feat(kiai): add support to multiple providers (backstage#2475)

Signed-off-by: Alberto Gutierrez <[email protected]>
miqdigital · Jan 14, 2025 · 117f8e0 · 117f8e0
1 parent 77035bf
commit 117f8e0
Show file tree

Hide file tree

Showing 42 changed files with 1,029 additions and 400 deletions.
diff --git a/workspaces/kiali/.changeset/metal-tomatoes-kick.md b/workspaces/kiali/.changeset/metal-tomatoes-kick.md
@@ -0,0 +1,6 @@
+---
+'@backstage-community/plugin-kiali-backend': minor
+'@backstage-community/plugin-kiali': minor
+---
+
+Support multi providers in Kiali
diff --git a/workspaces/kiali/README.md b/workspaces/kiali/README.md
@@ -25,10 +25,12 @@ The Kiali plugin has the following capabilities:
   ```yaml
   annotations:
     ...
-
+    kiali.io/provider: default
     kiali.io/namespace: <RESOURCE_NS>
   ```
 
+**kiali.io/provider** This value must match with the **name** provider in `app-config.yaml`
+
 #### Setting up the Kiali frontend package
 
 1. Install the Kiali plugin using the following commands:
@@ -96,10 +98,11 @@ The Kiali plugin has the following capabilities:
 3. Configure you `app-config.yaml` with kiali configuration
 
 ```yaml
-catalog:
+kiali:
   providers:
     # highlight-add-start
-    kiali:
+    # Required. Name of provider taht match the entity annotation
+    - name: 'default'
       # Required. Kiali endpoint
       url: ${KIALI_ENDPOINT}
       # Optional. Required by token authentication
@@ -122,14 +125,17 @@ Authentication methods:
 
 The following table describes the parameters that you can configure to enable the plugin under `catalog.providers.keycloakOrg.<ENVIRONMENT_NAME>` object in the `app-config.yaml` file:
 
-| Name                  | Description                                                                                                          | Default Value | Required                                |
-| --------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------- | --------------------------------------- |
-| `url`                 | Location of the Kiali server, such as `https://localhost:4000`                                                       | ""            | Yes                                     |
-| `serviceAccountToken` | Service Account Token which is used for querying data from Kiali                                                     | ""            | Yes if using token based authentication |
-| `skipTLSVerify`       | Skip TLS certificate verification presented by the API server                                                        | false         | No                                      |
-| `caData`              | Base64-encoded certificate authority bundle in PEM format                                                            | ""            | No                                      |
-| `caFile`              | Filesystem path (on the host where the Backstage process is running) to a certificate authority bundle in PEM format | ""            | No                                      |
-| `sessionTime`         | Time in seconds that session is enabled                                                                              | 60            | No                                      |
+| Name   | Description                                   | Default Value | Required |
+| ------ | --------------------------------------------- | ------------- | -------- |
+| `name` | Name of the kiali provider, such as `default` | "default"     |
+
+Yes and unique
+| `url` | Location of the Kiali server, such as `https://localhost:4000` | "" | Yes |
+| `serviceAccountToken` | Service Account Token which is used for querying data from Kiali | "" | Yes if using token based authentication |
+| `skipTLSVerify` | Skip TLS certificate verification presented by the API server | false | No |
+| `caData` | Base64-encoded certificate authority bundle in PEM format | "" | No |
+| `caFile` | Filesystem path (on the host where the Backstage process is running) to a certificate authority bundle in PEM format | "" | No |
+| `sessionTime` | Time in seconds that session is enabled | 60 | No |
 
 ## For users
 

diff --git a/workspaces/kiali/app-config.yaml b/workspaces/kiali/app-config.yaml
@@ -86,20 +86,37 @@ kubernetes:
   # see https://backstage.io/docs/features/kubernetes/configuration for kubernetes configuration options
 
 kiali:
-  # See the README file for configuration
-  url: ${KIALI_BASE_URL}
-  # Optional. Kiali public URL to redirect to standalone Kiali. When not specified, url will be used.
