forEach(([, template]) => {
+    const newAlert = JSON.parse(ejs.render(JSON.stringify(template), answers));
+    alerts.push(newAlert);
+  });
+
+  const cleanedAlerts = cleanAlerts(alerts);
+
+  return Array.isArray(cleanedAlerts) ? cleanedAlerts : [cleanedAlerts];
+};
+
 const handleAlerts = (alerts, templates, answers) => {
-  const template = templates[`${answers.alert}`];
-  const newAlert = JSON.parse(ejs.render(JSON.stringify(template), answers));
+  const newAlertsList = [];
+
+  const newAlerts = handleAlert(templates, answers);
 
-  alerts.push(newAlert);
-  alerts = cleanAlerts(alerts);
-  return alerts;
+  newAlertsList.push(...newAlerts);
+  return newAlertsList;
 };
 
 const handleUptimeChecks = (slos, templates, answers) => {
-  const newCheck = JSON.parse(ejs.render(JSON.stringify(templates), answers));
+  const newUptimeCheck = JSON.parse(ejs.render(JSON.stringify(templates), answers));
 
-  slos.push(newCheck);
+  slos.push(newUptimeCheck);
   return slos;
 };
 
 module.exports = {
+  handleAlert,
   handleAlerts,
   handleUptimeChecks,
   cleanAlerts,

package/generators/common-resources/monitoring/index.js

@@ -1,24 +1,30 @@
 const path = require('path');
 const chalk = require('chalk');
 const fs = require('fs');
+const ejs = require('ejs');
 const yaml = require('js-yaml');
 const BaseGenerator = require('../../../src/BaseGenerator');
 const { required } = require('../../../src/validators');
 const validate = require('./validate');
-const { handleAlerts, handleUptimeChecks } = require('./handle-yaml');
+const {
+  handleAlerts,
+  handleUptimeChecks,
+  cleanAlerts,
+} = require('./handle-yaml');
 
 const uptimeCheckTemplates = yaml.load(fs.readFileSync(`${__dirname}/templates/uptime-checks/uptime-checks.yaml`));
-const alertTemplates = yaml.load(fs.readFileSync(`${__dirname}/templates/alerts/service.yaml`));
+const alertTemplates = yaml.load(fs.readFileSync(`${__dirname}/templates/alerts/generic-infra.yaml`));
 
