Merge branch 'main' into endpoint-slices

Author: andrewazores

compose/auth_certs/generate.sh

@@ -53,3 +53,5 @@ volumes:
     external: true
   probes:
     external: true
+  credentials:
+    external: true

compose/cryostat.yml

@@ -30,6 +30,7 @@ services:
         -Dcom.sun.management.jmxremote.ssl=false
         -Dcom.sun.management.jmxremote.local.only=false
       QUARKUS_HTTP_PORT: 10001
+      CRYOSTAT_STORAGE_BASE_URI: http://s3:8333
     healthcheck:
       test: curl --fail http://localhost:10001/ || exit 1
       retries: 3

compose/reports.yml

@@ -33,7 +33,7 @@
     <build.arch>amd64</build.arch>
 
     <io.cryostat.core.version>4.1.0-SNAPSHOT</io.cryostat.core.version>
-    <org.openjdk.jmc.version>9.0.0</org.openjdk.jmc.version>
+    <org.openjdk.jmc.version>9.1.0</org.openjdk.jmc.version>
 
     <org.apache.commons.io.version>2.16.1</org.apache.commons.io.version>
     <org.apache.commons.collections.version>4.4</org.apache.commons.collections.version>
@@ -45,7 +45,7 @@
     <quarkus.platform.artifact-id>quarkus-bom</quarkus.platform.artifact-id>
     <quarkus.platform.group-id>io.quarkus.platform</quarkus.platform.group-id>
     <quarkus.platform.version>3.15.4</quarkus.platform.version>
-    <quarkus-quinoa.version>2.5.3</quarkus-quinoa.version>
+    <quarkus-quinoa.version>2.5.4</quarkus-quinoa.version>
     <org.hibernate.orm.hibernate.jfr.version>6.6.7.Final</org.hibernate.orm.hibernate.jfr.version><!-- TODO is there some way to grab the Hibernate version used by Quarkus to match this version? -->
     <org.codehaus.mojo.build.helper.plugin.version>3.6.0</org.codehaus.mojo.build.helper.plugin.version>
     <org.codehaus.mojo.exec.plugin.version>3.5.0</org.codehaus.mojo.exec.plugin.version>

pom.xml

@@ -319,10 +319,6 @@ components:
         statusMessage:
           type: string
       type: object
-    Instant:
-      example: 2022-03-10T16:15:50Z
-      format: date-time
-      type: string
     JsonObject:
       items:
         properties:
@@ -397,8 +393,6 @@ components:
       type: object
     Metadata:
       properties:
-        expiry:
-          $ref: '#/components/schemas/Instant'
         labels:
           additionalProperties:
             type: string

schema/openapi.yaml

@@ -122,8 +122,6 @@ type MemoryUtilization {
 }
 
 type Metadata {
-  "ISO-8601"
-  expiry: DateTime
   labels(
     "Get entry/entries for a certain key/s"
     key: [String]

schema/schema.graphql

@@ -354,6 +354,15 @@ createProbeTemplateVolume() {
 }
 createProbeTemplateVolume
 
+createCredentialVolume() {
+    "${container_engine}" volume create credentials
+    "${container_engine}" container create --name credentials_helper -v credentials:/credentials registry.access.redhat.com/ubi9/ubi-micro
+    if [ -d "${DIR}/credentials" ]; then
+        "${container_engine}" cp "${DIR}/credentials" credentials_helper:/credentials
+    fi
+}
+createCredentialVolume
+
 setupUserHosts() {
     # This requires https://github.com/figiel/hosts to work. See README.
     truncate -s 0 "${HOSTSFILE}"

smoketest.bash

@@ -21,8 +21,6 @@ public class ConfigProperties {
             "storage.buckets.event-templates.name";
     public static final String AWS_BUCKET_NAME_PROBE_TEMPLATES =
             "storage.buckets.probe-templates.name";
-    public static final String AWS_OBJECT_EXPIRATION_LABELS =
-            "storage.buckets.archives.expiration-label";
 
     public static final String CONTAINERS_POLL_PERIOD = "cryostat.discovery.containers.poll-period";
     public static final String CONTAINERS_REQUEST_TIMEOUT =
@@ -35,6 +33,8 @@ public class ConfigProperties {
     public static final String CONNECTIONS_UPLOAD_TIMEOUT = "cryostat.connections.upload-timeout";
 
