Add support for authenticating by bearer or JWT token to mimirtool #2146
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
|
56quarters
reviewed
Jun 20, 2022
Co-authored-by: Nick Pillitteri <56quarters@users.noreply.github.com>
Co-authored-by: Peter Štibraný <pstibrany@gmail.com>
javad-hajiani
force-pushed
the
mimirtool_auth_token
branch
from
b3af1b1
to
9285180
Compare
|
Question: After adding all above Flags I've ran |
I am afraid this is still updated manually. |
javad-hajiani
force-pushed
the
mimirtool_auth_token
branch
from
8c7b921
to
289c38c
Compare
56quarters
approved these changes
Jun 20, 2022
pstibrany
approved these changes
Jun 21, 2022
| @@ -11,6 +11,7 @@ This action is configured using environment variables defined in the workflow. T | |||
| | `MIMIR_ADDRESS` | URL address for the target Mimir cluster | `false` | N/A | | |||
| | `MIMIR_TENANT_ID` | ID for the desired tenant in the target Mimir cluster. Used as the username under HTTP Basic authentication. | `false` | N/A | | |||
| | `MIMIR_API_KEY` | Optional password that is required for password-protected Mimir clusters. An encrypted [github secret](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets) is recommended. Used as the password under HTTP Basic authentication. | `false` | N/A | | |||
| | `MIMIR_AUTH_TOKEN` | Optional bearer or JWT token that is required for Mimir clusters authenticating by bearer or JWT token. An encrypted [github secret](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets) is recommended. | `false` | N/A | | |||
There was a problem hiding this comment.
Suggested change
| | `MIMIR_AUTH_TOKEN` | Optional bearer or JWT token that is required for Mimir clusters authenticating by bearer or JWT token. An encrypted [github secret](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets) is recommended. | `false` | N/A | | |
| | `MIMIR_AUTH_TOKEN` | Optional bearer or JWT token that is required for Mimir clusters authenticating by bearer or JWT token. | `false` | N/A | |
I would remove mention of "An encrypted github secret is recommended." because mimirtool user cannot control what the Mimir installation (or gateway in front of it) is using.
But I see this is copied from MIMIR_API_KEY description, so we can address both later.
There was a problem hiding this comment.
The reason why the GitHub secret is mentioned here is different. This is the mimir-rules-action and it's suggesting to use a GitHub secret to hold this env variable value.
masonmei
pushed a commit
to udmire/mimir
that referenced
this pull request
Jul 11, 2022
…rafana#2146) * Add Auth token support to mimirtool rules/alert/alertmanager commands * Update CHANGELOG.md Co-authored-by: Nick Pillitteri <56quarters@users.noreply.github.com> * Update pkg/mimirtool/commands/alerts.go Co-authored-by: Peter Štibraný <pstibrany@gmail.com> * make auth-token environment variable configurable * Updated error message to be more meaningful * Moved if condition to upper block for having better readability * Moved all if blocks to single switch block * Add docs for MIMIR_AUTH_TOKEN Co-authored-by: Nick Pillitteri <56quarters@users.noreply.github.com> Co-authored-by: Peter Štibraný <pstibrany@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What this PR does
This PR allows mimirtool to request mimir api set behind gateway which authenticating by bearer or JWT token. at this point of time it only supports basic auth.
Checklist
CHANGELOG.mdupdated - the order of entries should be[CHANGE],[FEATURE],[ENHANCEMENT],[BUGFIX]