+/* istanbul ignore next */
 module.exports = class extends BaseGenerator {
   async prompting() {
     this.answers = await this.prompt([
       {
         type: 'list',
         name: 'monitoringResource',
-        message: 'Select the resource you want to create',
+        message: 'Select the resource you want to create:',
         choices: [
-          // 'alerts', // Temporarily disabled due to migration to GKE Autopilot
+          'alerts',
           'uptime-checks',
         ],
       },
@@ -26,55 +32,108 @@ module.exports = class extends BaseGenerator {
         when: (response) => response.monitoringResource === 'alerts',
         type: 'list',
         name: 'alert',
+        message: 'Select the category of alerts you want to create:',
         choices: Object.keys(alertTemplates),
       },
+
+      {
+        when: (response) => response.monitoringResource === 'alerts',
+        type: 'list',
+        name: 'allOrSpecific',
+        message: 'Do you want to create a specific alert or all recommended alerts?',
+        choices: (response) => [
+          `All (${Object.keys(alertTemplates[response.alert] || {}).length})`,
+          'Specific',
+        ],
+      },
+      {
+        when: (response) => response.monitoringResource === 'alerts' && response.allOrSpecific === 'Specific',
+        type: 'list',
+        name: 'specificAlert',
+        message: (response) => `Select the specific alert you want to create for ${response.alert}:`,
+        choices: (response) => Object.keys(alertTemplates[response.alert]),
+      },
+      {
+        when: (response) => response.monitoringResource === 'alerts',
+        type: 'input',
+        name: 'clan',
+        message: 'Please provide the clan name (ex: SRE, PNP, IAM...):',
+        default: () => {
+          const gitPath = path.resolve(process.cwd(), '.git');
+          if (fs.existsSync(gitPath)) {
+            const repoName = path.basename(process.cwd());
+            const regex = /-([a-z]{3})-/i;
+            const match = regex.exec(repoName);
+            return match ? match[1].toUpperCase() : '';
+          }
+          return '';
+        },
+        validate: required && validate.clan,
+      },
+      {
+        when: (response) => response.monitoringResource === 'alerts',
+        type: 'input',
+        name: 'projectId',
+        message: 'Please provide the project ID:',
+        validate: required && validate.projectId,
+      },
       {
         when: (response) => ['uptime-checks', 'alerts'].includes(response.monitoringResource),
         type: 'input',
         name: 'systemName',
-        message: 'Please provide three-letter system name as defined in Styra (example: sre, ptf, sda, che, pnp, iam...)',
+        message: 'Please provide three-letter system name (ex: sre, pnp, iam...):',
+        default: () => {
+          const gitPath = path.resolve(process.cwd(), '.git');
+          if (fs.existsSync(gitPath)) {
+            const repoName = path.basename(process.cwd());
+            const regex = /-([a-z]{3})-/i;
+            const match = regex.exec(repoName);
+            return match ? match[1] : '';
+          }
+          return '';
+        },
         validate: required && validate.systemName,
       },
       {
-        when: (response) => ['uptime-checks', 'alerts'].includes(response.monitoringResource),
+        when: (response) => response.monitoringResource === 'uptime-checks',
         type: 'input',
         name: 'serviceName',
-        message: 'Please provide the namespace where the service resides',
-        validate: required,
+        message: 'Please provide the namespace where the service resides:',
+        default: (response) => `${response.systemName}-service`,
+        validate: required && validate.serviceName,
       },
       {
-        when: (response) => response.monitoringResource === 'alerts',
+        when: (response) => response.monitoringResource === 'uptime-checks',
         type: 'input',
-        name: 'runbookLink',
-        message: 'Please provide the full URL to your runbook in confluence (Leave empty if none)',
-        validate: required && validate.confluenceUrl,
+        name: 'hostname',
+        message: 'Please provide the base hostname of the service (ex: my-service.retailsvc.com):',
+        validate: required && validate.hostname,
       },
       {
         when: (response) => response.monitoringResource === 'uptime-checks',
         type: 'input',
-        name: 'hostname',
-        message: 'Please provide the base hostname of the service (example: my-service.retailsvc.com)',
-        validate: required && validate.hostName,
+        name: 'runbookLink',
+        message: 'Please provide the full URL to your runbook in confluence (Leave empty if none):',
+        validate: required && validate.runbookLink,
       },
       {
         when: (response) => response.monitoringResource === 'uptime-checks',
         type: 'input',
         name: 'path',
-        message: 'Please provide the path/endpoint to run the check against',
-        default: '/health',
-        validate: required,
+        message: 'Please provide the path/endpoint to run the check against (ex: /health):',
+        validate: required && validate.path,
       },
     ]);
   }
 
   async writing() {
-    const { monitoringResource, serviceName } = this.answers;
+    const { monitoringResource } = this.answers;
     const resourceDir = path.join(process.cwd(), 'infra', 'prod', 'monitoring', monitoringResource);
 
     const copyTemplate = (resource, resourcePath, yamlPath) => {
       if (!fs.existsSync(resourcePath)) fs.mkdirSync(resourcePath, { recursive: true });
-      if (!fs.existsSync(yamlPath)) fs.writeFileSync(yamlPath, '');
-      if (!fs.existsSync(`${path}/terragrunt.hcl`)) {
+      if (!fs.existsSync(yamlPath)) fs.appendFileSync(yamlPath, '');
+      if (!fs.existsSync(`${resourcePath}/terragrunt.hcl`)) {
         this.fs.copyTpl(
           this.templatePath(`${resource}/terragrunt.hcl`),
           this.destinationPath(`${resourcePath}/terragrunt.hcl`),
@@ -83,15 +142,48 @@ module.exports = class extends BaseGenerator {
       }
     };
 
