mirror of
https://github.com/Unleash/unleash.git
synced 2025-01-31 00:16:47 +01:00
6170d10e62
9 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Christopher Kolstad
|
53354224fc
|
chore: Bump biome and configure husky (#6589)
Upgrades biome to 1.6.1, and updates husky pre-commit hook. Most changes here are making type imports explicit. |
||
Daniel Brooks
|
1392b10727
|
fix(import): making all imports relative and removing baseUrl (#5847)
Co-authored-by: Simon Hornby <liquidwicked64@gmail.com> |
||
Nuno Góis
|
b55d677d1e
|
feat: add prom metric for total custom root roles in use (#4438)
https://linear.app/unleash/issue/2-1311/add-a-new-prometheus-metric-with-custom-root-roles-in-use As a follow-up to https://github.com/Unleash/unleash/pull/4435, this PR adds a metric for total custom root roles in use by at least one entity: users, service accounts, groups. `custom_root_roles_in_use_total` Output from `http://localhost:4242/internal-backstage/prometheus`: ``` # HELP process_cpu_user_seconds_total Total user CPU time spent in seconds. # TYPE process_cpu_user_seconds_total counter process_cpu_user_seconds_total 0.060755 # HELP process_cpu_system_seconds_total Total system CPU time spent in seconds. # TYPE process_cpu_system_seconds_total counter process_cpu_system_seconds_total 0.01666 # HELP process_cpu_seconds_total Total user and system CPU time spent in seconds. # TYPE process_cpu_seconds_total counter process_cpu_seconds_total 0.077415 # HELP process_start_time_seconds Start time of the process since unix epoch in seconds. # TYPE process_start_time_seconds gauge process_start_time_seconds 1691420275 # HELP process_resident_memory_bytes Resident memory size in bytes. # TYPE process_resident_memory_bytes gauge process_resident_memory_bytes 199196672 # HELP nodejs_eventloop_lag_seconds Lag of event loop in seconds. # TYPE nodejs_eventloop_lag_seconds gauge nodejs_eventloop_lag_seconds 0 # HELP nodejs_eventloop_lag_min_seconds The minimum recorded event loop delay. # TYPE nodejs_eventloop_lag_min_seconds gauge nodejs_eventloop_lag_min_seconds 0.009076736 # HELP nodejs_eventloop_lag_max_seconds The maximum recorded event loop delay. # TYPE nodejs_eventloop_lag_max_seconds gauge nodejs_eventloop_lag_max_seconds 0.037683199 # HELP nodejs_eventloop_lag_mean_seconds The mean of the recorded event loop delays. # TYPE nodejs_eventloop_lag_mean_seconds gauge nodejs_eventloop_lag_mean_seconds 0.011063251638989169 # HELP nodejs_eventloop_lag_stddev_seconds The standard deviation of the recorded event loop delays. # TYPE nodejs_eventloop_lag_stddev_seconds gauge nodejs_eventloop_lag_stddev_seconds 0.0013618102764025837 # HELP nodejs_eventloop_lag_p50_seconds The 50th percentile of the recorded event loop delays. # TYPE nodejs_eventloop_lag_p50_seconds gauge nodejs_eventloop_lag_p50_seconds 0.011051007 # HELP nodejs_eventloop_lag_p90_seconds The 90th percentile of the recorded event loop delays. # TYPE nodejs_eventloop_lag_p90_seconds gauge nodejs_eventloop_lag_p90_seconds 0.011321343 # HELP nodejs_eventloop_lag_p99_seconds The 99th percentile of the recorded event loop delays. # TYPE nodejs_eventloop_lag_p99_seconds gauge nodejs_eventloop_lag_p99_seconds 0.013688831 # HELP nodejs_active_resources Number of active resources that are currently keeping the event loop alive, grouped by async resource type. # TYPE nodejs_active_resources gauge nodejs_active_resources{type="FSReqCallback"} 1 nodejs_active_resources{type="TTYWrap"} 3 nodejs_active_resources{type="TCPSocketWrap"} 5 nodejs_active_resources{type="TCPServerWrap"} 1 nodejs_active_resources{type="Timeout"} 1 nodejs_active_resources{type="Immediate"} 1 # HELP nodejs_active_resources_total Total number of active resources. # TYPE nodejs_active_resources_total gauge nodejs_active_resources_total 12 # HELP nodejs_active_handles Number of active libuv handles grouped by handle type. Every handle type is C++ class name. # TYPE nodejs_active_handles gauge nodejs_active_handles{type="WriteStream"} 2 nodejs_active_handles{type="ReadStream"} 1 nodejs_active_handles{type="Socket"} 5 nodejs_active_handles{type="Server"} 1 # HELP nodejs_active_handles_total Total number of active handles. # TYPE nodejs_active_handles_total gauge nodejs_active_handles_total 9 # HELP nodejs_active_requests Number of active libuv requests grouped by request type. Every request type is C++ class name. # TYPE nodejs_active_requests gauge nodejs_active_requests{type="FSReqCallback"} 1 # HELP nodejs_active_requests_total Total number of active requests. # TYPE nodejs_active_requests_total gauge nodejs_active_requests_total 1 # HELP nodejs_heap_size_total_bytes Process heap size from Node.js in