-  # urlExternal: ''
-  # Optional. Required by token authentication
-  # serviceAccountToken: ${KIALI_SERVICE_ACCOUNT_TOKEN}
-  # Optional. defaults false
-  skipTLSVerify: true
-  # Optional
-  # caData: ${KIALI_CONFIG_CA_DATA}
-  # Optional. Local path to CA file
-  # caFile: ''
-  # Optional. Time in seconds that session is enabled, defaults to 1 minute.
-  sessionTime: 60
+  providers:
+    - name: default
+      # See the README file for configuration
+      url: ${KIALI_BASE_URL}
+      # Optional. Kiali public URL to redirect to standalone Kiali. When not specified, url will be used.
+      # urlExternal: ''
+      # Optional. Required by token authentication
+      # serviceAccountToken: ${KIALI_SERVICE_ACCOUNT_TOKEN}
+      # Optional. defaults false
+      skipTLSVerify: true
+      # Optional
+      # caData: ${KIALI_CONFIG_CA_DATA}
+      # Optional. Local path to CA file
+      # caFile: ''
+      # Optional. Time in seconds that session is enabled, defaults to 1 minute.
+      sessionTime: 60
+    - name: kubernetes
+      # See the README file for configuration
+      url: http://localhost:20001/kiali/
+      # Optional. Kiali public URL to redirect to standalone Kiali. When not specified, url will be used.
+      # urlExternal: ''
+      # Optional. Required by token authentication
+      # serviceAccountToken: ${KIALI_SERVICE_ACCOUNT_TOKEN}
+      # Optional. defaults false
+      skipTLSVerify: true
+      # Optional
+      # caData: ${KIALI_CONFIG_CA_DATA}
+      # Optional. Local path to CA file
+      # caFile: ''
+      # Optional. Time in seconds that session is enabled, defaults to 1 minute.
+      sessionTime: 60
 
 # see https://backstage.io/docs/permissions/getting-started for more on the permission framework
 permission:

diff --git a/workspaces/kiali/examples/kialiEntities.yaml b/workspaces/kiali/examples/kialiEntities.yaml
@@ -10,7 +10,8 @@ metadata:
     - core
     - servicemesh
   annotations:
-    'kiali.io/namespace': istio-system
+    kiali.io/provider: default
+    kiali.io/namespace: istio-system
 spec:
   type: service
   lifecycle: production
@@ -27,7 +28,44 @@ metadata:
     - core
     - servicemesh
   annotations:
-    'kiali.io/namespace': bookinfo
+    kiali.io/provider: default
+    kiali.io/namespace: bookinfo
+spec:
+  type: service
+  lifecycle: production
+  owner: user:guest
+---
+apiVersion: backstage.io/v1alpha1
+kind: Component
+metadata:
+  name: bookinfo-kubernetes
+  description: Bookinfo In Kubernetes
+  tags:
+    - bookinfo
+    - kiali
+    - core
+    - servicemesh
+  annotations:
+    kiali.io/provider: kubernetes
+    kiali.io/namespace: bookinfo
+spec:
+  type: service
+  lifecycle: production
+  owner: user:guest
+---
+apiVersion: backstage.io/v1alpha1
+kind: Component
+metadata:
+  name: bookinfo-mocked
+  description: Bookinfo In Kubernetes
+  tags:
+    - bookinfo
+    - kiali
+    - core
+    - servicemesh
+  annotations:
+    kiali.io/provider: mocked
+    kiali.io/namespace: bookinfo
 spec:
   type: service
   lifecycle: production

diff --git a/workspaces/kiali/plugins/kiali-backend/app-config.yaml b/workspaces/kiali/plugins/kiali-backend/app-config.yaml
diff --git a/workspaces/kiali/plugins/kiali-backend/catalog-info.yaml b/workspaces/kiali/plugins/kiali-backend/catalog-info.yaml
diff --git a/workspaces/kiali/plugins/kiali-backend/config.d.ts b/workspaces/kiali/plugins/kiali-backend/config.d.ts
@@ -15,36 +15,39 @@
  */
 export interface Config {
   kiali?: {
-    /**
-     * Url of the hub cluster API endpoint
-     */
-    url: string;
-    /**
-     * Url of the Kiali standalone for external access
-     */
-    urlExternal?: string;
-    /**
-     * Service Account Token which is used for querying data from Kiali
-     * @visibility secret
-     */
-    serviceAccountToken?: string;
-    /**
-     * Skip TLS certificate verification presented by the API server, defaults to false
-     */
-    skipTLSVerify?: boolean;
-    /**
-     * Base64-encoded certificate authority bundle in PEM format.