-    if (monitoringResource === 'alerts') {
-      const yamlPath = `${resourceDir}/${serviceName}.yaml`;
+    /* istanbul ignore next */
+    if (monitoringResource === 'alerts' && this.answers.allOrSpecific === 'Specific') {
+      const yamlPath = `${resourceDir}/base-specific.yaml`;
 
       copyTemplate('alerts', resourceDir, yamlPath);
 
       const oldYaml = yaml.load(fs.readFileSync(yamlPath, 'utf8')) || [];
-      const newYaml = await handleAlerts(oldYaml, alertTemplates, this.answers);
+      const template = alertTemplates[this.answers.alert][this.answers.specificAlert];
+      const newAlert = JSON.parse(ejs.render(JSON.stringify(template), this.answers));
 
-      fs.writeFileSync(yamlPath, yaml.dump(newYaml, { lineWidth: 250, noArrayIndent: true }));
+      oldYaml.push(newAlert);
+      const cleanedAlerts = cleanAlerts(oldYaml);
+
+      fs.writeFileSync(
+        yamlPath,
+        yaml.dump(cleanedAlerts, {
+          lineWidth: 250,
+          noArrayIndent: false,
+        }),
+      );
+    }
+
+    /* istanbul ignore next */
+    if (monitoringResource === 'alerts' && this.answers.allOrSpecific === `All (${Object.keys(alertTemplates[this.answers.alert] || {}).length})`) {
+      const yamlPath = `${resourceDir}/base.yaml`;
+
+      copyTemplate('alerts', resourceDir, yamlPath);
+
+      const oldYaml = yaml.load(fs.readFileSync(yamlPath, 'utf8')) || [];
+      const newAlerts = handleAlerts(oldYaml, alertTemplates[this.answers.alert], this.answers);
+      const currentContent = fs.readFileSync(yamlPath, 'utf8');
+
+      if (currentContent !== '') {
+        fs.appendFileSync(yamlPath, '\n');
+      }
+
+      newAlerts.forEach((alert, index) => {
+        fs.appendFileSync(yamlPath, yaml.dump([alert], { lineWidth: 250, noArrayIndent: false }));
+        if (index !== newAlerts.length - 1) {
+          fs.appendFileSync(yamlPath, '\n');
+        }
+      });
     }
 
     if (monitoringResource === 'uptime-checks') {
@@ -108,9 +200,10 @@ module.exports = class extends BaseGenerator {
 
   end() {
     this.log(`
-${chalk.green('Your Monitoring resources have now been created.')}
-${chalk.green('1.')} To finalize your configuration, please continue with manual editing of the generated files.
-${chalk.green('2.')} Push the changes in a feature branch and open a pull request.
+${chalk.yellow('Your monitoring resources have now been created.')}
+${chalk.green('1.')} Please note that these are just example configurations and might need further adjustments.
+${chalk.green('2.')} To finalize your configuration, please continue with manual editing of the generated files.
+${chalk.green('3.')} Push the changes in a feature branch and open a pull request.
 `);
   }
 };

package/generators/common-resources/monitoring/templates/alerts/generic-infra.yaml

