High label cardinality issue

[sergioasantiago]

After a successful deployment of dependency-track-exporter, I start receiving alerts in our infrastructure because the exporter is generating labels with high cardinalities.

It is a known issue when taking into account Prometheus performance as stated in this article Cardinality is key by Robust Perception

After a deep investigation, I found that the offender metric is dependency_track_project_policy_violations which has a label uuid that can explode the number of combinations.

I would suggest dropping the uuid label since it doesn't bring benefits in this case as we already have the project name.

Unfortunately, I'm not a good Go developer, but I would be happy to help in any other way.