Add an api source operator
#3630
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dominiklohmann
added
feature
dominiklohmann
force-pushed
the
topic/api-operator
branch
from
6024df0
to
bdf6899
Compare
dominiklohmann
force-pushed
the
topic/api-operator
branch
3 times, most recently
from
f6562c1
to
eb935bb
Compare
mavam
approved these changes
Nov 8, 2023
This operator makes it possible to use Tenzir's REST API without going through the `web` plugin's locally spun up server. This is mostly motivated by a testing use case: Right now, all of our internal tests use `curl` to test API endpoints, which can be very hard to test, and always adds an implicit dependency to the `web` plugin. The syntax is very simple: ``` api <endpoint> [<key=value>...] ``` For example, to create a pipeline in the pipeline manager API: ``` api /pipeline/create "name=Suricata Import" "definition=load file /tmp/eve.sock | read suricata | import" ``` The operator parses the API response and returns it as an event, which makes it possible to interact with it just like any other data: ``` api /pipeline/list | write yaml ```
This makes it easier to set labels, as interacting with lists of record parameters was not easily possible with the previous API.
dominiklohmann
force-pushed
the
topic/api-operator
branch
from
aa25c87
to
3122aa2
Compare
rdettai
reviewed
Nov 13, 2023
rdettai
reviewed
Nov 14, 2023
|
I tested a build of the latest demo node against the platform integration test and it failed, I need a moment to understand why |
rdettai
approved these changes
Nov 14, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This operator makes it possible to use Tenzir's REST API without going through the
webplugin's locally spun up server. This is mostly motivated by a testing use case: Right now, all of our internal tests usecurlto test API endpoints, which can be very hard to test, and always adds an implicit dependency to thewebplugin.The syntax is very simple:
For example, to create a pipeline in the pipeline manager API:
The operator parses the API response and returns it as an event, which makes it possible to interact with it just like any other data: