Co-Authored-By: Kelvin Wang <sherkrainwang@gmail.com>
Co-Authored-By: Michael Desa <mjdesa@gmail.com>
Co-Authored-By: Christopher M. Wolff <chris.wolff@influxdata.com>
feat(influxdb): add generic store for documents
feat(influxdb): support authorizations in document store
feat(influxdb): support orgs in user resource mapping
feat(influxdb): add read-only included field on documents
feat(influxdb): add labels support to documents service
fix(influxdb): rename data field to content on documents
feat(influxdb): add with org id options for document store
feat(http): add templates swagger
feat(influxdb): add documentation to document options
doc(kv): add documentation for kv document store
test(kv): pull document tests in to the testing package
fix(http): fix swagger specification of templates endpoints
Co-authored-by: Mark Rushakoff <mark@influxdata.com>
Tasks instantiates the query service but does not know the token
it will use ahead of time. This allows the token to be optionally
set on contex.
The previous "." argument with "-ignore go" accidentally matched
README.md and Makefile too, neither of which we care to actually include
as assets.
Now we just explicitly include swagger.yml. It's simple enough to add
another file to the go:generate line if and when we need it.
In the platform adapter, we ask the URM for a list of tasks the user
owns, and then we look up each task individually.
The task service tests uncovered a legitimate bug where FindTasks would
return a "task not found" error, originating from looking up a task that
was present when we interrogated the URM but was deleted before we could
find it in the task store.
This change also removes duplicated URM logic from the HTTP handler
which has since been pushed down into the platform adapter.
The query system specifically expects an Authorization. When a request
comes in using a Session, use the target task's Authorization, if we are
allowed to read it, when executing a query against the system bucket.
Previously the APIBackend understood only a ProxyQueryService,
but it needs to understand that there are two implementations of the
ProxyQueryService one for handling InfluxQL queries and one for handling
Flux queries. The names of the fields have been updated to make this
clear. As well as the FluxBackend is now initialized using the
FluxService explicitly.
Also set the generated token's description while we're here.
This enables us to use task's Authorization when we need to query the
system bucket to get run logs, etc. but we only have a Session.
The YAML parser used by the go-openapi libraries treats an unquoted y as
a boolean key, which will lead to a difficult-to-understand parser
error:
types don't match expect map key string or int got: bool
See also https://yaml.org/type/bool.html.
* feat(kv:inmem:bolt): implement user service in a kv
* refactor(kv): use consistent func receiver name
* feat(kv): add initial basic auth service
* refactor(passwords): move auth interface into own file
* refactor(passwords): rename basic auth files to passwords
* refactor(passwords): rename from BasicAuth to Passwords
* refactor(kv): copy bolt user test into kv
Co-authored-by: Michael Desa <mjdesa@gmail.com>
* feat(kv): add inmem testing to kv store
* fix(kv): remove extra user index initialization
* feat(kv): attempt at making errors nice
* fix(http): return not found error if filter is invalid
* fix(http): s/platform/influxdb/ for user service
* fix(http): s/platform/influxdb/ for user service
* feat(kv): initial port of telegraf configs to kv
* feat(kv): first pass at migrating bolt org service to kv
* feat(kv): first pass at bucket service
* feat(kv): first pass at migrating kvlog to kv package
* feat(kv): add resource op logs
* feat(kv): first pass at user resource mapping migration
* feat(kv): add urm usage to bucket and org services
* feat(kv): first pass at kv authz service
* feat(kv): add cascading auth delete for users
* feat(kv): first pass d authorizer.OrganizationService in kv
* feat(cmd/influxd/launcher): user kv services where appropriate
* fix(kv): initialize authorizations