@@ -13,9 +13,30 @@ cloud_scheduler:
           aggregations:
             - alignment_period: 60s
               per_series_aligner: ALIGN_COUNT
-              group_by_fields: ["resource.label.job_id"]
+              group_by_fields:
+                - resource.label.job_id
     documentation:
-      content: <% if (runbookLink) { %>[Runbook](<%-runbookLink%>)<%} else { %> <% } %>
+      subject: 'Job: `$${resource.label.job_id}`'
+  failed_executions:
+    display_name: "[P3] <%-clan%> - Cloud Scheduler | Failed Executions"
+    conditions:
+      - display_name: Cloud Scheduler - Failed Executions
+        condition_threshold:
+          filter: |
+            resource.type="cloud_scheduler_job"
+            metric.type="logging.googleapis.com/log_entry_count"
+            metric.labels.log="cloudscheduler.googleapis.com/executions"
+            metric.labels.severity="ERROR"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 1
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_COUNT
+              group_by_fields:
+                - resource.label.job_id
+    documentation:
+      subject: 'Job: `$${resource.label.job_id}`'
 cloud_sql:
   cpu_over_65:
     display_name: "[P3] <%-clan%> - CloudSQL | CPU over 65%"
@@ -31,9 +52,10 @@ cloud_sql:
           aggregations:
             - alignment_period: 60s
               per_series_aligner: ALIGN_MAX
-              group_by_fields: ["resource.label.database_id"]
+              group_by_fields:
+                - resource.label.database_id
     documentation:
-      content: <% if (runbookLink) { %>[Runbook](<%-runbookLink%>)<%} else { %> <% } %>
+      subject: 'Database: `$${resource.label.database_id}`'
   cpu_over_85:
     display_name: "[P3] <%-clan%> - CloudSQL | CPU over 85%"
     conditions:
@@ -48,9 +70,10 @@ cloud_sql:
           aggregations:
             - alignment_period: 60s
               per_series_aligner: ALIGN_MAX
-              group_by_fields: ["resource.label.database_id"]
+              group_by_fields:
+                - resource.label.database_id
     documentation:
-      content: <% if (runbookLink) { %>[Runbook](<%-runbookLink%>)<%} else { %> <% } %>
+      subject: 'Database: `$${resource.label.database_id}`'
   cpu_over_90:
     display_name: "[P3] <%-clan%> - CloudSQL | CPU over 90%"
     conditions:
@@ -64,9 +87,10 @@ cloud_sql:
           aggregations:
             - alignment_period: 60s
               per_series_aligner: ALIGN_MAX
-              group_by_fields: ["resource.label.database_id"]
+              group_by_fields:
+                - resource.label.database_id
     documentation:
-      content: <% if (runbookLink) { %>[Runbook](<%-runbookLink%>)<%} else { %> <% } %>
+      subject: 'Database: `$${resource.label.database_id}`'
   memory_over_90:
     display_name: "[P2] <%-clan%> - CloudSQL | Memory utilization above 90%"
     conditions:
@@ -81,9 +105,10 @@ cloud_sql:
           aggregations:
             - alignment_period: 60s
               per_series_aligner: ALIGN_MAX
-              group_by_fields: ["resource.label.database_id"]
+              group_by_fields:
+                - resource.label.database_id
     documentation:
-      content: <% if (runbookLink) { %>[Runbook](<%-runbookLink%>)<%} else { %> <% } %>
+      subject: 'Database: `$${resource.label.database_id}`'
   query_over_1s:
     display_name: "[P4] <%-clan%> - CloudSQL | Slow query"
     conditions:
@@ -102,7 +127,43 @@ cloud_sql:
                 - metric.label.querystring
                 - resource.label.resource_id
     documentation:
-      content: <% if (runbookLink) { %>[Runbook](<%-runbookLink%>)<%} else { %> <% } %>
+      subject: 'Database: `$${resource.label.resource_id}`'
+  postgresql_connections:
+    display_name: "[P3] <%-clan%> - CloudSQL | PostgreSQL Connections"
+    conditions:
+      - display_name: Cloud SQL Database - PostgreSQL Connections
+        condition_threshold:
+          filter: |
+            resource.type="cloudsql_database"
+            metric.type="cloudsql.googleapis.com/database/postgresql/num_backends"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 50
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_MAX
+              group_by_fields:
+                - resource.label.database_id
+    documentation:
+      subject: 'Database: `$${resource.label.database_id}`'
+  aggregated_lock_time:
+    display_name: "[P4] <%-clan%> - CloudSQL | Aggregated Lock Time"
+    conditions:
+      - display_name: Cloud SQL Database - Aggregated Lock Time
+        condition_threshold:
+          filter: |
+            resource.type="cloudsql_database"