-     * @visibility secret
-     */
-    caData?: string;
-    /**
-     * Filesystem path (on the host where the Backstage process is running) to a certificate authority bundle in PEM format
-     * @visibility secret
-     */
-    caFile?: string;
-    /**
-     * Time in seconds that session is enabled, defaults to 1 minute.
-     */
-    sessionTime?: number;
+    providers: Array<{
+      name: string;
+      /**
+       * Url of the cluster API endpoint
+       */
+      url: string;
+      /**
+       * Url of the Kiali standalone for external access
+       */
+      urlExternal?: string;
+      /**
+       * Service Account Token which is used for querying data from Kiali
+       * @visibility secret
+       */
+      serviceAccountToken?: string;
+      /**
+       * Skip TLS certificate verification presented by the API server, defaults to false
+       */
+      skipTLSVerify?: boolean;
+      /**
+       * Base64-encoded certificate authority bundle in PEM format.
+       * @visibility secret
+       */
+      caData?: string;
+      /**
+       * Filesystem path (on the host where the Backstage process is running) to a certificate authority bundle in PEM format
+       * @visibility secret
+       */
+      caFile?: string;
+      /**
+       * Time in seconds that session is enabled, defaults to 1 minute.
+       */
+      sessionTime?: number;
+    }>;
   };
 }
diff --git a/workspaces/kiali/plugins/kiali-backend/package.json b/workspaces/kiali/plugins/kiali-backend/package.json
@@ -51,6 +51,7 @@
     "@backstage/plugin-auth-node": "^0.5.2",
     "axios": "^1.7.4",
     "express": "^4.18.2",
+    "lodash": "^4.17.21",
     "moment": "^2.29.4",
     "yn": "^4.0.0"
   },

diff --git a/workspaces/kiali/plugins/kiali-backend/report.api.md b/workspaces/kiali/plugins/kiali-backend/report.api.md
@@ -19,6 +19,25 @@ const kialiPlugin: BackendFeature;
 export default kialiPlugin;
 export { kialiPlugin }
 
+// Warning: (ae-missing-release-tag) "KialiProvidersApi" is part of the package's API, but it is missing a release tag (@alpha, @beta, @public, or @internal)
+//
+// @public (undocumented)
+export interface KialiProvidersApi {
+    // Warning: (ae-forgotten-export) The symbol "KialiApiImpl" needs to be exported by the entry point index.d.ts
