-
Notifications
You must be signed in to change notification settings - Fork 461
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for authenticating by bearer or JWT token to mimirtool #2146
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the PR! A few minor comments below.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you.
Co-authored-by: Nick Pillitteri <56quarters@users.noreply.github.com>
Co-authored-by: Peter Štibraný <pstibrany@gmail.com>
b3af1b1
to
9285180
Compare
Question: After adding all above Flags I've ran |
I am afraid this is still updated manually. |
8c7b921
to
289c38c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!
@@ -11,6 +11,7 @@ This action is configured using environment variables defined in the workflow. T | |||
| `MIMIR_ADDRESS` | URL address for the target Mimir cluster | `false` | N/A | | |||
| `MIMIR_TENANT_ID` | ID for the desired tenant in the target Mimir cluster. Used as the username under HTTP Basic authentication. | `false` | N/A | | |||
| `MIMIR_API_KEY` | Optional password that is required for password-protected Mimir clusters. An encrypted [github secret](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets) is recommended. Used as the password under HTTP Basic authentication. | `false` | N/A | | |||
| `MIMIR_AUTH_TOKEN` | Optional bearer or JWT token that is required for Mimir clusters authenticating by bearer or JWT token. An encrypted [github secret](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets) is recommended. | `false` | N/A | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
| `MIMIR_AUTH_TOKEN` | Optional bearer or JWT token that is required for Mimir clusters authenticating by bearer or JWT token. An encrypted [github secret](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets) is recommended. | `false` | N/A | | |
| `MIMIR_AUTH_TOKEN` | Optional bearer or JWT token that is required for Mimir clusters authenticating by bearer or JWT token. | `false` | N/A | |
I would remove mention of "An encrypted github secret is recommended." because mimirtool
user cannot control what the Mimir installation (or gateway in front of it) is using.
But I see this is copied from MIMIR_API_KEY
description, so we can address both later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The reason why the GitHub secret is mentioned here is different. This is the mimir-rules-action
and it's suggesting to use a GitHub secret to hold this env variable value.
…rafana#2146) * Add Auth token support to mimirtool rules/alert/alertmanager commands * Update CHANGELOG.md Co-authored-by: Nick Pillitteri <56quarters@users.noreply.github.com> * Update pkg/mimirtool/commands/alerts.go Co-authored-by: Peter Štibraný <pstibrany@gmail.com> * make auth-token environment variable configurable * Updated error message to be more meaningful * Moved if condition to upper block for having better readability * Moved all if blocks to single switch block * Add docs for MIMIR_AUTH_TOKEN Co-authored-by: Nick Pillitteri <56quarters@users.noreply.github.com> Co-authored-by: Peter Štibraný <pstibrany@gmail.com>
What this PR does
This PR allows mimirtool to request mimir api set behind gateway which authenticating by bearer or JWT token. at this point of time it only supports basic auth.
Checklist
CHANGELOG.md
updated - the order of entries should be[CHANGE]
,[FEATURE]
,[ENHANCEMENT]
,[BUGFIX]