Refactor and cleanup

Based on Pull Request #71

• Logger Changes: Replaces zap logging with zerolog.
• Router Change: Now using gorilla/mux to distinguish between Prometheus/Loki URLs
• File: .github/workflows/release.yml
  • Name Change: Publish new release to CI
  • Job Renames: golangci to lint, scan-code to scan, build-and-test split into test and build
  • Go Version: Updated from 1.20 to 1.21
  • Action Versions: actions/checkout and actions/setup-go upgraded
  • Scheduling: Removed cron scheduling
  • Tagging: switched autotag to anothrNick/github-tag-action
  • Docker meta: Tagging rules updated
  • Release Process: Changes in how releases are created
• File: auth.go
  • OAuth Token: Changed from KeycloakToken to OAuthToken
  • Token Retrieval: Functions getToken and trimBearerToken for token parsing
  • JWT Parsing: Function parseJwtToken to handle JWT tokens
  • Label Validation: validateLabels validates user labels
  • Admin Check: isAdmin checks if user is an admin
• File: build/Containerfile
  • Base Image: Switch from ubi9/ubi-minimal to scratch.
  • CA Image: alpine:latest for CA certificates.
• File: config.go
  • Struct: Updated names and added fields: logging, web, admin, dev, DB, Thanos, Loki.
  • WithConfig Method: Reads YAML, sets logging, watches config changes
  • WithSAT Method: K8s service account token, dev mode option
  • WithTLSConfig Method: TLS setup for HTTP client, CA and mTLS
  • WithJWKS Method: JWKS for JWT auth, refresh options
• File: configs/config.yaml
  • log.level: DEBUG -> 1
  • tenant_provider: Removed
  • web:
    • insecure_skip_verify -> tls_verify_skip
    • Added label_store_kind, service_account_token, oauth_group_name
    • Updated jwks_cert_url
  • admin: No change
  • db: Added token_key
  • thanos: Added Header
  • loki: Added Header
  • Purpose: Tweaks in logging, web, dev, db, loki settings; Adds/removes keys
• File: configs/labels.yaml
  • Removed:
    • groups
    • users
  • Added:
    • group1: #cluster-wide flag
    • user1: hogarama namespace
    • user3: grafana, opernshift-logging, opernshift-monitoring namespaces
  • Purpose: Redefined user and group label configs, added new settings for cluster-wide and specific namespaces.
• File: enforce.go
  • EnforceQL Interface: Method Enforce for query enforcement
  • enforceRequest Function: Delegates HTTP request based on method
  • enforceGet Function: Enforces GET request, modifies URL query
  • enforcePost Function: Enforces POST request, modifies form data
  • Purpose: HTTP request enforcement based on tenant labels, query matching. Handles both GET and POST methods.
• File: enforcer_logql.go
  • LogQLEnforcer Struct: New struct for EnforceQL interface.
  • Enforce Method: Modified, returns tenant-isolated query
  • matchNamespaceMatchers Function: Ensures query matchers adhere to tenant labels.
• File: enforcer_promql.go
  • Struct Added: PromQLEnforcer for enforcing PromQL queries via EnforceQL interface.
  • Method Changes:
    • promqlEnforcer -> PromQLEnforcer.Enforce
    • enforceLabels, checkLabels and createEnforcer take an additional labelMatch parameter.
  • Purpose: Improves structure, logging, and modularity. Adds flexibility for label matching.
• File: go.mod
  • Dependencies Added:
    • github.com/gorilla/mux v1.8.0
    • github.com/rs/zerolog v1.30.0
    • github.com/mattn/go-colorable v0.1.13
    • github.com/mattn/go-isatty v0.0.19
  • Dependencies Updated:
    • Multiple github.com/go-openapi/* packages
    • github.com/prometheus/alertmanager to v0.26.0
    • go.mongodb.org/mongo-driver to v1.12.0
  • Dependencies Removed:
    • go.uber.org/zap v1.24.0
  • Replace Directive:
    • github.com/prometheus/prometheus to v0.46.0
  • Purpose: Adds new libraries, updates existing ones for feature enhancements or bug fixes.
• File: init.go
  • Note: File deleted
• File: labeler.go
  • Note: File deleted
• File: labelstore.go
  • New File: Manages label storage
  • Interfaces:
    • Labelstore: Defines Connect, GetLabels
  • Functions:
    • WithLabelStore(): Connects LabelStore to App
    • ConfigMapHandler.Connect(): Reads labels from YAML
    • ConfigMapHandler.GetLabels(): Merges labels
    • MySQLHandler.Connect(): Connects to MySQL
    • MySQLHandler.Close(): Closes DB connection
    • MySQLHandler.GetLabels(): Queries DB for labels
  • Error Handling: Logs fatal errors
  • Note: Supports multiple label store kinds (ConfigMap, MySQL)
• File: labelstore_test.go (Renamed from labeler_test.go)
  • Test Updates: Tests for ConfigMapHandler.GetLabels
  • Config Changes:
    • Removed setupTestLabeler() and teardown()
    • Moved hard-coded labels into ConfigMapHandler instance
  • Test Cases:
    • Tests for different user-group combinations
    • Introduced "admin_group" test with skip flag
  • Assertions:
    • Checks expected labels and skip flag
  • Tests:
    • User and groups,
    • User only,
    • User with one group,
    • User with non-matching group,
    • Admin group with skip flag.
• File: log.go
  • New File: Introduces logging functionalities.
  • Data Struct: requestData for HTTP request details.
  • Middleware: loggingMiddleware for HTTP request logging.
    • LogTokens: Configurable to log/redact request body.
  • Helper Functions:
    • readBody: Reads HTTP request body.
    • logRequestData: Logs HTTP request details.
    • cleanSensitiveHeaders: Removes sensitive headers.
    • logAndWriteError: Logs and writes errors.
  • Logging Libraries: Uses github.com/rs/zerolog/log.
  • Security: Conditional redaction of sensitive info.
  • Error Handling: In readBody and logRequestData.
• File: main.go
  • Structural Change: Introduced App struct, removed global Logger
  • Logging: Switched from zap to zerolog
  • Initialization: New approach using App methods (WithConfig, WithSAT, etc.)
  • Server: Removed old main(), healthz, reverseProxy. Introduced StartServer in App struct.
  • Metrics: Re-configured using slok/go-http-metrics
• File: main_test.go
  • Changes:
    • setupTestMain() returns App and tokens
    • App and ConfigMapHandler introduced
    • Token-related test cases updated
    • Additional test cases for Loki
  • Tests:
    • Headers, tokens, authorization
    • Tenant access
    • Loki query support
  • Cleanup:
    • Removed commented-out defer
    • Formatting and naming consistency
• File: routes.go
  • Plugin header: Removed x-pluging-id routing.
  • Struct: Route struct with Url and MatchWord.
  • WithHealthz: Adds health check and metrics routes (/healthz, /metrics, /debug/pprof/).
  • WithRoutes: Initializes new router, uses logging middleware, adds Loki and Thanos routes.
  • WithLoki: Adds Loki API routes, warns if Loki URL not set (skips).
  • WithThanos: Adds Thanos API routes, warns if Thanos URL not set (skips).
  • handler: Orchestrates proxy behavior, performs OAuth token validation, conditional enforcement, and forwards requests.
  • streamUp: Forwards request to upstream server using a reverse proxy.
  • setHeader: Sets HTTP headers, optionally includes authorization.
  • Logging: Uses zerolog for logging activities and errors.
  • Configurations: Reads settings like URLs, headers, and TLS flags from a.Cfg.
  • Error Handling: Various functions handle errors by logging and responding with appropriate HTTP statuses.
• File: structs.go
  • Deleted: File removed
• File: util.go
  • Removed Functions: ContainsIgnoreCase, MapKeysToArray, teardown
  • Functionality: String comparison, map key extraction, teardown initConfig removed
  • Changes: Code simplification, possibly moved functions
• File: README.md
  • Updated: Updated with new instructions for building and running the proxy.