* fix(influxdb): use same buckets while slowly migrating stuff
* fix(kv): make staticcheck pass
* feat(kv): add dashboards to kv
review: make suggestions from pr review
fix: use common bucket names for bolt/kv stores
* test(kv): add complete password test coverage
* chore(kv): fixes for staticcheck
* feat(kv): implement labels generically on kv
* feat(kv): implement macro service
* feat(kv): add source service
* feat(kv): add session service
* feat(kv): add kv secret service
* refactor(kv): update telegraf and urm with error messages
* feat(kv): add lookup service
* feat(kv): add kv onboarding service
* refactor(kv): update telegraf to avoid repetition
* feat(cmd/influxd): use kv lookup service
* feat(kv): add telegraf to lookup service
* feat(cmd/influxd): use kv telegraf service
* feat(kv): initial port of scrapers in bolt to kv
* feat(kv): update scraper error messaging
* feat(cmd/influxd): add kv scraper
* feat(kv): add inmem backend tests
* refactor(kv): copy paste errors
* refactor(kv): add code to password errors
* fix(testing): update error messages for incorrect passwords
* feat(kv:inmem:bolt): implement user service in a kv
* refactor(kv): use consistent func receiver name
* refactor(kv): copy bolt user test into kv
Co-authored-by: Michael Desa <mjdesa@gmail.com>
* feat(kv): add inmem testing to kv store
* fix(kv): remove extra user index initialization
* feat(kv): attempt at making errors nice
* fix(http): return not found error if filter is invalid
* fix(http): s/platform/influxdb/ for user service
* feat(kv): first pass at migrating bolt org service to kv
* feat(kv): first pass at bucket service
* feat(kv): first pass at migrating kvlog to kv package
* feat(kv): add resource op logs
* feat(kv): first pass at user resource mapping migration
* feat(kv): add urm usage to bucket and org services
* feat(kv): first pass at kv authz service
* feat(kv): add cascading auth delete for users
* feat(kv): first pass d authorizer.OrganizationService in kv
* feat(cmd/influxd/launcher): user kv services where appropriate
* feat(kv): add initial basic auth service
* refactor(passwords): move auth interface into own file
* refactor(passwords): rename basic auth files to passwords
* fix(http): s/platform/influxdb/ for user service
* fix(kv): initialize authorizations
* fix(influxdb): use same buckets while slowly migrating stuff
* fix(kv): make staticcheck pass
* feat(kv): add dashboards to kv
review: make suggestions from pr review
fix: use common bucket names for bolt/kv stores
* feat(kv): implement labels generically on kv
* refactor(passwords): rename from BasicAuth to Passwords
* test(kv): add complete password test coverage
* chore(kv): fixes for staticcheck
* feat(kv): implement macro service
* feat(kv): add source service
* feat(kv): add session service
* feat(kv): initial port of telegraf configs to kv
* feat(kv): initial port of scrapers in bolt to kv
* feat(kv): add kv secret service
* refactor(kv): update telegraf and urm with error messages
* feat(kv): add lookup service
* feat(kv): add kv onboarding service
* refactor(kv): update telegraf to avoid repetition
* feat(cmd/influxd): use kv lookup service
* feat(kv): add telegraf to lookup service
* feat(cmd/influxd): use kv telegraf service
* feat(kv): update scraper error messaging
* feat(cmd/influxd): add kv scraper
* feat(kv): add inmem backend tests
* refactor(kv): copy paste errors
* refactor(kv): add code to password errors
* fix(testing): update error messages for incorrect passwords
* feat(http): initial support for flushing all key/values from kv store
* feat(kv): rename macro to variable
* feat(cmd/influxd/launcher): user kv services where appropriate
* refactor(passwords): rename from BasicAuth to Passwords
* feat(kv): implement macro service
* test(ui): introduce cypress
* test(ui): introduce first typescript test
* test(ui/e2e): add ci job
* chore: update gitignore to ignore test outputs
* feat(inmem): in memory influxdb
* test(e2e): adding pinger that checks if influxdb is alive
* hackathon
* hack
* hack
* hack
* hack
* Revert "feat(inmem): in memory influxdb"
This reverts commit 30ddf032003e704643b07ce80df61c3299ea7295.