bytes. # TYPE nodejs_heap_size_total_bytes gauge nodejs_heap_size_total_bytes 118587392 # HELP nodejs_heap_size_used_bytes Process heap size used from Node.js in bytes. # TYPE nodejs_heap_size_used_bytes gauge nodejs_heap_size_used_bytes 89642552 # HELP nodejs_external_memory_bytes Node.js external memory size in bytes. # TYPE nodejs_external_memory_bytes gauge nodejs_external_memory_bytes 1601594 # HELP nodejs_heap_space_size_total_bytes Process heap space size total from Node.js in bytes. # TYPE nodejs_heap_space_size_total_bytes gauge nodejs_heap_space_size_total_bytes{space="read_only"} 0 nodejs_heap_space_size_total_bytes{space="old"} 70139904 nodejs_heap_space_size_total_bytes{space="code"} 3588096 nodejs_heap_space_size_total_bytes{space="map"} 2899968 nodejs_heap_space_size_total_bytes{space="large_object"} 7258112 nodejs_heap_space_size_total_bytes{space="code_large_object"} 1146880 nodejs_heap_space_size_total_bytes{space="new_large_object"} 0 nodejs_heap_space_size_total_bytes{space="new"} 33554432 # HELP nodejs_heap_space_size_used_bytes Process heap space size used from Node.js in bytes. # TYPE nodejs_heap_space_size_used_bytes gauge nodejs_heap_space_size_used_bytes{space="read_only"} 0 nodejs_heap_space_size_used_bytes{space="old"} 66992120 nodejs_heap_space_size_used_bytes{space="code"} 2892640 nodejs_heap_space_size_used_bytes{space="map"} 2519280 nodejs_heap_space_size_used_bytes{space="large_object"} 7026824 nodejs_heap_space_size_used_bytes{space="code_large_object"} 983200 nodejs_heap_space_size_used_bytes{space="new_large_object"} 0 nodejs_heap_space_size_used_bytes{space="new"} 9236136 # HELP nodejs_heap_space_size_available_bytes Process heap space size available from Node.js in bytes. # TYPE nodejs_heap_space_size_available_bytes gauge nodejs_heap_space_size_available_bytes{space="read_only"} 0 nodejs_heap_space_size_available_bytes{space="old"} 1898360 nodejs_heap_space_size_available_bytes{space="code"} 7328 nodejs_heap_space_size_available_bytes{space="map"} 327888 nodejs_heap_space_size_available_bytes{space="large_object"} 0 nodejs_heap_space_size_available_bytes{space="code_large_object"} 0 nodejs_heap_space_size_available_bytes{space="new_large_object"} 16495616 nodejs_heap_space_size_available_bytes{space="new"} 7259480 # HELP nodejs_version_info Node.js version info. # TYPE nodejs_version_info gauge nodejs_version_info{version="v18.16.0",major="18",minor="16",patch="0"} 1 # HELP nodejs_gc_duration_seconds Garbage collection duration by kind, one of major, minor, incremental or weakcb. # TYPE nodejs_gc_duration_seconds histogram # HELP http_request_duration_milliseconds App response time # TYPE http_request_duration_milliseconds summary # HELP db_query_duration_seconds DB query duration time # TYPE db_query_duration_seconds summary db_query_duration_seconds{quantile="0.1",store="api-tokens",action="getAllActive"} 0.03091475 db_query_duration_seconds{quantile="0.5",store="api-tokens",action="getAllActive"} 0.03091475 db_query_duration_seconds{quantile="0.9",store="api-tokens",action="getAllActive"} 0.03091475 db_query_duration_seconds{quantile="0.95",store="api-tokens",action="getAllActive"} 0.03091475 db_query_duration_seconds{quantile="0.99",store="api-tokens",action="getAllActive"} 0.03091475 db_query_duration_seconds_sum{store="api-tokens",action="getAllActive"} 0.03091475 db_query_duration_seconds_count{store="api-tokens",action="getAllActive"} 1 # HELP feature_toggle_update_total Number of times a toggle has been updated. Environment label would be "n/a" when it is not available, e.g. when a feature toggle is created. # TYPE feature_toggle_update_total counter # HELP feature_toggle_usage_total Number of times a feature toggle has been used # TYPE feature_toggle_usage_total counter # HELP feature_toggles_total Number of feature toggles # TYPE feature_toggles_total gauge feature_toggles_total{version="5.3.0"} 31 # HELP users_total Number of users # TYPE users_total gauge users_total 1011 # HELP projects_total Number of projects # TYPE projects_total gauge projects_total 4 # HELP environments_total Number of environments # TYPE environments_total gauge environments_total 10 # HELP groups_total Number of groups # TYPE groups_total gauge groups_total 5 # HELP roles_total Number of roles # TYPE roles_total gauge roles_total 11 # HELP custom_root_roles_total Number of custom root roles # TYPE custom_root_roles_total gauge custom_root_roles_total 3 # HELP custom_root_roles_in_use_total Number of custom root roles in use # TYPE custom_root_roles_in_use_total gauge custom_root_roles_in_use_total 2 # HELP segments_total Number of segments # TYPE segments_total gauge segments_total 