New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Query UI: Add tenant box #6867
Query UI: Add tenant box #6867
Conversation
a394cb5
to
99e7d4c
Compare
Overall I think the UI is neat. But I do have one question. I assume this feature is mainly used for testing purpose. Is it correct? |
bsSize="sm" | ||
onChange={this.handleChangeTenant} | ||
placeholder={`${defaultTenant}`} | ||
value={options.tenant} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need any validation for the tenant value? Or we want to rely on Thanos backend to do it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's currently just the following validation in the backend:
Line 38 in ec6b8b6
func IsTenantValid(tenant string) error { |
I'm not sure if it makes sense to do any more format validation of the tenant? For receive this is also the only thing we have in place.
In general for the tenancy features, Thanos doesn't do any authentication. If someone has access to the query API, there is nothing stopping anyone from setting an arbitrary tenant with the HTTP headers. It's assumed that you will put something in front of the query API to authenticate users and set the correct tenant. For the UI specifically, at least as implemented here, I think it should not be exposed directly to end-users if tenancy enforcement is in place. If needed in the future, I think it could be possible to implement this in a way which would allow someone to setup a proxy in front of the UI that first authenticate users, and then set the tenant before reaching the UI, but I am not sure if anyone has that usecase. |
99e7d4c
to
b530d4a
Compare
Rebased on latest main, and also added changelog. Currently the auto-completetion will always use the default tenant, but we need an improvement in the Prometheus library to implement that. I would suggest we can merge this meanwhile (or at latest shortly after #6756 is merged) |
With this commit as tenant box is added to the query UI. It can be used to specify which tenant to use when making a query. Signed-off-by: Jacob Baungard Hansen <jacobbaungard@redhat.com>
Recompiles the static react app as now needed following: thanos-io#6900 Signed-off-by: Jacob Baungard Hansen <jacobbaungard@redhat.com>
b530d4a
to
dc536e4
Compare
Rebased on main and re-generated the react ui as needed following: #6900 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Signed-off-by: Jacob Baungard Hansen <jacobbaungard@redhat.com>
Signed-off-by: Jacob Baungard Hansen <jacobbaungard@redhat.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Let's merge this. Let's make this textbox optional in a follow-up PR, which is tied to enforcement options
After merging it was under the 0.34 release. Signed-off-by: Jacob Baungard Hansen <jacobbaungard@redhat.com>
Signed-off-by: Jacob Baungard Hansen <jacobbaungard@redhat.com>
* Query UI: Add tenant box With this commit as tenant box is added to the query UI. It can be used to specify which tenant to use when making a query. Signed-off-by: Jacob Baungard Hansen <jacobbaungard@redhat.com> * Re-compile static react app Recompiles the static react app as now needed following: thanos-io#6900 Signed-off-by: Jacob Baungard Hansen <jacobbaungard@redhat.com> * Move changelog item to appropiate future release After merging it was under the 0.34 release. Signed-off-by: Jacob Baungard Hansen <jacobbaungard@redhat.com> * Move query path tenancy proposal to done Signed-off-by: Jacob Baungard Hansen <jacobbaungard@redhat.com> --------- Signed-off-by: Jacob Baungard Hansen <jacobbaungard@redhat.com>
Changes
Verification
query.tenant-header
optionTodo
Add tenant header to label calls used during autocompletionCan be done in followup once codemirror-promql: Add request header to client prometheus/prometheus#13118 has been released.