in_podman_metrics: add exclude_name_regex option

[stondo]

Summary

Add an optional exclude_name_regex configuration option to in_podman_metrics
that skips containers whose name matches a user-supplied regular expression,
before their metrics are collected and emitted.

This mirrors the regex-filtering model already used elsewhere in Fluent Bit,
e.g. netdev.ignore_device_regex in in_node_exporter_metrics. A typical use
is dropping Podman pod infrastructure containers, for example
exclude_name_regex '-(infra|service)$' to skip the pause and catatonit
containers that carry no useful application metrics.

The option defaults to unset, so existing behaviour (collect every container)
is unchanged and the feature is fully opt-in.

Example configuration

pipeline:
  inputs:
    - name: podman_metrics
      scrape_interval: 60
      exclude_name_regex: '-(infra|service)$'

Implementation

• New FLB_CONFIG_MAP_STR option exclude_name_regex (default NULL).
• The regex is compiled once in in_metrics_init via flb_regex_create.
• Init-failure handling: a syntactically invalid regex fails init cleanly
  (flb_free(ctx); return -1) before flb_input_set_context and
  flb_input_set_collector_time, so no collector is ever armed against an
  uninitialised context.
• During collect_container_data, a container is skipped when its name matches
  the compiled regex; otherwise it is added and counted as before.
• The compiled regex is released in in_metrics_exit.

Testing

• Built and run against Podman pods on an aarch64 Linux device.
• With exclude_name_regex '-(infra|service)$': only application containers
  emit metrics; pod -infra/-service (pause/catatonit) containers are
  excluded at the source. Verified via the prometheus exporter output.
• With the option unset: output identical to current behaviour (every
  container emitted).
• Invalid regex: init fails with could not compile exclude_name_regex '<value>',
  no crash and no armed collector.

Documentation

• A companion documentation PR for fluent-bit-docs documents the new
  exclude_name_regex option.

---

Signed-off-by: Stefano Tondo stondo@gmail.com

Summary by CodeRabbit

Release Notes

• New Features

  • Podman metrics plugin can now exclude containers from metrics collection by matching container names against a user-supplied regular expression (exclude_name_regex).

• Bug Fixes

  • When container image name metadata is missing, the plugin now reports it as "unknown" instead of leaving it unset.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2294e5b2-135f-4099-b45e-382ed25a16dc

📥 Commits

Reviewing files that changed from the base of the PR and between 3cff87a and e7ae0d1.

📒 Files selected for processing (3)

• plugins/in_podman_metrics/podman_metrics.c
• plugins/in_podman_metrics/podman_metrics.h
• plugins/in_podman_metrics/podman_metrics_config.h

🚧 Files skipped from review as they are similar to previous changes (3)

• plugins/in_podman_metrics/podman_metrics_config.h
• plugins/in_podman_metrics/podman_metrics.h
• plugins/in_podman_metrics/podman_metrics.c

---

📝 Walkthrough

Walkthrough

The podman_metrics input plugin gains an exclude_name_regex configuration option. The struct gains two new fields for the raw text and compiled regex. During initialization the regex is compiled from the text; at collection time containers whose names match are skipped; at exit the compiled regex is destroyed.

Changes

Container Name Exclusion via Regex

Layer / File(s)	Summary
Struct fields and config map entry plugins/in_podman_metrics/podman_metrics_config.h, plugins/in_podman_metrics/podman_metrics.h	struct flb_in_metrics gains exclude_name_regex_text (flb_sds_t) and exclude_name_regex (struct flb_regex*); the config map wires the exclude_name_regex key with a NULL default, an offset to exclude_name_regex_text, and inline documentation with an example pattern.
Regex lifecycle and collection filtering plugins/in_podman_metrics/podman_metrics.c	Includes flb_regex.h; in_metrics_init compiles the regex from text, returning -1 on failure; the container collection loop skips and logs containers whose names match the compiled regex; in_metrics_exit destroys the compiled regex.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐇 Hop hop, a regex I wield,
To filter containers from the field.
If your name doth match my rule,
You shall not pass — that's the tool!
Skipped with a log and a cheerful bound,
Only the wanted ones are found. 🌿

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'in_podman_metrics: add exclude_name_regex option' clearly and concisely summarizes the main change: adding a new configuration option to the podman metrics plugin.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[stondo]

Companion documentation PR: fluent/fluent-bit-docs#2604

Testing evidence

Built via Yocto (Fluent Bit 5.0.2 base) and run on an aarch64 Linux device
with Podman pods. Config:

pipeline:
  inputs:
    - name: podman_metrics
      scrape_interval: 60
      scrape_on_start: true
      exclude_name_regex: '-(infra|service)$'

With 9 containers running (3 application + 6 pod -infra/-service), only the
3 application containers emit metrics; all 6 infra/service containers are
excluded at the source. Sample from the Prometheus exporter:

container_memory_usage_bytes{name="ti-logcreator-pod-ti-logcreator",...} 790528
container_memory_usage_bytes{name="example-app-pod-example-app",...} 16777216
container_memory_usage_bytes{name="gw-cloud-connector-pod-gw-cloud-connector",...} 29143040

No -infra/-service series present. With the option unset, output is
unchanged (all 9 containers emitted). An invalid regex fails init cleanly with
could not compile exclude_name_regex '<value>' and leaves no collector armed.

I can add Valgrind output from a dedicated local build if that is required for
the review gate.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@plugins/in_podman_metrics/podman_metrics.c`:
- Around line 451-460: The ctx->exclude_name_regex is allocated on line 453 but
not freed when subsequent initialization failures occur at later return paths.
To fix this, add a call to flb_regex_destroy on ctx->exclude_name_regex before
any flb_free(ctx) and return statement that comes after the regex compilation,
particularly at the error paths around line 467 and line 499 where init can
fail. Ensure that all error return paths after ctx->exclude_name_regex is
created properly clean up the compiled regex object to prevent memory leaks on
failed plugin initialization.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 897e2997-f1c6-4a11-8388-98625cba7b5e

📥 Commits

Reviewing files that changed from the base of the PR and between 9bf9c1b and 3cff87a.

📒 Files selected for processing (3)

• plugins/in_podman_metrics/podman_metrics.c
• plugins/in_podman_metrics/podman_metrics.h
• plugins/in_podman_metrics/podman_metrics_config.h

[stondo]

Superseded by #11970. This PR's head was accidentally orphaned by a force-push from a shallow clone (the commit lost its parent, so the diff exploded to the whole tree and GitHub auto-closed it). The identical change, with clean history and the leak-fix on the init error paths, is now in #11970.