* hack
* hack
* hack
* hack
* hack
* hack
* hack
* hack
* hack
* hack
* hack
* hack
* hack
* chore: lint ignore node_modules
* hack
* hack
* hack
* add user and flush
* hack
* remove unused vars
* hack
* hack
* ci(circle): prefix e2e artifacts
* change test to testid
* update cypress
* moar testid
* fix npm warnings
* remove absolte path
* chore(ci): remove /home/circleci proto mkdir hack
* wip: crud resources e2e
* fix(inmem): use inmem kv store services
* test(dashboard): add first dashboard crud tests
* hack
* undo hack
* fix: use response from setup for orgID
* chore: wip
* add convenience getByTitle function
* test(e2e): ui can create orgs
* test(e2e): add test for org deletion and update
* test(e2e): introduce task creation test
* test(e2e): create and update of buckets on org view
* chore: move types to declaration file
* chore: use route fixture in dashboard tests
* chore(ci): hack back
* test(ui): update snapshots
* chore: package-lock
* chore: remove macros
* fix: launcher rebase issues
* fix: compile errors
* fix: compile errors
* feat(cmd/influxdb): add explicit testing, asset-path, and store flags
Co-authored-by: Andrew Watkins <watts@influxdb.com>
* fix(cmd/influxd): set default HTTP handler and flags
Co-authored-by: Andrew Watkins <watts@influxdb.com>
* build(Makefile): add run-e2e and PHONY
* feat(kv:inmem:bolt): implement user service in a kv
* refactor(kv): use consistent func receiver name
* feat(kv): add initial basic auth service
* refactor(passwords): move auth interface into own file
* refactor(passwords): rename basic auth files to passwords
* refactor(passwords): rename from BasicAuth to Passwords
* refactor(kv): copy bolt user test into kv
Co-authored-by: Michael Desa <mjdesa@gmail.com>
* feat(kv): add inmem testing to kv store
* fix(kv): remove extra user index initialization
* feat(kv): attempt at making errors nice
* fix(http): return not found error if filter is invalid
* fix(http): s/platform/influxdb/ for user service
* fix(http): s/platform/influxdb/ for user service
* feat(kv): initial port of telegraf configs to kv
* feat(kv): initial port of scrapers in bolt to kv
* feat(kv): first pass at migrating bolt org service to kv
* feat(kv): first pass at bucket service
* feat(kv): first pass at migrating kvlog to kv package
* feat(kv): add resource op logs
* feat(kv): first pass at user resource mapping migration
* feat(kv): add urm usage to bucket and org services
* feat(kv): first pass at kv authz service
* feat(kv): add cascading auth delete for users
* feat(kv): first pass d authorizer.OrganizationService in kv
* feat(cmd/influxd/launcher): user kv services where appropriate
* fix(kv): initialize authorizations
* fix(influxdb): use same buckets while slowly migrating stuff
* fix(kv): make staticcheck pass
* feat(kv): add dashboards to kv
review: make suggestions from pr review
fix: use common bucket names for bolt/kv stores
* test(kv): add complete password test coverage
* chore(kv): fixes for staticcheck
* feat(kv): implement labels generically on kv
* feat(kv): implement macro service
* feat(kv): add source service
* feat(kv): add session service
* feat(kv): add kv secret service
* refactor(kv): update telegraf and urm with error messages
* feat(kv): add lookup service
* feat(kv): add kv onboarding service
* refactor(kv): update telegraf to avoid repetition
* feat(cmd/influxd): use kv lookup service
* feat(kv): add telegraf to lookup service
* feat(cmd/influxd): use kv telegraf service
* feat(kv): update scraper error messaging
* feat(cmd/influxd): add kv scraper
* feat(kv): add inmem backend tests
* refactor(kv): copy paste errors
* refactor(kv): add code to password errors
* fix(testing): update error messages for incorrect passwords
* feat(kv): rename macro to variable
* refactor(kv): auth/bucket/org/user unique checks return errors now
* feat(inmem): add way to get all bucket names from store
* feat(inmem): Buckets to return slice of bytes rather than strings
* feat(inmem): add locks around Buckets to avoid races
* feat(cmd/influx): check for unauthorized error in wrapCheckSetup
* chore(e2e): add video and screenshot artifcats to gitignore
* docs(ci): add build instructions for e2e tests
* feat(kv): add id lookup for authorized resources
Task ID is now a required value on run and log filters. It was
effectively required by all implementations before anyway, so now those
types reflect that requirement.
