-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support v3 APIs and basic auth in Kafka Contact Point #28
Conversation
Hey Guys! |
Related issue: grafana/grafana#41176 |
Hi, thanks very much for this contribution 👋 At first glance, this seems like a reasonable change!
Yes, this will automatically create UI elements to match your new fields, so they will be visible and editable in the UI. Regarding password in the DB vs. in a file, there are a few additional considerations to take into account:
Additionally, some pointers that may be of help here:
We offer a way around this, sending a
The provisioning files also allow environment variables to be referenced. A common pattern that we see is to mount the secret as an environment variable rather than a file, then have the provisioning file point to it. |
Thanks for the review @alexweav !
Sounds good, I will raise another PR for this. I think I agree with your points of needing to allow for a password.
The problem with this is that changes in the secret will not propagate to the container's ENV variable.
This is where I am coming from: My workplace wants us rotating passwords very frequently - every 15 mins or so. So, I would prefer the password be in a secret and mounted as a file. I would like to avoid frequent restarts of Grafana. Given that there are uses for both the approaches, shall I go ahead with supporting them both please? |
@alexweav Here are the corresponding changes for the UI: grafana/grafana#61123 |
Given grafana/grafana#60655, I am assuming that the earliest release this change can only go into is 9.4. Is that correct? |
Added upgrade test results to the PR description. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Generally, good change. Only serious concern is about loading secrets from file.
LGTM after the suggestion above is committed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Thanks!
Thank you for reviewing @yuri-tceretian ! |
Oh, I can't merge it! It says "Only those with write access to this repository can merge pull requests." |
Can someone also look at the corresponding UI changers on grafana please? grafana/grafana#61123 |
What?
This commit does the following,
Basic Auth
When creating a Kafka Rest Proxy Contact Point on Grafana, users should now be able to use basic auth.
They can specific a username and can choose to either specify the password or let the password be read from a file on
the grafana server.
Like this,
Additionally, when the user chooses to supply the password as a file on the server, the password is re-read from the file on
an API failure. This is to allow the password to be changed without needing to restart the grafana server.
v3 Kafka APIs
The existing Kafka Contact Point only supported v2 APIs. While this was fine till now - newer systems are moving towards v3. Confluent is already only deploying v3 APIs for their Kafka Cloud Clusters.
This commit adds support to allow using v3 APIs to publish messages to kafka.
When creating the contact point, the user can now choose the API version they would like to use. By default, v2 will be used.
Testing
TODO: Verify that the contact points created before this change continue to load fine after upgrading to this.Tested upgrade from 9.3.1 to main(v9.4.0-pre (d9be87c22d)) The previously provisioned kafka contact point was working as expected after the upgrade.Things I need help with
1. How do I build and test this with Grafana?2. How do I know/specify which Grafana's release will this go into?
CHANGELOG
References
Credits
Something similar was done in this PR. Which I referenced: grafana/grafana#41227