+    //
+    // (undocumented)
+    api: KialiApiImpl;
+    // (undocumented)
+    name: string;
+    // (undocumented)
+    urlExternal: string;
+}
+
+// Warning: (ae-missing-release-tag) "makeRouter" is part of the package's API, but it is missing a release tag (@alpha, @beta, @public, or @internal)
+//
+// @public (undocumented)
+export const makeRouter: (logger: LoggerService, kialiApis: KialiProvidersApi[], config: Config) => express.Router;
+
 // Warning: (ae-missing-release-tag) "RouterOptions" is part of the package's API, but it is missing a release tag (@alpha, @beta, @public, or @internal)
 //
 // @public (undocumented)

diff --git a/workspaces/kiali/plugins/kiali-backend/src/clients/Auth.test.ts b/workspaces/kiali/plugins/kiali-backend/src/clients/Auth.test.ts
@@ -13,9 +13,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import { ConfigReader } from '@backstage/config';
-
-import { readKialiConfigs } from '../service/config';
+import { KialiDetails } from '../service/config';
 import {
   AuthStrategy,
   KialiAuthentication,
@@ -24,17 +22,16 @@ import {
 } from './Auth';
 
 const sessionSeconds = 5000;
-const configuration = new ConfigReader({
-  kiali: {
-    url: 'https://localhost:4000',
-    sessionTime: sessionSeconds,
-  },
-});
+
 const rawCookie =
   'kiali-token-aes=/Wh8L+RdEocdRxrNH8TKOShJHD3daCA6KKVUk+jKvoinR28yXMI7/33DHMPqcoVL/bOYZ5ylmiyg95Cmmwr/LDuICgfUgnp763IHoOyMEmUI4yzvpKZfqDDtksjqWCRbkxoVT94JxBFsidtAg3pCgX8gDcXt22c65AX43hAa9auxpvF3tP22SP9aZjaJ4UOqvQ70TwhE2LT+/RLQszccnV7E9kUE7zTGaY1uAKz0bNWwXY7KQ6f/uOQob3kNZMqDtyURlEHPBNA1L/QbFIGqHcM8JbglQZWII+2iPmPMHAjNKcy2xrFNUOU5CjDex9i51KUuJ1GU6xnesChShpo+tuhchFFzklslr/2egXRaPFBBCg0F6f2E3wdIt7hdc3CfAfCQWVWka9Jp30FoOWlI+pNqa5vRFKqpuGQ+vDyzb/CdTVnotsoIraUmb3rYe7gOrHUh/DQQ+smVKYGtoq2FlJMx0k0Z29dZwyM7QKdIKoWtrgfa71y1ZpQ+9CXh/9Iu71cU+5cNq7CC+joGs2eWouBKHjgGNTeP3ZNOE63GOQ36uHcxbugbCzWheJLi5fvLfu2/VVf6a/KlV4NYRI6/uEERJwRwtwWlI4dFRQP+T9DNUuomS6uxLCm0w/5zSoNXwbyJ10iqDOQ3URDk8okgwHD/kG2c0RWvslmDztz9V6AqUWMUg95hz8BDagycir1w0th98irAFjwVd9q/jA3c6DzqB8fITqv2h0f51MMs4oe0H7b2yrpCGhHSVDC5OYEe1FgFPfRbxdG8Oa//IBlUdnoLJXh4Mz9q4gA/87kp/QukyepeV7JbaoNSvBtHplvjUl1Hs/2siKTvKySiSvW5fS0TF9PE3RNtInE/hwxkMBQj5rG8zlmR3AaMLSx5q5sjA1oBz4WLLaxprO1+J22G2+W7eiblqfb01yB3ItZfBBm78ZGFAkxZiPaLuZl0B0eEbLZS8xXKkQuIeR5gTnkqoB2haskIZsI4+rEpC6GYpYukfPBzeyR+NlJd8TFbPwjuu3yjS75rrbHL7WQtMm4C6vx7Qfj7LPWQXw60RdBV3Y0CuOOS1e2lLhNF+G2lh0jYOmUeZif8IeuvQyWtMkeTBZq2etiCoicupYrVf/urNEfGIqUld1GSgoRZonaFBhRj6//7KElU9dMVfPeKAcOZmBThnsVFkqDFF04sqPkMYkJA/o+ykxO0c4EDm/EBdmV+6LY/kdDsjEY/7XV+xx16eS5e635XWebRe2Qa0cukjY7vYZtJb7c0A0nKytzL+ptvq8ovEtrEMhNck1zOliba/epgLff4RPEqdHi+CVZvvtY01SVLVjycJVAaHLvZy7waRptRpcsAOWLu/RZ4LxBMrLW1lOk83tzFo+Sya2RGH2N6sKw0YbRQmB3qLEtRGWvIYGWMnImR+H9R7rgf/86pa6k4XvdSK0NpFOnsN5/m/jNYH8p6zQ0ZAr9eG8A3bJCEnRp+yyIzOa0L4rLEt6y74sFRK6ROHAZU8UeTz3DRC5tg+JBxlKY8MmF1jTMshcZMSYeFN5VrvJJe1VJdMuCIh68BwQsPrdaEDNTHgjQkNaKAahJrtGtY1koVZhgjsRMZjTpuDL8bBzS1APM3zsun/qvo5XrU2uQvZtFbHQBBIYNZn9h/Oyp6YPvaMRP/5xkEm8nuNGcAD5sFHzDbMVaJcdoqUuwAjvlt0BvGrzfoB+K7r1U+o6O/FS4HfcjuH1FEdPJGIXkIrc4vJ8vm18zlZWdoE/bvNhCGzBR2c9OB5FcXHXa/ie0vu4gCst1Ch+81q+2j/yy6+J7uTQbODP8kGsitGSlE8zmVahjpoUoSpI48A+8PsTFg/MkElM9wENRPHD/yPDnNMxpl7z0rAqKZpXJ8zB2ij+8SgawaydDHJCtOYaJASvM8ag==; Path=/; Expires=Tue, 23 Jan 2024 09:55:59 GMT; HttpOnly; Secure; SameSite=Strict';
 const verifyCookie =
   'kiali-token-aes=/Wh8L+RdEocdRxrNH8TKOShJHD3daCA6KKVUk+jKvoinR28yXMI7/33DHMPqcoVL/bOYZ5ylmiyg95Cmmwr/LDuICgfUgnp763IHoOyMEmUI4yzvpKZfqDDtksjqWCRbkxoVT94JxBFsidtAg3pCgX8gDcXt22c65AX43hAa9auxpvF3tP22SP9aZjaJ4UOqvQ70TwhE2LT+/RLQszccnV7E9kUE7zTGaY1uAKz0bNWwXY7KQ6f/uOQob3kNZMqDtyURlEHPBNA1L/QbFIGqHcM8JbglQZWII+2iPmPMHAjNKcy2xrFNUOU5CjDex9i51KUuJ1GU6xnesChShpo+tuhchFFzklslr/2egXRaPFBBCg0F6f2E3wdIt7hdc3CfAfCQWVWka9Jp30FoOWlI+pNqa5vRFKqpuGQ+vDyzb/CdTVnotsoIraUmb3rYe7gOrHUh/DQQ+smVKYGtoq2FlJMx0k0Z29dZwyM7QKdIKoWtrgfa71y1ZpQ+9CXh/9Iu71cU+5cNq7CC+joGs2eWouBKHjgGNTeP3ZNOE63GOQ36uHcxbugbCzWheJLi5fvLfu2/VVf6a/KlV4NYRI6/uEERJwRwtwWlI4dFRQP+T9DNUuomS6uxLCm0w/5zSoNXwbyJ10iqDOQ3URDk8okgwHD/kG2c0RWvslmDztz9V6AqUWMUg95hz8BDagycir1w0th98irAFjwVd9q/jA3c6DzqB8fITqv2h0f51MMs4oe0H7b2yrpCGhHSVDC5OYEe1FgFPfRbxdG8Oa//IBlUdnoLJXh4Mz9q4gA/87kp/QukyepeV7JbaoNSvBtHplvjUl1Hs/2siKTvKySiSvW5fS0TF9PE3RNtInE/hwxkMBQj5rG8zlmR3AaMLSx5q5sjA1oBz4WLLaxprO1+J22G2+W7eiblqfb01yB3ItZfBBm78ZGFAkxZiPaLuZl0B0eEbLZS8xXKkQuIeR5gTnkqoB2haskIZsI4+rEpC6GYpYukfPBzeyR+NlJd8TFbPwjuu3yjS75rrbHL7WQtMm4C6vx7Qfj7LPWQXw60RdBV3Y0CuOOS1e2lLhNF+G2lh0