5 # HELP context_total Number of context # TYPE context_total gauge context_total 7 # HELP strategies_total Number of strategies # TYPE strategies_total gauge strategies_total 5 # HELP client_apps_total Number of registered client apps aggregated by range by last seen # TYPE client_apps_total gauge client_apps_total{range="allTime"} 0 client_apps_total{range="30d"} 0 client_apps_total{range="7d"} 0 # HELP saml_enabled Whether SAML is enabled # TYPE saml_enabled gauge saml_enabled 1 # HELP oidc_enabled Whether OIDC is enabled # TYPE oidc_enabled gauge oidc_enabled 0 # HELP client_sdk_versions Which sdk versions are being used # TYPE client_sdk_versions counter # HELP optimal_304_diffing Count the Optimal 304 diffing with status # TYPE optimal_304_diffing counter # HELP db_pool_min Minimum DB pool size # TYPE db_pool_min gauge db_pool_min 0 # HELP db_pool_max Maximum DB pool size # TYPE db_pool_max gauge db_pool_max 4 # HELP db_pool_free Current free connections in DB pool # TYPE db_pool_free gauge db_pool_free 0 # HELP db_pool_used Current connections in use in DB pool # TYPE db_pool_used gauge db_pool_used 4 # HELP db_pool_pending_creates how many asynchronous create calls are running in DB pool # TYPE db_pool_pending_creates gauge db_pool_pending_creates 0 # HELP db_pool_pending_acquires how many acquires are waiting for a resource to be released in DB pool # TYPE db_pool_pending_acquires gauge db_pool_pending_acquires 24 ``` |
||
|
Nuno Góis
|
555b27a653
|
feat: add prom metric for total custom root roles (#4435)
https://linear.app/unleash/issue/2-1293/label-our-metrics-about-roles-to-include-also-if-the-role-is-a-root Adds a Prometheus metric for total custom root roles. Also adds it to the instance telemetry collection. Q: Should we use a `labeledRoles` kind of metric instead, similar to what we're doing for `clientApps` and their ranges? |
||
|
Nuno Góis
|
bb026c0ba1
|
feat: custom root roles (#3975)
## About the changes Implements custom root roles, encompassing a lot of different areas of the project, and slightly refactoring the current roles logic. It includes quite a clean up. This feature itself is behind a flag: `customRootRoles` This feature covers root roles in: - Users; - Service Accounts; - Groups; Apologies in advance. I may have gotten a bit carried away 🙈 ### Roles We now have a new admin tab called "Roles" where we can see all root roles and manage custom ones. We are not allowed to edit or remove *predefined* roles.  This meant slightly pushing away the existing roles to `project-roles` instead. One idea we want to explore in the future is to unify both types of roles in the UI instead of having 2 separate tabs. This includes modernizing project roles to fit more into our current design and decisions. Hovering the permissions cell expands detailed information about the role:  ### Create and edit role Here's how the role form looks like (create / edit):  Here I categorized permissions so it's easier to visualize and manage from a UX perspective. I'm using the same endpoint as before. I tried to unify the logic and get rid of the `projectRole` specific hooks. What distinguishes custom root roles from custom project roles is the extra `root-custom` type we see on the payload. By default we assume `custom` (custom project role) instead, which should help in terms of backwards compatibility. ### Delete role When we delete a custom role we try to help the end user make an informed decision by listing all the entities which currently use this custom root role:  ~~As mentioned in the screenshot, when deleting a custom role, we demote all entities associated with it to the predefined `Viewer` role.~~ **EDIT**: Apparently we currently block this from the API (access-service deleteRole) with a message:  What should the correct behavior be? ### Role selector I added a new easy-to-use role selector component that is present in: - Users  - Service Accounts  - Groups  ### Role description I also added a new role description component that you can see below the dropdown in the selector component, but it's also used to better describe each role in the respective tables:  I'm not listing all the permissions of predefined roles. Those simply show the description in the tooltip:  ### Role badge Groups is a bit different, since it uses a list of cards, so I added yet another component - Role badge:  I'm using this same component on the profile tab:  ## Discussion points - Are we being defensive enough with the use of the flag? Should we cover more? - Are we breaking backwards compatibility in any way? - What should we do when removing a role? Block or demote? - Maybe some existing permission-related issues will surface with this change: Are we being specific enough with our permissions? A lot of places are simply checking for `ADMIN`; - We may want to get rid of the API roles coupling we have with the users and SAs and instead use the new hooks (e.g. `useRoles`) explicitly; - We should update the docs; - Maybe we could allow the user to add a custom role directly from the role selector component; --------- Co-authored-by: Gastón Fournier <gaston@getunleash.io> |
||