+            metric.type="cloudsql.googleapis.com/database/postgresql/insights/aggregate/lock_time"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 1000
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_MAX
+              group_by_fields:
+                - resource.label.database_id
+    documentation:
+      subject: 'Database: `$${resource.label.database_id}`'
 memorystore:
   memory_over_50:
     display_name: "[P4] <%-clan%> - Memorystore | Memory over 50%"
@@ -118,9 +179,10 @@ memorystore:
           aggregations:
             - alignment_period: 60s
               per_series_aligner: ALIGN_MAX
-              group_by_fields: ["resource.label.instance_id"]
+              group_by_fields:
+                - resource.label.instance_id
     documentation:
-      content: <% if (runbookLink) { %>[Runbook](<%-runbookLink%>)<%} else { %> <% } %>
+      subject: 'Instance: `$${resource.label.instance_id}`'
   memory_over_75:
     display_name: "[P4] <%-clan%> - Memorystore | Memory over 75%"
     conditions:
@@ -135,9 +197,10 @@ memorystore:
           aggregations:
             - alignment_period: 60s
               per_series_aligner: ALIGN_MAX
-              group_by_fields: ["resource.label.instance_id"]
+              group_by_fields:
+                - resource.label.instance_id
     documentation:
-      content: <% if (runbookLink) { %>[Runbook](<%-runbookLink%>)<%} else { %> <% } %>
+      subject: 'Instance: `$${resource.label.instance_id}`'
   memory_over_90:
     display_name: "[P2] <%-clan%> - Memorystore | Memory over 90%"
     conditions:
@@ -152,9 +215,65 @@ memorystore:
           aggregations:
             - alignment_period: 60s
               per_series_aligner: ALIGN_MAX
-              group_by_fields: ["resource.label.instance_id"]
+              group_by_fields:
+                - resource.label.instance_id
+    documentation:
+      subject: 'Instance: `$${resource.label.instance_id}`'
+  cpu_utilization:
+    display_name: "[P2] <%-clan%> - Memorystore | CPU Utilization"
+    conditions:
+      - display_name: Memorystore - CPU Utilization
+        condition_threshold:
+          filter: |
+            resource.type="redis_instance"
+            metric.type="redis.googleapis.com/stats/cpu_utilization"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 0.8
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_MEAN
+              group_by_fields:
+                - resource.label.instance_id
+    documentation:
+      subject: 'Instance: `$${resource.label.instance_id}`'
+  system_memory_overload_duration:
+    display_name: "[P1] <%-clan%> - Memorystore | System Memory Overload Duration"
+    conditions:
+      - display_name: Memorystore - System Memory Overload Duration
+        condition_threshold:
+          filter: |
+            resource.type="redis_instance"
+            metric.type="redis.googleapis.com/stats/memory/system_memory_overload_duration"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 60
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_SUM
+              group_by_fields:
+                - resource.label.instance_id
+    documentation:
+      subject: 'Instance: `$${resource.label.instance_id}`'
+  calls:
+    display_name: "[P3] <%-clan%> - Memorystore | Calls"
+    conditions:
+      - display_name: Memorystore - Calls
+        condition_threshold:
+          filter: |
+            resource.type="redis_instance"
+            metric.type="redis.googleapis.com/commands/calls"
+            resource.labels.project_id="<%-projectId%>"
+            resource.labels.role="primary"
+          threshold_value: 1000
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_SUM
+              group_by_fields:
+                - resource.label.instance_id
     documentation:
-      content: <% if (runbookLink) { %>[Runbook](<%-runbookLink%>)<%} else { %> <% } %>
+      subject: 'Instance: `$${resource.label.instance_id}`'
 pub_sub:
   unacknowledged_messages:
     display_name: "[P3] <%-clan%> - Pub/Sub | Undelivered message(s)"
@@ -170,9 +289,10 @@ pub_sub:
           aggregations:
             - alignment_period: 60s
               per_series_aligner: ALIGN_MEAN
-              group_by_fields: ["resource.label.subscription_id"]
+              group_by_fields:
+                - resource.label.subscription_id
     documentation:
-      content: <% if (runbookLink) { %>[Runbook](<%-runbookLink%>)<%} else { %> <% } %>
+      subject: 'Subscription: `$${resource.label.subscription_id}`'
   messages_in_dlq:
     display_name: "[P3] <%-clan%> - Pub/Sub | Message(s) in DLQ"
     conditions:
@@ -187,9 +307,10 @@ pub_sub:
           aggregations:
