Kibana api key #372
Kibana api key #372
Conversation
|
💚 CLA has been signed |
andrianjardan
force-pushed
the
kibana_api_key
branch
from
7ea511e to
0f738b7
Compare
|
I guess disaster37/go-kibana-rest#5 has to be merged first for this to work. |
|
Seems like there's no activity in disaster37/go-kibana-rest#5, and the project looks abandoned |
|
https://github.com/disaster37/go-kibana-rest is abandoned since 2022, @tobio since this is a library crucial for the plugin functionality, does it make sense to fork it under Elastic orga ? |
Yes it does, there's been some discussions about this previously. I'm not clear where that stands right now. @Kushmaro FYI on having official client support for Kibana. @andrianjardan IIUC Kibana API's should come with an OpenAPI spec in the future which reduces the need for a hand-written client library. I wonder if the interim solution here is to fork the client inside this repo rather than by itself. |
|
@tobio I could do so, should I ? |
|
That would be amazing if you've got an opportunity to do so! |
|
@tobio aaand it's done ;) |
internal/clients/api_client.go
Outdated
| @@ -508,6 +514,9 @@ func buildKibanaConfig(d *schema.ResourceData, baseConfig BaseConfig) (kibana.Co | |||
| if password := os.Getenv("KIBANA_PASSWORD"); password != "" { | |||
| config.Password = strings.TrimSpace(password) | |||
| } | |||
| if api_key := os.Getenv("KIBANA_API_KEY"); api_key != "" { | |||
There was a problem hiding this comment.
Can we make sure this is added to the provider docs as well.
There was a problem hiding this comment.
API key support also needs to be added to connectors, as defaults for the fleet client and the SLO auth context
That's too many places :( There must be a better way.
There was a problem hiding this comment.
I agree, it would be nice refactor some of this functionality. I'm hopeful we'll have a single client for the entire Kibana surface area soon so that we don't have to implement glue code around all the existing clients.
| @@ -414,6 +414,11 @@ func (c *APIClient) prepareRequest( | |||
| localVarRequest.SetBasicAuth(auth.UserName, auth.Password) | |||
| } | |||
|
|
|||
| // APIKey Authentication | |||
There was a problem hiding this comment.
This has been manually added to the generated client? I think that's fine for now, these openapi clients are a bit of a mess right now. We need to tidy this up.
Can we add a comment calling out that this is inserted after generation.
|
Just wanted to ^bump this as adding support for Kibana API keys in the terraform provider would be very useful! |
|
@jloleysens I'll try to come back to it next week |
|
@andrianjardan - any update on this? |
|
@electra06 I am unfortunately busy with other tasks right now and the progress here is on hold, but I will do my best to continue working on it next week. |
Thank you @andrianjardan - one of our developers has this requirement and it would be helpful once this has been pushed thru then. |
|
@andrianjardan - bumping on this once again, hope you got the time to work on this one this week :-) |
|
@andrianjardan - sorry to bump this again, our developer is following up as this one is very useful for them. Appreciate your time and effort. |
|
@electra06 absolutely no worries, I understand this is useful, and we also need it, but I got sick last week and the amount of work is not getting less... Sorry for dragging it for too long, but it was intended as a small and quick fix, and turned into a longer journey, as my experience with Golang is quite limited. I am happy to hand it over to someone else who has more time and expertise, if needed. |
|
@andrianjardan , I've attempted to address outstanding items, hopefully we can get this over the line! |
| @@ -583,7 +583,7 @@ func (a *AlertingApiService) CreateRuleExecute(r ApiCreateRuleRequest) (*RuleRes | |||
| } else { | |||
| key = apiKey.Key | |||
| } | |||
| localVarHeaderParams["ApiKey"] = key | |||
| localVarHeaderParams["Authorization"] = key | |||
There was a problem hiding this comment.
This generated Kibana client code is buggy :(
We will have to revisit this and ensure we can generate functioning HTTP requests from the OpenAPI specs. I think this task is beyond this PR so I've modified the generated code directly. We should open an issue for fixing this!
|
@jloleysens thanks a lot for jumping on this, I am sure it is going to be appreciated by everyone waiting :)! |
|
@tobio I've updated the docs in |
There was a problem hiding this comment.
LGTM. I see a weird issue in running the acceptance tests locally with an API key here, but it looks unrelated, I'll open an issue for it. The tests pass if run individually which is the main thing, but one of the tests (probably the API key test but I haven't looked at all) is cleaning up existing keys so when the entire suite is run, the key based tests fail since the key is removed in an earlier test.
|
FYI #490 |
|
Hi All, |
What's the issue? |
|
|
We'll need a new provider release including this PR first. I don't have a timeframe to share right now, we're discussing that internally at the moment. |
* Adding api key functionality for Kibana * Adding support for api_key for Kibana * Adding go-kibana-rest lib locally as it is abandoned by authors * update docs * added support for SLO client to use API keys * add auth interceptor to connectors client * added test case for Kibana API keys via provider * slight fix to table test * added fwschema * fix copy-pasta * some typos, generate docs * manually patch generated code for now * update specs * update new kb config from framework * added api key to provider tests * use built in jq * remove kibana api key env * API keys should cascade from ES->Kibana->Fleet * update rules doc --------- Co-authored-by: Jean-Louis Leysens <[email protected]> Co-authored-by: Toby Brain <[email protected]>
* Adding api key functionality for Kibana * Adding support for api_key for Kibana * Adding go-kibana-rest lib locally as it is abandoned by authors * update docs * added support for SLO client to use API keys * add auth interceptor to connectors client * added test case for Kibana API keys via provider * slight fix to table test * added fwschema * fix copy-pasta * some typos, generate docs * manually patch generated code for now * update specs * update new kb config from framework * added api key to provider tests * use built in jq * remove kibana api key env * API keys should cascade from ES->Kibana->Fleet * update rules doc --------- Co-authored-by: Jean-Louis Leysens <[email protected]> Co-authored-by: Toby Brain <[email protected]>
Fixes #364