jYOmUeZif8IeuvQyWtMkeTBZq2etiCoicupYrVf/urNEfGIqUld1GSgoRZonaFBhRj6//7KElU9dMVfPeKAcOZmBThnsVFkqDFF04sqPkMYkJA/o+ykxO0c4EDm/EBdmV+6LY/kdDsjEY/7XV+xx16eS5e635XWebRe2Qa0cukjY7vYZtJb7c0A0nKytzL+ptvq8ovEtrEMhNck1zOliba/epgLff4RPEqdHi+CVZvvtY01SVLVjycJVAaHLvZy7waRptRpcsAOWLu/RZ4LxBMrLW1lOk83tzFo+Sya2RGH2N6sKw0YbRQmB3qLEtRGWvIYGWMnImR+H9R7rgf/86pa6k4XvdSK0NpFOnsN5/m/jNYH8p6zQ0ZAr9eG8A3bJCEnRp+yyIzOa0L4rLEt6y74sFRK6ROHAZU8UeTz3DRC5tg+JBxlKY8MmF1jTMshcZMSYeFN5VrvJJe1VJdMuCIh68BwQsPrdaEDNTHgjQkNaKAahJrtGtY1koVZhgjsRMZjTpuDL8bBzS1APM3zsun/qvo5XrU2uQvZtFbHQBBIYNZn9h/Oyp6YPvaMRP/5xkEm8nuNGcAD5sFHzDbMVaJcdoqUuwAjvlt0BvGrzfoB+K7r1U+o6O/FS4HfcjuH1FEdPJGIXkIrc4vJ8vm18zlZWdoE/bvNhCGzBR2c9OB5FcXHXa/ie0vu4gCst1Ch+81q+2j/yy6+J7uTQbODP8kGsitGSlE8zmVahjpoUoSpI48A+8PsTFg/MkElM9wENRPHD/yPDnNMxpl7z0rAqKZpXJ8zB2ij+8SgawaydDHJCtOYaJASvM8ag==';
-const kialiDetails = readKialiConfigs(configuration);
+const kialiDetails = {
+  name: 'default',
+  url: 'https://localhost:4000',
+  sessionTime: sessionSeconds,
+} as KialiDetails;
 
 describe('Let create Auth', () => {
   it('should return session anonymous by default, cookie empty and sessionSeconds to configuration after constructor', async () => {
@@ -46,15 +43,10 @@ describe('Let create Auth', () => {
     expect(AuthClient.getSecondsSession()).toBe(sessionSeconds * MILLISECONDS);
   });
   it('should return default sessionSeconds if not sessionTime set', async () => {
-    const AuthClient = new KialiAuthentication(
-      readKialiConfigs(
-        new ConfigReader({
-          kiali: {
-            url: 'https://localhost:4000',
-          },
-        }),
-      ),
-    );
+    const AuthClient = new KialiAuthentication({
+      name: 'default',
+      url: 'https://localhost:4000',
+    } as KialiDetails);
     expect(AuthClient.getSecondsSession()).toBe(timeOutforWarningUser);
   });
 

diff --git a/workspaces/kiali/plugins/kiali-backend/src/clients/KialiAPIConnector.test.ts b/workspaces/kiali/plugins/kiali-backend/src/clients/KialiAPIConnector.test.ts
@@ -23,6 +23,7 @@ const logger = mockServices.logger.mock();
 const kialiApi = new KialiApiImpl({
   logger,
   kiali: {
+    name: 'default',
     url: 'https://localhost:4000',
     urlExternal: 'https://localhost:4000',
   },