From 9420506faeb29f7b66f4f4f153134ae3a8af16d4 Mon Sep 17 00:00:00 2001
From: Daniel Nephin <dnephin@hashicorp.com>
Date: Wed, 4 Aug 2021 13:26:36 -0400
Subject: [PATCH] telemetry: fix a couple bugs in cert expiry metrics

1. do not emit the metric if Query fails
2. properly check for PrimaryUsersIntermediate, the logic was inverted

Also improve the logging by including the metric name in the log message
---
 agent/consul/leader_metrics.go | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/agent/consul/leader_metrics.go b/agent/consul/leader_metrics.go
index fb1eaa9cd2..42ac50c37e 100644
--- a/agent/consul/leader_metrics.go
+++ b/agent/consul/leader_metrics.go
@@ -5,6 +5,7 @@ import (
 	"crypto/x509"
 	"errors"
 	"fmt"
+	"strings"
 	"time"
 
 	"github.com/armon/go-metrics"
@@ -73,12 +74,10 @@ func signingCAExpiryMonitor(s *Server) CertExpirationMonitor {
 			Query: func() (time.Duration, error) {
 				provider, _ := s.caManager.getCAProvider()
 
-				if _, ok := provider.(ca.PrimaryUsesIntermediate); !ok {
+				if _, ok := provider.(ca.PrimaryUsesIntermediate); ok {
 					return getActiveIntermediateExpiry(s)
 				}
-
 				return getRootCAExpiry(s)
-
 			},
 		}
 	}
@@ -129,6 +128,8 @@ func (m CertExpirationMonitor) Monitor(ctx context.Context) error {
 	ticker := time.NewTicker(certExpirationMonitorInterval)
 	defer ticker.Stop()
 
+	logger := m.Logger.With("metric", strings.Join(m.Key, "."))
+
 	for {
 		select {
 		case <-ctx.Done():
@@ -136,7 +137,8 @@ func (m CertExpirationMonitor) Monitor(ctx context.Context) error {
 		case <-ticker.C:
 			d, err := m.Query()
 			if err != nil {
-				m.Logger.Warn("failed to emit certificate expiry metric", "error", err)
+				logger.Warn("failed to emit certificate expiry metric", "error", err)
+				continue
 			}
 			expiry := d / time.Second
 			metrics.SetGaugeWithLabels(m.Key, float32(expiry), m.Labels)