Organization ID was removed from those same fields. The TaskService
looks up the organization ID via the task in cases where we need it at a
lower layer.
Accept token when creating or updating a task, but only report back the
authorization ID.
This means the executor and the platform adapter are now both aware of
an Authorization Service.
With the ongoing authorization work, creation arguments will differ from
what's returned on reads. More specifically, creation will accept a
token, but reads will report back a token ID.
This refactor facilitates that authorization work, and also brings the
code closer to the swagger definition, for the TaskCreateRequest type in
particular.
For an operation that looks up a task or a run, when that operation
fails, only set the status to 404 if that operation explicitly returns
ErrTaskNotFound or ErrRunNotFound.
It's possible that the operation could fail for a reason other than the
ID being invalid: for example, if there was an IO error preventing the
lookup from succeeding.
Harden that behavior with tests for the task handler.
Closes#11589.
And ensure that the task HTTP client consistently expects influxdb
errors, so that they're properly extracted and returned to the caller.
Closes#11426.
fix(cmd/influx): format error for bare influx command
feat(cmd/influx): add org flag to query command
fix(cmd/influx): check correct error in wrapCheckSetup
fix(influx/cmd): use correct shorthand flag for org flag
feat(cmd/influx): wrapCheckSetup with wrapErrorFmt
feat(cmd/influx): cleanup language and errors during setup command
fix(http): use id query param in get buckets request
feat(cmd/influx): add helpful error messages for write command
feat(cmd/influx): add context to query command
feat(bolt): add function to find a resources organization id
rename platform to influxdb
Co-authored-by: Leonardo Di Donato <leodidonato@gmail.com>
Co-authored-by: Michael Desa <mjdesa@gmail.com>
fix(bolt): rename FindResoureOrganization to FindResoureOrganizationID
feat(authorizer): add authorized user resource mapping service
Co-authored-by: Leonardo Di Donato <leodidonato@gmail.com>
Co-authored-by: Michael Desa <mjdesa@gmail.com>
feat(influxdb): wire up authorized user resource mapping
Co-authored-by: Leonardo Di Donato <leodidonato@gmail.com>
Co-authored-by: Michael Desa <mjdesa@gmail.com>
fix(authorizer): remove unused field from tests
Co-authored-by: Leonardo Di Donato <leodidonato@gmail.com>
Co-authored-by: Michael Desa <mjdesa@gmail.com>
There was an extra s in owner links, for example:
{"links":{"self":"/api/v2/taskss/034356818538f000/owners"},"users":[]}
All of the ResourceType values in authz.go already are plural, so I am
fairly certain that the extra s was just a typo all along.
feat(influxdb): add unauthorized error code
feat(testing): export ErrorsEqual method
feat(authorizer): add Authorize method that authorizers permissions
feat(authorizer): add org service that authorizes actions to a wrapped org service
feat(http): use authorized org service in org handler
feat(authorizer): rename Authorize to IsAllowed
feat(http): add organization id to dashboard handler
feat(testing): add organization id to dashboards for testing
feat(bolt): add organization dashboard index
feat(inmem): filter dashboards by organization id
feat(http): add organizationID to dashboard response
feat(bolt): use index key to retrieve dashboard id
Co-authored-by: Leonardo Di Donato <leodidonato@gmail.com>
Co-authored-by: Michael Desa <mjdesa@gmail.com>
feat(influxdb): support organization as filter for dashboards
fix(http): add query params to self links in dashboards/protos api
test(http): get user off of session in create authz test
fix(http): allow user id to be specified explicitly on authorization
create authorization now allows specifying user id explicitly. If no
user id is specified then we use the user id from the authorizer.
fix(http): use influxdb import
fix(http): use platform error in http auth tests
feat(cmd/influx): allow create auth command to specify user explicitly
feat(http): add org id to permissions
filter out resources that have mission IDs
fix(influxdb): simplify auth check in PermissionAllowed
review(platform): update as noted in review
fix(influxdb): ensure permission has valid org id
I did this with a dumb editor macro, so some comments changed too.