     public static final String REPORTS_SIDECAR_URL = "quarkus.rest-client.reports.url";
+    public static final String REPORTS_USE_PRESIGNED_TRANSFER =
+            "cryostat.services.reports.use-presigned-transfer";
     public static final String REPORTS_MEMORY_CACHE_ENABLED =
             "cryostat.services.reports.memory-cache.enabled";
     public static final String REPORTS_STORAGE_CACHE_ENABLED =
@@ -51,15 +51,13 @@ public class ConfigProperties {
     public static final String STORAGE_EXT_URL = "storage-ext.url";
     public static final String STORAGE_PRESIGNED_DOWNLOADS_ENABLED =
             "storage.presigned-downloads.enabled";
-    public static final String STORAGE_TRANSIENT_ARCHIVES_ENABLED =
-            "storage.transient-archives.enabled";
-    public static final String STORAGE_TRANSIENT_ARCHIVES_TTL = "storage.transient-archives.ttl";
 
     public static final String CUSTOM_TEMPLATES_DIR = "templates-dir";
     public static final String PRESET_TEMPLATES_DIR = "preset-templates-dir";
     public static final String PROBE_TEMPLATES_DIR = "probe-templates-dir";
     public static final String SSL_TRUSTSTORE_DIR = "ssl.truststore.dir";
     public static final String RULES_DIR = "rules-dir";
+    public static final String CREDENTIALS_DIR = "credentials-dir";
 
     public static final String URI_RANGE = "cryostat.target.uri-range";
 

src/main/java/io/cryostat/ConfigProperties.java

@@ -19,7 +19,7 @@
 
 import io.quarkus.runtime.StartupEvent;
 import io.quarkus.vertx.LocalEventBusCodec;
-import io.vertx.core.eventbus.EventBus;
+import io.vertx.mutiny.core.eventbus.EventBus;
 import jakarta.enterprise.event.Observes;
 import jakarta.inject.Inject;
 
@@ -28,6 +28,7 @@ public class MessageCodecs {
     @Inject EventBus bus;
 
     void onStart(@Observes StartupEvent evt) {
-        bus.registerDefaultCodec(LinkedRecordingDescriptor.class, new LocalEventBusCodec<>());
+        bus.getDelegate()
+                .registerDefaultCodec(LinkedRecordingDescriptor.class, new LocalEventBusCodec<>());
     }
 }

src/main/java/io/cryostat/MessageCodecs.java

@@ -15,21 +15,30 @@
  */
 package io.cryostat.credentials;
 
+import java.io.BufferedInputStream;
+import java.io.IOException;
 import java.net.URISyntaxException;
+import java.nio.file.Files;
 import java.util.ArrayList;
 import java.util.Collection;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 import java.util.Objects;
 import java.util.Optional;
 
+import io.cryostat.ConfigProperties;
 import io.cryostat.expressions.MatchExpression;
 import io.cryostat.expressions.MatchExpression.TargetMatcher;
 import io.cryostat.targets.Target;
 import io.cryostat.targets.TargetConnectionManager;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
+import io.quarkus.runtime.StartupEvent;
 import io.smallrye.common.annotation.Blocking;
 import io.smallrye.mutiny.Uni;
 import jakarta.annotation.security.RolesAllowed;
+import jakarta.enterprise.event.Observes;
 import jakarta.inject.Inject;
 import jakarta.transaction.Transactional;
 import jakarta.ws.rs.DELETE;
@@ -39,6 +48,7 @@
 import jakarta.ws.rs.Path;
 import jakarta.ws.rs.core.Context;
 import jakarta.ws.rs.core.UriInfo;
+import org.eclipse.microprofile.config.inject.ConfigProperty;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.reactive.RestForm;
 import org.jboss.resteasy.reactive.RestPath;
@@ -49,9 +59,59 @@
 @Path("/api/v4/credentials")
 public class Credentials {
 
