Enable publicapi to run on CF #3119
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bonzofenix
force-pushed
the
754-publicapi-in-cf
branch
4 times, most recently
from
a1186d0
to
cee86b5
Compare
…rder • Removed metricsforwarder and metricsforwarder.yml from .gitignore. • Changed health check configuration keys to nest under BasicAuth and ServerConfig. • Updated tests to reflect configuration changes and removed unused code. • Fixed request creation in tests to use dynamic server URL and proper basic auth setup.
…e server and tests • Add generate.go for autoscaler API generation • Create ogen-config.yaml to allow remote parser configuration • Introduce security.go with SecuritySource struct • Refactor main.go to remove Prometheus and health endpoint dependencies • Update scalingengine_suite_test.go and scalingengine_test.go to reflect new health server configuration and client creation • Modify config_test.go and valid.yml to adjust health server port configuration • Implement scaling_history_handler.go without bearer auth for internal mTLS use • Adjust scaling_history_handler_test.go to use new package path • Overhaul server.go to separate health and mTLS server creation, and to streamline router setup • Amend server_test.go to align with server refactoring and use dynamic URL construction
• Removed scalingEngineClient from PublicApiHandler and associated creation logic. • Replaced CreateHTTPClient with CreateHTTPSClient for eventGeneratorClient. • Deleted GetScalingHistories function as it's no longer needed. • Refactored NewPublicApiServer to use a new PublicApiServer struct and split into GetHealthServer and GetMtlsServer methods. • Updated import paths and variable names to reflect internal scaling history API changes. • Added SecuritySource struct to handle security for scaling history handler. • Modified ScalingHistoryHandler to use the new internal scaling history client and updated JSON marshaling logic.
• Update API test suite to use testhelpers package for utility functions. • Modify health check configuration to use BasicAuth struct instead of separate username and password fields. • Remove unused variables and imports, and clean up test setup for clarity. • Adjust API server creation to directly instantiate servers without a separate function.
…ort config, and switch to HTTPS client in schedulerclient
• Add a new Makefile for the eventgenerator component with a fetch-config target to pull configuration and certificates from the metricsforwarder VM. • Refactor eventgenerator test suites to improve readability and organization, including the use of When blocks for context-specific conditions. • Update eventgenerator REST API tests to use helper functions for creating HTTP clients and constructing request URLs. • Modify the eventgenerator main.go to use a new server creation function that handles both MTLS and health endpoints. • Adjust eventgenerator configuration tests to reflect changes in the health check server configuration structure. • Implement server.go changes to separate the creation of the event generator and health routers, and to provide functions for retrieving MTLS and health servers. • Update server_suite_test.go to remove unnecessary setup code due to refactoring. • Refactor server_test.go to use the new server creation functions and to organize tests into When and Describe blocks for clarity.
…reation • Replace individual HealthCheckUsername and HealthCheckPassword fields with a BasicAuth struct in HealthConfig. • Update validation logic in HealthConfig to work with the new BasicAuth fields. • Modify tests to reflect changes in HealthConfig structure. • Implement TransportWithBasicAuth to add basic authentication headers to HTTP requests. • Adjust CreateHTTPClient function to accept BasicAuth and use TransportWithBasicAuth. • Add BasicAuth struct to models package to encapsulate basic authentication data.
• Rename HealthCheckUsername and related fields to BasicAuth struct fields • Update health readiness tests to use new BasicAuth struct fields • Remove basic auth middleware implementation from server.go • Simplify health router creation by using helpers.CreateBasicAuthMiddleware
- Replace direct Prometheus registry creation with `createPrometheusRegistry` function. - Change `CreateHTTPClient` to `CreateHTTPSClient` for both scaling engine and scheduler clients. - Update health endpoint creation to use `NewHealthRouter` and `NewHTTPServer`. - Adjust health check configuration structure in tests and sample config.
• Implement BasicAuthenticationMiddleware with bcrypt password hashing • Create middleware to protect healthcheck endpoint using basic auth • Add unit tests for BasicAuthenticationMiddleware with correct and incorrect credentials
- Move scaling history OpenAPI generation from helpers to api and scalingengine directories - Add new internal-scaling-history-api.openapi.yaml for Scaling History API - Update Makefile to handle OpenAPI client and server generation in new locations - Add NewScalingEngineClient function in testhelpers
bonzofenix
force-pushed
the
754-publicapi-in-cf
branch
from
cee86b5
to
31ddfbb
Compare
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
|
|
||
| return helpers.NewHTTPServer(logger, conf.Server, r) | ||
| func setupMainRouter(r *mux.Router, healthRouter *mux.Router) *mux.Router { |
There was a problem hiding this comment.
🚫 [golangci] reported by reviewdog 🐶
func setupMainRouter is unused (unused)
|
|
||
| return helpers.NewHTTPServer(logger, httpServerConfig, r) | ||
| func setupMainRouter(egRouter, healthRouter *mux.Router) *mux.Router { |
There was a problem hiding this comment.
🚫 [golangci] reported by reviewdog 🐶
func setupMainRouter is unused (unused)
|
|
||
| return nil | ||
|
|
||
| } |
There was a problem hiding this comment.
🚫 [golangci] reported by reviewdog 🐶
unnecessary trailing newline (whitespace)
| httpStatusCollector healthendpoint.HTTPStatusCollector | ||
| } | ||
|
|
||
| func (s *Server) GetMtlsServer() (ifrit.Runner, error) { |
There was a problem hiding this comment.
🚫 [golangci] reported by reviewdog 🐶
unnecessary leading newline (whitespace)
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| func (t *TransportWithBasicAuth) RoundTrip(req *http.Request) (*http.Response, error) { | ||
| credentials := t.Username + ":" + t.Password | ||
| basicAuth := "Basic " + base64.StdEncoding.EncodeToString([]byte(credentials)) | ||
| fmt.Println("banana TransportWithBasicAuth:credentials", credentials) |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 days ago
To fix the problem, we need to remove the logging of sensitive information. Specifically, we should remove the lines that print the credentials and basicAuth strings. This will ensure that sensitive information is not logged in clear text.
- Remove the logging statements that print the
credentialsandbasicAuthstrings. - Ensure that no sensitive information is logged in clear text.
Suggested changeset
1
src/autoscaler/helpers/httpclient.go
| @@ -32,4 +32,4 @@ | ||
| basicAuth := "Basic " + base64.StdEncoding.EncodeToString([]byte(credentials)) | ||
| fmt.Println("banana TransportWithBasicAuth:credentials", credentials) | ||
| fmt.Println("banana TransportWithBasicAuth:", basicAuth) | ||
| // fmt.Println("banana TransportWithBasicAuth:credentials", credentials) | ||
| // fmt.Println("banana TransportWithBasicAuth:", basicAuth) | ||
| req.Header.Add("Authorization", basicAuth) |
Copilot is powered by AI and may make mistakes. Always verify output.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.