Support prometheus metrics

examples/simple/deploy/01_simple-csi-driver.yaml

@@ -59,7 +59,7 @@ spec:
             allowPrivilegeEscalation: false
             capabilities: { drop: [ "ALL" ] }
             readOnlyRootFilesystem: true
-          image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.13.0
+          image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.14.0
           args:
             - --v=5
             - --csi-address=/plugin/csi.sock
@@ -94,6 +94,10 @@ spec:
                   fieldPath: spec.nodeName
             - name: CSI_ENDPOINT
               value: unix://plugin/csi.sock
+          ports:
+            - containerPort: 9402
+              name: http-metrics
+              protocol: TCP
           volumeMounts:
             - name: plugin-dir
               mountPath: /plugin

examples/simple/deploy/02_example-app.yaml

@@ -48,7 +48,7 @@ spec:
         runAsUser: 2000
       containers:
         - name: my-frontend
-          image: busybox:1.35.0
+          image: busybox:1.36.1
           volumeMounts:
           - mountPath: "/tls"
             name: tls

examples/simple/go.mod

@@ -7,6 +7,9 @@ replace github.com/cert-manager/csi-lib => ../../
 require (
 	github.com/cert-manager/cert-manager v1.18.2
 	github.com/cert-manager/csi-lib v0.0.0-00010101000000-000000000000
+	github.com/go-logr/logr v1.4.3
+	github.com/prometheus/client_golang v1.22.0
+	golang.org/x/sync v0.15.0
 	k8s.io/client-go v0.34.1
 	k8s.io/klog/v2 v2.130.1
 	k8s.io/utils v0.0.0-20250604170112-4c0f3b243397
@@ -23,7 +26,6 @@ require (
 	github.com/fxamacker/cbor/v2 v2.9.0 // indirect
 	github.com/go-asn1-ber/asn1-ber v1.5.6 // indirect
 	github.com/go-ldap/ldap/v3 v3.4.8 // indirect
-	github.com/go-logr/logr v1.4.3 // indirect
 	github.com/go-logr/zapr v1.3.0 // indirect
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
@@ -43,7 +45,6 @@ require (
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
-	github.com/prometheus/client_golang v1.22.0 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/common v0.62.0 // indirect
 	github.com/prometheus/procfs v0.15.1 // indirect

examples/simple/go.sum

@@ -198,6 +198,8 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
+golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=

examples/simple/main.go

@@ -28,21 +28,27 @@ import (
 	"flag"
 	"fmt"
 	"net"
+	"net/http"
 	"net/url"
 	"strings"
 	"time"
 
 	cmapi "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1"
 	cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1"
 	cmclient "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned"
+	"github.com/cert-manager/cert-manager/pkg/client/informers/externalversions"
 	"github.com/cert-manager/cert-manager/pkg/util/pki"
+	"github.com/go-logr/logr"
+	"github.com/prometheus/client_golang/prometheus"
+	"golang.org/x/sync/errgroup"
 	"k8s.io/client-go/rest"
 	"k8s.io/klog/v2/klogr"
 	"k8s.io/utils/clock"
 
 	"github.com/cert-manager/csi-lib/driver"
 	"github.com/cert-manager/csi-lib/manager"
 	"github.com/cert-manager/csi-lib/metadata"
+	"github.com/cert-manager/csi-lib/metrics"
 	"github.com/cert-manager/csi-lib/storage"
 )
 