             - alignment_period: 60s
               per_series_aligner: ALIGN_COUNT
-              group_by_fields: ["resource.label.subscription_id"]
+              group_by_fields:
+                - resource.label.subscription_id
     documentation:
-      content: <% if (runbookLink) { %>[Runbook](<%-runbookLink%>)<%} else { %> <% } %>
+      subject: 'Subscription: `$${resource.label.subscription_id}`'
   latency:
     display_name: "[P3] <%-clan%> - Pub/Sub | Response latency distribution"
     conditions:
@@ -205,9 +326,85 @@ pub_sub:
             - alignment_period: 60s
               per_series_aligner: ALIGN_DELTA
               cross_series_reducer: REDUCE_PERCENTILE_95
-              group_by_fields: ["resource.label.subscription_id"]
+              group_by_fields:
+                - resource.label.subscription_id
+    documentation:
+      subject: 'Subscription: `$${resource.label.subscription_id}`'
+  oldest_unacked_message_age:
+    display_name: "[P3] <%-clan%> - Pub/Sub | Oldest unacked message age"
+    conditions:
+      - display_name: Cloud Pub/Sub Subscription - Oldest unacked message age
+        condition_threshold:
+          filter: |
+            resource.type="pubsub_subscription"
+            metric.type="pubsub.googleapis.com/subscription/oldest_unacked_message_age"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 3600
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_MEAN
+              group_by_fields:
+                - resource.label.subscription_id
+    documentation:
+      subject: 'Subscription: `$${resource.label.subscription_id}`'
+  push_requests_ack:
+    display_name: "[P3] <%-clan%> - Pub/Sub | Push requests ack"
+    conditions:
+      - display_name: Cloud Pub/Sub Subscription - Push requests ack
+        condition_threshold:
+          filter: |
+            resource.type="pubsub_subscription"
+            metric.type="pubsub.googleapis.com/subscription/push_request_count"
+            metric.label.response_class!="ack"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 50
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_DELTA
+              group_by_fields:
+                - resource.label.subscription_id
     documentation:
-      content: <% if (runbookLink) { %>[Runbook](<%-runbookLink%>)<%} else { %> <% } %>
+      subject: 'Subscription: `$${resource.label.subscription_id}`'
+  push_requests_success:
+    display_name: "[P3] <%-clan%> - Pub/Sub | Push requests success"
+    conditions:
+      - display_name: Cloud Pub/Sub Subscription - Push requests success
+        condition_threshold:
+          filter: |
+            resource.type="pubsub_subscription"
+            metric.type="pubsub.googleapis.com/subscription/push_request_count"
+            metric.label.response_code!="200"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 50
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_DELTA
+              group_by_fields:
+                - resource.label.subscription_id
+    documentation:
+      subject: 'Subscription: `$${resource.label.subscription_id}`'
+  delivery_latency_health_score:
+    display_name: "[P3] <%-clan%> - Pub/Sub | Delivery latency health score"
+    conditions:
+      - display_name: Cloud Pub/Sub Subscription - Delivery latency health score above 0.5
+        condition_threshold:
+          filter: |
+            resource.type="pubsub_subscription"
+            metric.type="pubsub.googleapis.com/subscription/delivery_latency_health_score"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 0.5
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_DELTA
+              cross_series_reducer: REDUCE_PERCENTILE_95
+              group_by_fields:
+                - resource.label.subscription_id
+    documentation:
+      subject: 'Subscription: `$${resource.label.subscription_id}`'
 cloud_function:
   failed_execution:
     display_name: "[P2] <%-clan%> - Cloud Function | Failed job execution"
@@ -228,4 +425,149 @@ cloud_function:
                 - metric.label.status
                 - resource.label.function_name
     documentation:
-      content: <% if (runbookLink) { %>[Runbook](<%-runbookLink%>)<%} else { %> <% } %>
+      subject: 'Function: `$${resource.label.function_name}`'
+cloud_run:
+  error_count:
+    display_name: "[P3] <%-clan%> - Cloud Run | Error Count"
+    conditions:
+      - display_name: Cloud Run - Error Count
+        condition_threshold:
+          filter: |
+            resource.type="cloud_run_revision"
+            metric.type="run.googleapis.com/request_count"
+            metric.label.response_code_class="5xx"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 50