v0.5.1

What's Changed

• feat(GPX-669): Add TLS support for datasources by @Lucostus in #66

Full Changelog: 0.3.2...v0.5.1

v0.5.0

feat(GPX-669): Add TLS support for datasources (#66)

+ added support for loading certificates for loki and thanos
+ restructured configmap to enhance readability and ease of use

0.3.2

chore(deps): update registry.access.redhat.com/ubi9/go-toolset docker…

0.3.1

hotfix: removed need for labels.yaml (#63)

+ made labels.yaml optional
#patch

0.3.0

Feat(GPX-675): Metrics Port (#62)

+ Switched from magically assigning metrics port to be a config option
+ changed a debug message

0.2.0

feat(GPX-675): Added support for metrics (#57)

+ Created a middleware instance for metrics.
+ Added "/metrics" endpoint.
+ Started serving metrics on a separate port.
+ Wrapped the `reverseProxy` handler with the middleware.
#minor

0.1.7

Fix(GPX-696): Add support for labels endpoint (#56)

Improve query enforcement and error handling in proxy server

1. Added 'log_tokens' attribute in the config file, defaulting to false. This controls whether request tokens should be logged.
2. Improved the query enforcement in 'promqlEnforcer' function. Now, it also checks if the query is empty and sets it according to the 'allowedTenantLabels'.
3. Numerous changes were made in the 'reverseProxy' function to better handle requests and errors:
   - Removed the requirement for 'X-Plugin-Id' header, instead using URL path to differentiate between Thanos and Loki.
   + Added checks for '/api/v1/label' and '/api/v1/series' in the URL path.
   + Refactored error handling into two separate functions, one for standard error messages and another for custom messages.
   + Improved request logging to include method, URL, header, and body information. If 'log_tokens' is set to false, sensitive information is redacted.
   + Added support for handling POST requests and their bodies. The body query is also enforced using the 'enforceFunc' function.
4. Updated unit tests to reflect these changes.

0.1.6

fix(deps): update module github.com/prometheus-community/prom-label-p…

0.1.5

fix(deps): update github.com/observatorium/api digest to 684eb1b (#54)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>