Mateusz Kwasniewski
|
96b21f08b0
|
feat: allow every store to participate in transaction (#3016) | ||
Ivar Conradi Østhus
|
cf4fc2303b
|
Feat/stats service (#2211)
Introduces an instance stats service exposing usage metrics of the Unleash installation. |
||
sighphyre
|
5806b6748f
|
Feat/grouping (#1845)
* Implement user grouping feature for permissions Co-authored-by: Thomas Heartman <thomas@getunleash.ai> Co-authored-by: Jaanus Sellin <sellinjaanus@gmail.com> Co-authored-by: Nuno Góis <github@nunogois.com> Co-authored-by: Thomas Heartman <thomas@getunleash.ai> |
||
|
sighphyre
|
0c78980502
|
feat: custom project roles (#1220)
* wip: environment for permissions * fix: add migration for roles * fix: connect environment with access service * feat: add tests * chore: Implement scaffolding for new rbac * fix: add fake store * feat: Add api endpoints for roles and permissions list * feat: Add ability to provide permissions when creating a role and rename environmentName to name in the list permissions datastructure * fix: Make project roles resolve correctly against new environments permissions structure * fix: Patch migration to also populate permission names * fix: Make permissions actually work with new environments * fix: Add back to get permissions working for editor role * fix: Removed ability to set role type through api during creation - it's now always custom * feat: Return permissions on get role endpoint * feat: Add in support for updating roles * fix: Get a bunch of tests working and delete a few that make no sense anymore * chore: A few small cleanups - remove logging and restore default on dev server config * chore: Refactor role/access stores into more logical domains * feat: Add in validation for roles * feat: Patch db migration to handle old stucture * fix: migration for project roles * fix: patch a few broken tests * fix: add permissions to editor * fix: update test name * fix: update user permission mapping * fix: create new user * fix: update root role test * fix: update tests * feat: Validation now works when updating a role * fix: Add in very barebones down migration for rbac so that tests work * fix: Improve responses from role resolution - getting a non existant role will throw a NotFound error * fix: remove unused permissions * fix: add test for connecting roles and deleting project * fix: add test for adding a project member with a custom role * fix: add test for changing user role * fix: add guard for deleting role if the role is in use * fix: alter migration * chore: Minor code cleanups * chore: Small code cleanups * chore: More minor cleanups of code * chore: Trim some dead code to make the linter happy * feat: Schema validation for roles * fix: setup permission for variant * fix: remove unused import * feat: Add cascading delete for role_permissions when deleting a role * feat: add configuration option for disabling legacy api * chore: update frontend to beta version * 4.6.0-beta.0 * fix: export default project constant * fix: update snapshot * fix: module pattern ../../lib * fix: move DEFAULT_PROJECT to types * fix: remove debug logging * fix: remove debug log state * fix: Change permission descriptions * fix: roles should have unique name * fix: root roles should be connected to the default project * fix: typo in role-schema.ts * fix: Role permission empty string for non environment type * feat: new permission for moving project * fix: add event for changeProject * fix: Removing a user from a project will now check to see if that project has an owner, rather than checking if any project has an owner * fix: add tests for move project * fix: Add in missing create/delete tag permissions * fix: Removed duplicate impl caused by multiple good samaritans putting it back in! * fix: Trim out add tag permissions, for now at least * chore: Trim out new add and delete tag permissions - we're going with update feature instead * chore: update frontend * 4.6.0-beta.1 * feat: Prevent editing of built in roles * fix: Patch an issue where permissions for variants/environments didn't match the front end * fix: lint Co-authored-by: Ivar Conradi Østhus <ivarconr@gmail.com> Co-authored-by: Fredrik Oseberg <fredrik.no@gmail.com> |