+    @ConfigProperty(name = ConfigProperties.CREDENTIALS_DIR)
+    java.nio.file.Path dir;
+
     @Inject TargetConnectionManager connectionManager;
     @Inject TargetMatcher targetMatcher;
     @Inject Logger logger;
+    @Inject ObjectMapper mapper;
+
+    @Transactional
+    void onStart(@Observes StartupEvent evt) {
+        if (!checkDir()) {
+            return;
+        }
+        try {
+            Files.walk(dir)
+                    .filter(Files::isRegularFile)
+                    .filter(Files::isReadable)
+                    .forEach(this::createFromFile);
+        } catch (IOException e) {
+            logger.error(e);
+        }
+    }
+
+    private boolean checkDir() {
+        return Files.exists(dir)
+                && Files.isReadable(dir)
+                && Files.isExecutable(dir)
+                && Files.isDirectory(dir);
+    }
+
+    private void createFromFile(java.nio.file.Path path) {
+        try (var is = new BufferedInputStream(Files.newInputStream(path))) {
+            var credential = mapper.readValue(is, Credential.class);
+            Map<String, Object> params = new HashMap<String, Object>();
+            params.put("username", credential.username);
+            params.put("password", credential.password);
+            params.put("matchExpression", credential.matchExpression);
+            var exists =
+                    Credential.find(
+                                            "username = :username"
+                                                    + " and password = :password"
+                                                    + " and matchExpression = :matchExpression",
+                                            params)
+                                    .count()
+                            != 0;
+            if (exists) {
+                return;
+            }
+            credential.persist();
+        } catch (Exception e) {
+            logger.error("Failed to create credentials from file", e);
+        }
+    }
 
     @POST
     @Blocking

src/main/java/io/cryostat/credentials/Credentials.java

@@ -21,8 +21,10 @@
 import java.util.Map;
 import java.util.Objects;
 import java.util.Optional;
+import java.util.function.Consumer;
 import java.util.function.Predicate;
 
+import io.cryostat.discovery.NodeType.BaseNodeType;
 import io.cryostat.targets.Target;
 
 import com.fasterxml.jackson.annotation.JsonIgnore;
@@ -41,6 +43,7 @@
 import jakarta.persistence.Entity;
 import jakarta.persistence.EntityListeners;
 import jakarta.persistence.FetchType;
+import jakarta.persistence.Index;
 import jakarta.persistence.JoinColumn;
 import jakarta.persistence.ManyToOne;
 import jakarta.persistence.NamedQueries;
@@ -51,6 +54,7 @@
 import jakarta.persistence.PostRemove;
 import jakarta.persistence.PostUpdate;
 import jakarta.persistence.PrePersist;
+import jakarta.persistence.Table;
 import jakarta.validation.constraints.NotBlank;
 import jakarta.validation.constraints.NotNull;
 import org.hibernate.annotations.JdbcTypeCode;
@@ -64,6 +68,7 @@
             name = "DiscoveryNode.byTypeWithName",
             query = "from DiscoveryNode where nodeType = :nodeType and name = :name")
 })
+@Table(indexes = {@Index(columnList = "nodeType"), @Index(columnList = "nodeType, name")})
 public class DiscoveryNode extends PanacheEntity {
 
     public static final String NODE_TYPE = "nodeType";
@@ -119,24 +124,22 @@ public static DiscoveryNode getUniverse() {
     }
 
     public static Optional<DiscoveryNode> getRealm(String name) {
-        return getUniverse().children.stream().filter(n -> name.equals(n.name)).findFirst();
+        return DiscoveryNode.<DiscoveryNode>find(
+                        "#DiscoveryNode.byTypeWithName",
+                        Parameters.with("nodeType", BaseNodeType.REALM.getKind()).and("name", name))
+                .firstResultOptional();
     }
 
     public static Optional<DiscoveryNode> getChild(
             DiscoveryNode node, Predicate<DiscoveryNode> predicate) {
         return node.children.stream().filter(predicate).findFirst();
     }
 
-    public static Optional<DiscoveryNode> getNode(Predicate<DiscoveryNode> predicate) {
-        List<DiscoveryNode> nodes = listAll();
-        return nodes.stream().filter(predicate).findFirst();
-    }
-
-    public static List<DiscoveryNode> findAllByNodeType(NodeType nodeType) {
-        return DiscoveryNode.find(DiscoveryNode.NODE_TYPE, nodeType.getKind()).list();
-    }
-
-    public static DiscoveryNode environment(String name, NodeType nodeType) {
+    static DiscoveryNode byTypeWithName(
+            NodeType nodeType,
+            String name,
+            Predicate<DiscoveryNode> predicate,
+            Consumer<DiscoveryNode> customizer) {
         var kind = nodeType.getKind();
         return DiscoveryNode.<DiscoveryNode>find(
                         "#DiscoveryNode.byTypeWithName",
@@ -153,32 +156,29 @@ public static DiscoveryNode environment(String name, NodeType nodeType) {
                                                     node.labels = new HashMap<>();
                                                     node.children = new ArrayList<>();
                                                     node.target = null;
+                                                    customizer.accept(node);
                                                     node.persist();
                                                     return node;
                                                 }));
     }
 