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_SUM
+              group_by_fields:
+                - resource.label.service_name
+    documentation:
+      subject: 'Service: `$${resource.label.service_name}`'
+  request_latency:
+    display_name: "[P3] <%-clan%> - Cloud Run | Request Latency"
+    conditions:
+      - display_name: Cloud Run - Request Latency
+        condition_threshold:
+          filter: |
+            resource.type="cloud_run_revision"
+            metric.type="run.googleapis.com/request_latencies"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 1000
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_PERCENTILE_95
+              group_by_fields:
+                - resource.label.service_name
+    documentation:
+      subject: 'Service: `$${resource.label.service_name}`'
+  cpu_utilization:
+    display_name: "[P3] <%-clan%> - Cloud Run | CPU Utilization"
+    conditions:
+      - display_name: Cloud Run - CPU Utilization
+        condition_threshold:
+          filter: |
+            resource.type="cloud_run_revision"
+            metric.type="run.googleapis.com/container/cpu/utilization"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 0.8
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_MEAN
+              group_by_fields:
+                - resource.label.service_name
+    documentation:
+      subject: 'Service: `$${resource.label.service_name}`'
+  memory_utilization:
+    display_name: "[P3] <%-clan%> - Cloud Run | Memory Utilization"
+    conditions:
+      - display_name: Cloud Run - Memory Utilization
+        condition_threshold:
+          filter: |
+            resource.type="cloud_run_revision"
+            metric.type="run.googleapis.com/container/memory/utilization"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 0.8
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_MEAN
+              group_by_fields:
+                - resource.label.service_name
+    documentation:
+      subject: 'Service: `$${resource.label.service_name}`'
+  startup_latency:
+    display_name: "[P4] <%-clan%> - Cloud Run | Startup Latency"
+    conditions:
+      - display_name: Cloud Run - Startup Latency
+        condition_threshold:
+          filter: |
+            resource.type="cloud_run_revision"
+            metric.type="run.googleapis.com/container/startup_latencies"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 1000
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_PERCENTILE_95
+              group_by_fields:
+                - resource.label.service_name
+    documentation:
+      subject: 'Service: `$${resource.label.service_name}`'
+spanner:
+  cpu_utilization_by_priority:
+    display_name: "[P1] <%-clan%> - Spanner | CPU Utilization by Priority"
+    conditions:
+      - display_name: Spanner - CPU Utilization by Priority
+        condition_threshold:
+          filter: |
+            resource.type="spanner_instance"
+            metric.type="spanner.googleapis.com/instance/cpu/utilization_by_priority"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 0.9
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_MEAN
+              group_by_fields:
+                - resource.label.instance_id
+    documentation:
+      subject: 'Instance: `$${resource.label.instance_id}`'
+  api_request_count:
+    display_name: "[P2] <%-clan%> - Spanner | API Request Count"
+    conditions:
+      - display_name: Spanner - API Request Count
+        condition_threshold:
+          filter: |
+            resource.type="spanner_instance"
+            metric.type="spanner.googleapis.com/api/api_request_count"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 1000
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_SUM
+              group_by_fields:
+                - resource.label.instance_id
+    documentation:
+      subject: 'Instance: `$${resource.label.instance_id}`'
+  request_latencies:
+    display_name: "[P3] <%-clan%> - Spanner | Request Latencies"
+    conditions:
+      - display_name: Spanner - Request Latencies
+        condition_threshold:
+          filter: |
+            resource.type="spanner_instance"
+            metric.type="spanner.googleapis.com/api/request_latencies"
+            resource.labels.project_id="<%-projectId%>"
+          threshold_value: 500
+          duration: 300s
+          aggregations:
+            - alignment_period: 60s
+              per_series_aligner: ALIGN_MEAN
+              group_by_fields:
+                - resource.label.instance_id
+    documentation:
+      subject: 'Instance: `$${resource.label.instance_id}`'

