Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor feature flag to support more modules #1057

Merged
merged 23 commits into from
Dec 8, 2021

Conversation

shhdgit
Copy link
Member

@shhdgit shhdgit commented Nov 11, 2021

@ti-chi-bot
Copy link
Member

ti-chi-bot commented Nov 11, 2021

[REVIEW NOTIFICATION]

This pull request has been approved by:

  • baurine

To complete the pull request process, please ask the reviewers in the list to review by filling /cc @reviewer in the comment.
After your PR has acquired the required number of LGTMs, you can assign this pull request to the committer in the list by filling /assign @committer in the comment to help you merge this pull request.

The full list of commands accepted by this bot can be found here.

Reviewer can indicate their review by submitting an approval review.
Reviewer can cancel approval by submitting a request changes review.

@shhdgit
Copy link
Member Author

shhdgit commented Nov 11, 2021

/cc @baurine @breeswish
PTAL, thanks~

@shhdgit shhdgit force-pushed the refactor/feature-flag branch from 1794cbe to fd7dd71 Compare November 11, 2021 03:31
pkg/utils/feature_flag.go Outdated Show resolved Hide resolved
pkg/utils/feature_flag.go Outdated Show resolved Hide resolved
pkg/utils/feature_flag.go Outdated Show resolved Hide resolved
pkg/utils/feature_flag.go Outdated Show resolved Hide resolved
pkg/utils/feature_flag.go Outdated Show resolved Hide resolved
pkg/apiserver/user/module.go Outdated Show resolved Hide resolved
@shhdgit shhdgit force-pushed the refactor/feature-flag branch from 58edb58 to 5d2db5d Compare November 11, 2021 04:40
@shhdgit shhdgit force-pushed the refactor/feature-flag branch from 5d2db5d to 8bd2e44 Compare November 11, 2021 04:41
@shhdgit shhdgit requested a review from breezewish November 11, 2021 04:42
@shhdgit shhdgit force-pushed the refactor/feature-flag branch from 6e1f58d to 74a0937 Compare November 11, 2021 05:03
@shhdgit
Copy link
Member Author

shhdgit commented Nov 12, 2021

@breeswish
Updated, PTAL.

util/versionutil/version.go Outdated Show resolved Hide resolved
util/versionutil/version.go Outdated Show resolved Hide resolved
util/versionutil/feature_flag.go Outdated Show resolved Hide resolved
pkg/apiserver/utils/mw_feature_flag.go Outdated Show resolved Hide resolved
pkg/apiserver/conprof/service.go Outdated Show resolved Hide resolved
@shhdgit shhdgit force-pushed the refactor/feature-flag branch from 31f4aa4 to 4857960 Compare November 14, 2021 17:13
@@ -40,7 +42,7 @@ func Default() *Config {
TiDBTLSConfig: nil,
EnableTelemetry: true,
EnableExperimental: false,
FeatureVersion: "",
FeatureVersion: version.PDVersion,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's a nice improvement.

Copy link
Collaborator

@baurine baurine left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@shhdgit shhdgit force-pushed the refactor/feature-flag branch from c5f06d5 to 43b297d Compare December 7, 2021 07:23
Copy link
Member

@breezewish breezewish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the rest lgtm

util/featureflag/registry.go Outdated Show resolved Hide resolved
util/featureflag/registry.go Outdated Show resolved Hide resolved
pkg/apiserver/conprof/service.go Outdated Show resolved Hide resolved
util/featureflag/featureflag.go Outdated Show resolved Hide resolved
pkg/apiserver/info/info.go Outdated Show resolved Hide resolved
pkg/apiserver/apiserver.go Outdated Show resolved Hide resolved
util/featureflag/version_guard.go Outdated Show resolved Hide resolved
@@ -88,8 +91,9 @@ func NewAuthService() *AuthService {
}

service := &AuthService{
middleware: nil,
authenticators: map[utils.AuthType]Authenticator{},
FeatureFlagNonRootLogin: featureFlagRegistry.Register("nonRootLogin", ">= 5.3.0"),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems that this FeatureFlagNonRootLogin is not used. It doesn't look good as this may imply that this protection is purely happening at frontend and there is no backend protection for corresponding features.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Create a new PR #1089 to refactor the "non root login" for better review experience.

@@ -30,6 +31,8 @@ var (
)

type AuthService struct {
FeatureFlagNonRootLogin *featureflag.FeatureFlag
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This feature should be placed inside SQL auth, as only SQL auth needs it and other kind of auth does not care about the "non root login".

go.sum Outdated Show resolved Hide resolved
Comment on lines 42 to 43
_ = c.Error(ErrFeatureUnsupported.New(f.name))
c.AbortWithStatus(http.StatusForbidden)
Copy link
Member

@breezewish breezewish Dec 8, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems that there is an "Abort". I'm worrying whether this is compatible with the standard rest.ErrorHandlerFn. Could you add a test to verify it?

"github.com/pingcap/tidb-dashboard/util/rest"
)

var ErrFeatureUnsupported = rest.ErrForbidden.NewSubtype("feature_unsupported")
Copy link
Member

@breezewish breezewish Dec 8, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh. I'm sorry, I misled you. There is no way to attach the error status code into the error type for now.

Please use HTTPCodeProperty when initializing errors:

var ErrFeatureUnsupported = ErrNS.xxxx()

_ = c.Error(ErrFeatureUnsupported.NewWithNoMessage().WithProperty(HTTPCodeProperty(http.StatusForbidden)))

or:

_ = c.Error(rest.ErrForbidden.New("<ErrorMessages>"))

The whole point is to avoid the necessarilty to call c.Status() or c.AbortWithStatus() manually.

