-
Notifications
You must be signed in to change notification settings - Fork 22
NETOBSERV-1798: fix auto-completion as non-admin #577
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
@jotak: This pull request references NETOBSERV-1798 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.18.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@jpinsonneau FYI I need to check how that fits with #571 - some bits need probably to be adapted |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #577 +/- ##
==========================================
- Coverage 56.29% 56.21% -0.08%
==========================================
Files 190 190
Lines 9289 9303 +14
Branches 1197 1197
==========================================
+ Hits 5229 5230 +1
- Misses 3691 3704 +13
Partials 369 369
Flags with carried forward coverage won't be shown. Click here to find out more.
|
Actually, forget about it: I was thinking about removing the workaround that says
since now we handle multi-tenancy via prom's in the dev console; but that workaround is still useful when non-admin users run queries from the admin console, ie. not namespace-constrained. So I think this PR is ok (there will just be minor conflicts with the other one) |
if code == http.StatusUnauthorized || code == http.StatusForbidden { | ||
// In case this was a prometheus 401 / 403 error, the query is repeated with Loki | ||
// This is because multi-tenancy is currently not managed for prom datasource, hence such queries have to go with Loki | ||
// Unfortunately we don't know a safe and generic way to pre-flight check if the user will be authorized | ||
hlog.Info("Retrying with Loki...") | ||
// continuing with loki below | ||
} else { | ||
return nil, code, fmt.Errorf("error while fetching label %s values from Prometheus: %w", label, err) | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think we'll need that case as we get https://github.com/netobserv/network-observability-console-plugin/pull/589/files#diff-017f9ad356145a3e9c8d08ec33d1b5e694bc4820f301ad6d5c6470005eaf8a38 changes 🤔
The namespace was missing in the query params so we always query the admin prom
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the error is not only in dev perspective but also in admin perspective, when logged in with a non-cluster-admin.. so I think it's still relevant for that case
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
correct, let's keep it then !
- When there's permission issue with prom user, fallback on using loki (like we also do for regular metrics queries) - Do not try using prom for labels not in prom metrics - Fix misleading error messages - Do not disallow filter creation in case of autocompletion error
f37a30e
to
5a34fc9
Compare
@jotak: This pull request references NETOBSERV-1798 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.18.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
closing because I'm merging this PR into Julien's #589 |
Description
Dependencies
n/a
Checklist
If you are not familiar with our processes or don't know what to answer in the list below, let us know in a comment: the maintainers will take care of that.