+    public static List<DiscoveryNode> findAllByNodeType(NodeType nodeType) {
+        return DiscoveryNode.find(DiscoveryNode.NODE_TYPE, nodeType.getKind()).list();
+    }
+
+    public static DiscoveryNode environment(String name, NodeType nodeType) {
+        return byTypeWithName(nodeType, name, n -> true, n -> {});
+    }
+
     public static DiscoveryNode target(Target target, NodeType nodeType) {
-        var kind = nodeType.getKind();
-        var connectUrl = target.connectUrl.toString();
-        return DiscoveryNode.<DiscoveryNode>find(
-                        "#DiscoveryNode.byTypeWithName",
-                        Parameters.with("nodeType", kind).and("name", connectUrl))
-                .firstResultOptional()
-                .orElseGet(
-                        () ->
-                                QuarkusTransaction.joiningExisting()
-                                        .call(
-                                                () -> {
-                                                    DiscoveryNode node = new DiscoveryNode();
-                                                    node.name = connectUrl;
-                                                    node.nodeType = kind;
-                                                    node.labels = new HashMap<>(target.labels);
-                                                    node.children = null;
-                                                    node.target = target;
-                                                    node.persist();
-                                                    return node;
-                                                }));
+        return byTypeWithName(
+                nodeType,
+                target.connectUrl.toString(),
+                n -> true,
+                n -> {
+                    n.target = target;
+                    n.labels.putAll(target.labels);
+                });
     }
 
     @Override

src/main/java/io/cryostat/discovery/DiscoveryNode.java

@@ -35,7 +35,7 @@
 import io.quarkus.runtime.StartupEvent;
 import io.quarkus.vertx.ConsumeEvent;
 import io.vertx.core.Vertx;
-import io.vertx.core.eventbus.EventBus;
+import io.vertx.mutiny.core.eventbus.EventBus;
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.enterprise.event.Observes;
 import jakarta.enterprise.inject.Produces;

src/main/java/io/cryostat/discovery/JDPDiscovery.java

@@ -511,29 +511,19 @@ private Pair<HasMetadata, DiscoveryNode> queryForNode(
                 nodeType.getQueryFunction().apply(client).apply(namespace).apply(name);
 
         DiscoveryNode node =
-                DiscoveryNode.getNode(
-                                n -> {
-                                    return nodeType.getKind().equals(n.nodeType)
-                                            && name.equals(n.name)
-                                            && namespace.equals(
-                                                    n.labels.get(DISCOVERY_NAMESPACE_LABEL_KEY));
-                                })
-                        .orElseGet(
-                                () -> {
-                                    DiscoveryNode newNode = new DiscoveryNode();
-                                    newNode.name = name;
-                                    newNode.nodeType = nodeType.getKind();
-                                    newNode.children = new ArrayList<>();
-                                    newNode.target = null;
-                                    Map<String, String> labels =
-                                            kubeObj != null
-                                                    ? kubeObj.getMetadata().getLabels()
-                                                    : new HashMap<>();
-                                    // Add namespace to label to retrieve node later
-                                    labels.put(DISCOVERY_NAMESPACE_LABEL_KEY, namespace);
-                                    newNode.labels = labels;
-                                    return newNode;
-                                });
+                DiscoveryNode.byTypeWithName(
+                        nodeType,
+                        name,
+                        n -> namespace.equals(n.labels.get(DISCOVERY_NAMESPACE_LABEL_KEY)),
+                        n -> {
+                            Map<String, String> labels =
+                                    kubeObj != null
+                                            ? kubeObj.getMetadata().getLabels()
+                                            : new HashMap<>();
+                            // Add namespace to label to retrieve node later
+                            labels.put(DISCOVERY_NAMESPACE_LABEL_KEY, namespace);
+                            n.labels.putAll(labels);
+                        });
         return Pair.of(kubeObj, node);
     }