package/generators/common-resources/monitoring/templates/service/terragrunt.hcl

@@ -0,0 +1,37 @@
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  source = "git::https://github.com/extenda/tf-module-gcp-alert-policy//?ref=v2.0.0"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+  path = find_in_parent_folders("terragrunt_root.hcl")
+}
+
+dependency "notification_channels" {
+  config_path = "../notification-channels"
+  mock_outputs = {
+    notification_channels = ["dummy-channel"]
+  }
+}
+
+locals {
+  project_vars = read_terragrunt_config(find_in_parent_folders("project.hcl"))
+  common_vars  = read_terragrunt_config(find_in_parent_folders("common.hcl"))
+  alerts       = flatten([for file in fileset(get_terragrunt_dir(), "./*.yaml") : yamldecode(file(file))])
+  labels = merge(local.common_vars.locals.default_user_labels, local.project_vars.locals.default_user_labels, {
+    component    = local.common_vars.locals.component
+    product      = local.common_vars.locals.product
+    tenant-alias = local.common_vars.locals.tenant_alias
+  })
+}
+
+# These are the variables we have to pass in to use the module specified in the terragrunt configuration above
+inputs = {
+  project                        = local.project_vars.locals.project_id,
+  policies                       = local.alerts,
+  notification_channel_ids       = dependency.notification_channels.outputs.notification_channels,
+  fallback_notification_channels = dependency.notification_channels.outputs.fallback_channels_ids,
+  default_user_labels            = local.labels,
+}

package/generators/common-resources/monitoring/validate.js

@@ -10,7 +10,17 @@ const isUrl = (str) => {
   }
 };
 
-validate.hostName = (input) => {
+validate.clan = (input) => {
+  if (!hasWhitespace(input)) return true;
+  return 'Clan name must not include spaces';
+};
+
+validate.projectId = (input) => {
+  if (input.trim() !== '' && !hasWhitespace(input)) return true;
+  return 'Project ID must not be empty or contain spaces';
+};
+
+validate.hostname = (input) => {
   if (input.split('.').at(-1) === 'com' && !hasWhitespace(input)) return true;
   return 'Hostname must not include path to the page to run the check against or spaces';
 };
@@ -40,4 +50,9 @@ validate.pubSubSubscription = (input) => {
   return 'You must enter the full subscription path (example: projects/example/subscriptions/subscriptionId)';
 };
 
+validate.path = (input) => {
+  if (input.includes('/') && !hasWhitespace(input)) return true;
+  return 'Path must contain a slash and not include spaces';
+};
+
 module.exports = validate;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hiiretail/gcp-infra-cli",
-  "version": "0.94.0",
+  "version": "0.95.0",
   "description": "Infrastructure as code generator for GCP.",
   "main": "src/cli.js",
   "bin": {