@shhdgit shhdgit force-pushed the refactor/feature-flag branch 2 times, most recently from 8cfd8e1 to c6c075a Compare December 8, 2021 08:43
@shhdgit shhdgit force-pushed the refactor/feature-flag branch from c6c075a to 0623ecc Compare December 8, 2021 08:43
@breezewish
Copy link
Member

/merge

@ti-chi-bot
Copy link
Member

This pull request has been accepted and is ready to merge.

Commit hash: 0623ecc

@ti-chi-bot ti-chi-bot merged commit c32eb49 into pingcap:master Dec 8, 2021
Comment on lines 70 to 71
e2.Use(func(c *gin.Context) {
c.Next()
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can use CreateTestContext to test context directly. No need to use a middleware to test it. Example:

func TestDownload(t *testing.T) {
	handler := New()
	token := handler.mustGetDownloadToken(t, "foobar", "file.txt", time.Second*5)

	r := httptest.NewRecorder()
	c, _ := gin.CreateTestContext(r)
	c.Request, _ = http.NewRequest(http.MethodGet, "/download?token="+token, nil)
	handler.HandleDownloadRequest(c)

	require.Len(t, c.Errors, 0)
	require.Equal(t, http.StatusOK, r.Code)
	require.Equal(t, `attachment; filename="file.txt"`, r.Header().Get("Content-Disposition"))
	require.Equal(t, `application/octet-stream`, r.Header().Get("Content-Type"))
	require.Equal(t, "foobar", r.Body.String())

	// Download again
	r = httptest.NewRecorder()
	c, _ = gin.CreateTestContext(r)
	c.Request, _ = http.NewRequest(http.MethodGet, "/download?token="+token, nil)
	handler.HandleDownloadRequest(c)

	require.Len(t, c.Errors, 1)
	require.True(t, errorx.IsOfType(c.Errors[0].Err, rest.ErrBadRequest))
	require.Contains(t, c.Errors[0].Error(), "Download file not found")
}

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! This is really helpful.

req2, _ := http.NewRequest("GET", "/ping", nil)
e.ServeHTTP(w2, req2)

r.Equal(http.StatusForbidden, w2.Code)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Forbidden means Unauthorized: The HTTP 403 Forbidden response status code indicates that the server understands the request but refuses to authorize it.

However there is no way for this router to be authorized. So maybe BadRequest is better.

Copy link
Member Author

@shhdgit shhdgit Dec 9, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, yes. I misunderstood the "forbidden".

baurine pushed a commit to baurine/tidb-dashboard that referenced this pull request Dec 30, 2021
baurine added a commit that referenced this pull request Dec 30, 2021
* Revert "Release v2021.12.06.1 (#1084)"

This reverts commit bcc43a0.

* Compitable with different TiDB versions for conprof and non-root-login features (#1047)

* make conprof independent

* check feature enable

* add check feature enable middleware

* hide menu if feature is not enabled

* refactor non root login switch by new design

* i18n

* yarn fmt

* renaming

* adjust fe code

* refine

* remove unused log

* build(deps): bump ws from 5.2.2 to 5.2.3 in /ui (#1055)

* CICD: Update the release pipeline for recent PD format policies (#1054)

* fix i18n wording (#1056)

* Refactor: Change util module to util package (#1052)

* Refactor: Fix godot incorrectly add dot suffix to annotations (#1059)

* lint: Add goheader for copyright lints (#1062)

* Refactor: Migrate to use the `rest` package in util/ (#1060)

* fix(*): globally delete/update data by GORM (#1065)

* ui: bump dependencies (#1066)

* refactor: Switch to use ziputil, netutil, reflectutil and fileswap (#1067)

* Fix request header being pinned after pd profiling (#1069)

* Integrate speedscope (#1064)

* fix potential panic when GetPDInstances (#1075)

Signed-off-by: crazycs <[email protected]>

* Refactor: a new httpclient (#1073)

* Refactor: Switch to use util/distro in all places (#1078)

* chore: support import relative file URL (#1082)

* Refactor: Move tools into a standalone module (#1079)

* Fix script to embed the ui (#1088)

* Fix script to embed the ui

* Hack write_strings

* Refactor feature flag to support more modules (#1057)

* Drop sysutil dependency (#1093)

* chore: add graph generation (#1085)

* Refactor: Add TopologyProvider (#1098)

* esbuild: i18n + dep (#1101)

* script: Add a script to generate version matrix (#1104)

* distro: support dynamic config (#1094)

* chore: support multiple profiling types (#1095)

* fix(distro): check distro_strings.json fmt by prettier (#1106)

* script: fix generate assets (#1107)

* Add integration test (#1083)

* debug_api: Switch to use the new util (#1103)

* refactor(ui): auto refresh button (#1105)

* refactor(ui): auto refresh button

* chore: update translation

* fix: remain seconds

* refine: refresh button

* fix: onRefresh

* fix: auto refresh

* fix: continue tick

* chore: add some comments

* tweak: remaining refresh seconds

* chore: clean code

Co-authored-by: Wenxuan <[email protected]>

* ui: refine conprof (#1102)

* update wording

* not check prom any more

* replace time range component

* i18n

* support view profile by diffrent ways

* extract ActionsButton

* change download data format

* refine

* comments

* Revert "comments"

This reverts commit 3b03fdb.

* fix view cpu profile fail

* update state

* hide action button if disable

* address feedback

* update release-version

* sync with master

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Wenxuan <[email protected]>
Co-authored-by: Suhaha <[email protected]>
Co-authored-by: Yini Xu <[email protected]>
Co-authored-by: crazycs <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants