PPL Alerting: Get and Search Monitors #1966
Conversation
Signed-off-by: Dennis Toepker <[email protected]>
toepkerd
requested review from
AWSHurneyt,
amsiglan,
bowenlan-amzn,
eirsep,
engechas,
getsaurabh02,
goyamegh,
jowg-amazon,
lezzago,
praveensameneni,
rishabhmaurya,
riysaxen-amzn and
sbcd90
as code owners
| if (request.method() == HEAD) { | ||
| srcContext = FetchSourceContext.DO_NOT_FETCH_SOURCE | ||
| } |
There was a problem hiding this comment.
What is the purpose for head here?
There was a problem hiding this comment.
If this is copying v1 monitors for UI setup, does the new V2 UI even use this?
There was a problem hiding this comment.
This case handling is ported over from Alerting V1, where it helped with regenerating the visual basic mode of monitors. This use case doesn't immediately apply to Alerting V2, but the logic will be retained so Alerting V2 can catch this potential curve ball in the future.
| * ./gradlew :alerting:integTest -Dhttps=true -Dsecurity=true -Duser=admin -Dpassword=admin \ | ||
| * --tests "org.opensearch.alerting.resthandler.SecureMonitorV2RestApiIT" | ||
| */ | ||
| class SecureMonitorV2RestApiIT : AlertingRestTestCase() { |
There was a problem hiding this comment.
Can we also test update monitor on just cluster permissions and a user trying to update a monitor (change a trigger name, but not the index) that monitors an index that they do not have permissions to
Signed-off-by: Dennis Toepker <[email protected]>
| .field(_SEQ_NO, seqNo) | ||
| .field(_PRIMARY_TERM, primaryTerm) | ||
| if (monitorV2 != null) { | ||
| builder.field("monitorV2", monitorV2) |
There was a problem hiding this comment.
Nitpick:
The monitorV2 field name seems a little awkward in this context. It seems like we could have probably just reused the [GetMonitorResponse] object.
Not blocking if this is the decision we're going for; but seems like the v1 and v2 monitors are being separated to an arbitrary extent.
There was a problem hiding this comment.
This is indeed more of an engineering decision than a product decision. I chose this approach in the spirit of committing to separating the v1 and v2 APIs. It may be a duplicate of the v1 response object now, but it gives us room to add things to v2 that may not be applicable to v1.
| } | ||
|
|
||
| // RBAC is out of scope for this test, so give all users and requests the same one | ||
| val backendRole = "backend_role_a" |
There was a problem hiding this comment.
[Not blocking] We can disable filter by backend role setting so this is not needed to be added.
| ) | ||
| fail("Expected update monitor to fail as user does not have permissions to index that monitor queries") | ||
| } catch (e: ResponseException) { | ||
| assertEquals("Unexpected error status", RestStatus.BAD_REQUEST.status, e.response.statusLine.statusCode) |
There was a problem hiding this comment.
We should have handle this error gracefully by calling out the user does not have permissions on the index set in the monitor. This would actually be more of a comment on the update monitor api
There was a problem hiding this comment.
To validate the PPL Query, PPL Alerting submits the raw query to PPL plugin. If there's an error from the PPL plugin, it gets relayed to the user here.
The try catch that throws the error this test expects is pretty one size fits all: an invalid PPL query throws the same error as a valid query on an index users don't have permissions to. Increasing the granularity of the error would require either 1) parsing the string error response of the PPL query API, or 2) doing a separate Alerting level check of the indices in the PPL query before validating the PPL query against PPL Plugin itself.
Will raise a Github issue calling out the one size fits all nature of the validation check against PPL query.
|
The backport to To backport manually, run these commands in your terminal: # Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/alerting/backport-3.3 3.3
# Navigate to the new working tree
pushd ../.worktrees/alerting/backport-3.3
# Create a new branch
git switch --create backport-1966-to-3.3
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 819599f3431be0691d8540746a7a9c132e41dfa3
# Push it to GitHub
git push --set-upstream origin backport-1966-to-3.3
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/alerting/backport-3.3Then, create a pull request where the |
|
The backport to To backport manually, run these commands in your terminal: # Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/alerting/backport-2.19 2.19
# Navigate to the new working tree
pushd ../.worktrees/alerting/backport-2.19
# Create a new branch
git switch --create backport-1966-to-2.19
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 819599f3431be0691d8540746a7a9c132e41dfa3
# Push it to GitHub
git push --set-upstream origin backport-1966-to-2.19
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/alerting/backport-2.19Then, create a pull request where the |
* PPL Alerting: Get and Search Monitors Signed-off-by: Dennis Toepker <[email protected]> * adding requested ID Signed-off-by: Dennis Toepker <[email protected]> --------- Signed-off-by: Dennis Toepker <[email protected]> Co-authored-by: Dennis Toepker <[email protected]> (cherry picked from commit 819599f)
* PPL Alerting: Get and Search Monitors * adding requested ID --------- (cherry picked from commit 819599f) Signed-off-by: Dennis Toepker <[email protected]> Co-authored-by: Dennis Toepker <[email protected]>
* PPL Alerting: Get and Search Monitors Signed-off-by: Dennis Toepker <[email protected]> * adding requested ID Signed-off-by: Dennis Toepker <[email protected]> --------- Signed-off-by: Dennis Toepker <[email protected]> Co-authored-by: Dennis Toepker <[email protected]>
* PPL Alerting: Get and Search Monitors Signed-off-by: Dennis Toepker <[email protected]> * adding requested ID Signed-off-by: Dennis Toepker <[email protected]> --------- Signed-off-by: Dennis Toepker <[email protected]> Co-authored-by: Dennis Toepker <[email protected]>
* PPL Alerting: Get and Search Monitors Signed-off-by: Dennis Toepker <[email protected]> * adding requested ID Signed-off-by: Dennis Toepker <[email protected]> --------- Signed-off-by: Dennis Toepker <[email protected]> Co-authored-by: Dennis Toepker <[email protected]>
* PPL Alerting: Get and Search Monitors * adding requested ID --------- Signed-off-by: Dennis Toepker <[email protected]> Co-authored-by: Dennis Toepker <[email protected]>
4 participants
Description
Get and Search Monitor functionality for PPL Alerting
Related Issues
#1880
Check List
--signoff.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.