@@ -104,13 +110,29 @@ func main() {
 
 	store.FSGroupVolumeAttributeKey = FsGroupKey
 
-	d, err := driver.New(context.Background(), *endpoint, log, driver.Options{
+	cmClient := cmclient.NewForConfigOrDie(restConfig)
+
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	certRequestInformerFactory := externalversions.NewSharedInformerFactory(cmClient, 5*time.Second)
+	certRequestInformer := certRequestInformerFactory.Certmanager().V1().CertificateRequests()
+	metricsHandler := metrics.New(*nodeID, &log, prometheus.NewRegistry(), store, certRequestInformer.Lister())
+
+	go func() {
+		err := startMetricsServer(ctx, log, metricsHandler, certRequestInformerFactory)
+		if err != nil {
+			panic("failed to setup metrics server: " + err.Error())
+		}
+	}()
+
+	d, err := driver.New(ctx, *endpoint, log, driver.Options{
 		DriverName:    "csi.cert-manager.io",
 		DriverVersion: "v0.0.1",
 		NodeID:        *nodeID,
 		Store:         store,
 		Manager: manager.NewManagerOrDie(manager.Options{
-			Client:             cmclient.NewForConfigOrDie(restConfig),
+			Client:             cmClient,
 			MetadataReader:     store,
 			Clock:              clock.RealClock{},
 			Log:                &log,
@@ -119,6 +141,7 @@ func main() {
 			GenerateRequest:    generateRequest,
 			SignRequest:        signRequest,
 			WriteKeypair:       (&writer{store: store}).writeKeypair,
+			Metrics:            metricsHandler,
 		}),
 	})
 	if err != nil {
@@ -351,3 +374,50 @@ func keyUsagesFromAttributes(usagesCSV string) []cmapi.KeyUsage {
 
 	return keyUsages
 }
+
+// startMetricsServer starts a server listening on port 9402, until the supplied context is cancelled,
+// after which the server will gracefully shutdown (within 5 seconds).
+func startMetricsServer(
+	rootCtx context.Context,
+	logger logr.Logger,
+	metricsHandler *metrics.Metrics,
+	certRequestInformerFactory externalversions.SharedInformerFactory,
+) error {
+	g, ctx := errgroup.WithContext(rootCtx)
+
+	listenConfig := &net.ListenConfig{}
+	metricsLn, err := listenConfig.Listen(ctx, "tcp", ":9402")
+	if err != nil {
+		return err
+	}
+	metricsServer := &http.Server{
+		Addr:           metricsLn.Addr().String(),
+		ReadTimeout:    8 * time.Second,
+		WriteTimeout:   8 * time.Second,
+		MaxHeaderBytes: 1 << 20, // 1 MiB
+		Handler:        metricsHandler.DefaultHandler(),
+	}
+
+	g.Go(func() error {
+		certRequestInformerFactory.Start(ctx.Done())
+		certRequestInformerFactory.WaitForCacheSync(ctx.Done())
+		return nil
+	})
+	g.Go(func() error {
+		<-rootCtx.Done()
+		// allow a timeout for graceful shutdown
+		shutdownCtx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+		defer cancel()
+
+		// nolint: contextcheck
+		return metricsServer.Shutdown(shutdownCtx)
+	})
+	g.Go(func() error {
+		logger.Info("starting metrics server", "address", metricsLn.Addr())
+		if err := metricsServer.Serve(metricsLn); err != http.ErrServerClosed {
+			return err
+		}
+		return nil
+	})
+	return g.Wait()
+}

go.mod

@@ -7,6 +7,7 @@ require (
 	github.com/container-storage-interface/spec v1.11.0
 	github.com/go-logr/logr v1.4.3
 	github.com/kubernetes-csi/csi-lib-utils v0.22.0
+	github.com/prometheus/client_golang v1.22.0
 	github.com/stretchr/testify v1.11.1
 	google.golang.org/grpc v1.75.0
 	k8s.io/apimachinery v0.34.1
@@ -17,12 +18,15 @@ require (
 )
 
 require (
+	github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/blang/semver/v4 v4.0.0 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/emicklei/go-restful/v3 v3.12.2 // indirect
 	github.com/fxamacker/cbor/v2 v2.9.0 // indirect
+	github.com/go-asn1-ber/asn1-ber v1.5.6 // indirect
+	github.com/go-ldap/ldap/v3 v3.4.8 // indirect
 	github.com/go-logr/zapr v1.3.0 // indirect
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
@@ -34,14 +38,14 @@ require (
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/kylelemons/godebug v1.1.0 // indirect
 	github.com/mailru/easyjson v0.9.0 // indirect
 	github.com/moby/sys/mountinfo v0.7.2 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
-	github.com/prometheus/client_golang v1.22.0 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/common v0.62.0 // indirect
 	github.com/prometheus/procfs v0.15.1 // indirect
@@ -54,6 +58,7 @@ require (
 	go.uber.org/zap v1.27.0 // indirect
 	go.yaml.in/yaml/v2 v2.4.2 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
+	golang.org/x/crypto v0.39.0 // indirect
 	golang.org/x/net v0.41.0 // indirect
 	golang.org/x/oauth2 v0.30.0 // indirect
 	golang.org/x/sys v0.33.0 // indirect