Also rename root package from platform to influxdb.
In interest of minimizing risk, anyone importing the root package has
now aliased it to "platform" so that no changes beyond imports were
necessary in those files.
Lastly, replace the old platform module to local path /dev/null so that
nobody can accidentally reintroduce a platform dependency while
migrating platform code to influxdb.
feat(http): add http handler for proto service
feat(mock): add mock proto service
test(http): add proto handler tests
fix(platform): add view as option when adding a cell
feat(platform): add dashboard to proto struct
feat(fs): add filesystem implementation of proto
feat(http): add protos endpoints to api handler
feat(cmd/influxd/launcher): add protos path to server
doc(http): add protos to swagger
test(cmd/influxd/launcher): add --protos-path to launcher tests
fix(fs): remove unused args from test
fix(http): use platform.Error where appropriate
feat(platform): add functional options for platform errors
fix(testing): set dashboard ids properly in dashboard tests
feat(bolt): add dashboard specific views
fix(bolt): delete view when cell is removed or dashboard is deleted
* Update cur_swagger
Co-Authored-By: Iris Scholten <ischolten.is@gmail.com>
* Display labels in dashboards list
Co-Authored-By: Iris Scholten <ischolten.is@gmail.com>
* Add # to example label
Co-Authored-By: Iris Scholten <ischolten.is@gmail.com>
* Write test for dashboard TableRow component
Co-Authored-By: Iris Scholten <ischolten.is@gmail.com>
* Update snapshot and mock data
Co-Authored-By: Iris Scholten <ischolten.is@gmail.com>
* Increase page gutter and max width of centered pages
* Show description in dashboards list
* Update snapshot
* Fix linting error
* Remove snapshot check from unit test
all tests use a unique bucket based on the test file name. copied all tests over from flux repo
the tests are currently disabled due to engine consistency issues: https://github.com/influxdata/flux/issues/613
* fix(ui/org-view): list actual tasks from api
* fix(ui/org-view): fix dashboard list not rendering
* fix(ui/org-view): fix bucket modal
* feat(dashboards): add updated at column
* add labels to task links
* add labels to task responses
* add failing test
* fix label POST
* make fmt
* fix dashboard tests
* update swagger
* fix task service test labels
* add labels test for dashboards http service
* pull params out of newTaskResponse
* pull params out of newDashboardResponse
* make fmt
* add labels to dashboard response in swagger
* make context first argument
* fix test formatting
fix(http): add members/secrets/labels links on org response
fix(http:cmd/influxd): use secret service in api backend
fix(bolt): return empty list if there are no secrets for an org
chore(vault): add description of vault usage
Also rename RetryAlreadyQueuedError by running:
gorename -from '"github.com/influxdata/platform/task/backend".RetryAlreadyQueuedError' -to RequestStillQueuedError
and some further manual cleanup for comments.
Multiple calls to w.WriteHeader were possible if there was an error that
was encountered while encoding the response. To resolve this, we simply
log any error that is encountered instead.
A standard Makefile is used now in all subdirs that run go generate.
Make will only generate the file if its source files changed.
The checkgenerate target runs clean to ensure all targets a generated
fresh.
BREAKING CHANGE: The API endpoint exposed internal details about the implementation of
the logical and physical plans. Those data structures need to be free to
change without breaking the API. For now since the endpoint is unused it
is being removed. A similar API may be added back in that correctly
abstracts away the internal details of plans.
Lyon Hill
Chris Goller
Jacob Marble
Christopher M. Wolff
Jorge Landivar
zhulongcheng
Palak Bhojani
Michael Desa
Nathaniel Cook
Alirie Gray
Jacob Marble
Mark Rushakoff
Ben Johnson
Brandon Farmer
Delmer Reed
jlapacik
Jonathan A. Sternberg
Iris Scholten
Adam
Christopher Henn
Jakub Bednar
Leonardo Di Donato
Lorenzo Affetti
Kelvin Wang
kelwang
Jade McGough
Deniz Kusefoglu
Mark Rushakoff
Alex P
alexpaxton
Andrew Watkins
AJ Bond