Merge pull request 'Next generation metrics' (#52) from feature/25811_ng_metrics into develop

Author: fmichielssen

src/main/java/eu/openanalytics/containerproxy/ContainerProxyApplication.java

@@ -25,8 +25,10 @@
 import eu.openanalytics.containerproxy.util.ProxyMappingManager;
 import io.undertow.Handlers;
 import io.undertow.servlet.api.ServletSessionConfig;
+import io.undertow.servlet.api.SessionManagerFactory;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.actuate.health.Health;
 import org.springframework.boot.actuate.health.HealthIndicator;
@@ -108,6 +110,9 @@ public void init() {
 		defaultCookieSerializer.setSameSite(sameSiteCookie);
 	}
 
+	@Autowired(required = false)
+	private SessionManagerFactory sessionManagerFactory;
+
 	@Bean
 	public UndertowServletWebServerFactory servletContainer() {
 		UndertowServletWebServerFactory factory = new UndertowServletWebServerFactory();
@@ -123,6 +128,9 @@ public UndertowServletWebServerFactory servletContainer() {
 			sessionConfig.setHttpOnly(true);
 			sessionConfig.setSecure(Boolean.valueOf(environment.getProperty("server.secureCookies", "false")));
 			info.setServletSessionConfig(sessionConfig);
+			if (sessionManagerFactory != null) {
+				info.setSessionManagerFactory(sessionManagerFactory);
+			}
 		});
 		try {
 			factory.setAddress(InetAddress.getByName(environment.getProperty("proxy.bind-address", "0.0.0.0")));

src/main/java/eu/openanalytics/containerproxy/RedisSessionConfig.java

@@ -0,0 +1,87 @@
+/**
+ * ContainerProxy
+ *
+ * Copyright (C) 2016-2021 Open Analytics
+ *
+ * ===========================================================================
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the Apache License as published by
+ * The Apache Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * Apache License for more details.
+ *
+ * You should have received a copy of the Apache License
+ * along with this program.  If not, see <http://www.apache.org/licenses/>
+ */
+package eu.openanalytics.containerproxy;
+
+import eu.openanalytics.containerproxy.service.IdentifierService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.autoconfigure.session.RedisSessionProperties;
+import org.springframework.boot.autoconfigure.session.SessionProperties;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.env.Environment;
+import org.springframework.session.data.redis.config.ConfigureNotifyKeyspaceEventsAction;
+import org.springframework.session.data.redis.config.ConfigureRedisAction;
+import org.springframework.session.data.redis.config.annotation.web.http.RedisHttpSessionConfiguration;
+
+import javax.inject.Inject;
+import java.time.Duration;
+
+@ConditionalOnProperty(name = "spring.session.store-type", havingValue = "redis")
+@Configuration(proxyBeanMethods = false)
+@EnableConfigurationProperties(RedisSessionProperties.class)
+public class RedisSessionConfig extends RedisHttpSessionConfiguration {
+
+    private String redisNamespace;
+
+    @Inject
+    private IdentifierService identifierService;
+
+    @Bean
+    @ConditionalOnMissingBean
+    public ConfigureRedisAction configureRedisAction(RedisSessionProperties redisSessionProperties) {
+        switch (redisSessionProperties.getConfigureAction()) {
+            case NOTIFY_KEYSPACE_EVENTS:
+                return new ConfigureNotifyKeyspaceEventsAction();
+            case NONE:
+                return ConfigureRedisAction.NO_OP;
+        }
+        throw new IllegalStateException(
+                "Unsupported redis configure action '" + redisSessionProperties.getConfigureAction() + "'.");
+
+    }
+
+    @Autowired
+    public void customize(SessionProperties sessionProperties, RedisSessionProperties redisSessionProperties) {
+        Duration timeout = sessionProperties.getTimeout();
+        if (timeout != null) {
+            setMaxInactiveIntervalInSeconds((int) timeout.getSeconds());
+        }
+        setFlushMode(redisSessionProperties.getFlushMode());
+        setSaveMode(redisSessionProperties.getSaveMode());
+        setCleanupCron(redisSessionProperties.getCleanupCron());
+
+        if (identifierService.realmId != null) {
+            redisNamespace = String.format("shinyproxy__%s__%s", identifierService.realmId, redisSessionProperties.getNamespace());
+        } else {
+            redisNamespace = String.format("shinyproxy__%s", redisSessionProperties.getNamespace());
+        }
+
+        setRedisNamespace(redisNamespace);
+    }
+
+    public String getNamespace() {
+        return redisNamespace;
+    }
+
+}

src/main/java/eu/openanalytics/containerproxy/backend/AbstractContainerBackend.java

@@ -43,6 +43,7 @@
 import eu.openanalytics.containerproxy.model.runtime.runtimevalues.UserGroupsKey;
 import eu.openanalytics.containerproxy.model.runtime.runtimevalues.UserIdKey;
 import eu.openanalytics.containerproxy.model.spec.ContainerSpec;
+import eu.openanalytics.containerproxy.service.IdentifierService;
 import eu.openanalytics.containerproxy.service.UserService;
 import eu.openanalytics.containerproxy.spec.expression.ExpressionAwareContainerSpec;
 import eu.openanalytics.containerproxy.spec.expression.SpecExpressionResolver;
@@ -101,22 +102,14 @@ public abstract class AbstractContainerBackend implements IContainerBackend {
 	// Note: lazy needed to work around early initialization conflict
 	protected IAuthenticationBackend authBackend;
 
-	protected String realmId;
-
-	protected String instanceId = null;
+	@Inject
+	protected IdentifierService identifierService;
 
 	@Override
 	public void initialize() throws ContainerProxyException {
 		// If this application runs as a container itself, things like port publishing can be omitted.
 		useInternalNetwork = Boolean.valueOf(getProperty(PROPERTY_INTERNAL_NETWORKING, "false"));
 		privileged = Boolean.valueOf(getProperty(PROPERTY_PRIVILEGED, "false"));
-		realmId = environment.getProperty("proxy.realm-id");
-		try {
-			instanceId = calculateInstanceId();
-			log.info("Hash of config is: " + instanceId);
-		} catch(Exception e) {
-			throw new RuntimeException("Cannot compute hash of config", e);
-		}
 	}
 
 	@Override
@@ -258,53 +251,6 @@ protected boolean isPrivileged() {
 		return privileged;
 	}
 
-
-	private File getPathToConfigFile() {
-		String path = environment.getProperty("spring.config.location");
-		if (path != null) {
-			return Paths.get(path).toFile();
-		}
-
-		File file = Paths.get(ContainerProxyApplication.CONFIG_FILENAME).toFile();
-		if (file.exists()) {
-			return file;
-		}
-
-		return null;
-	}
-
-	/**
-	 * Calculates a hash of the config file (i.e. application.yaml).
-	 */
-	private String calculateInstanceId() throws IOException, NoSuchAlgorithmException {
-		/**
-		 * We need a hash of some "canonical" version of the config file.
-		 * The hash should not change when e.g. comments are added to the file.
-		 * Therefore we read the application.yml file into an Object and then
-		 * dump it again into YAML. We also sort the keys of maps and properties so that
-		 * the order does not matter for the resulting hash.
-		 */
-		ObjectMapper objectMapper = new ObjectMapper(new YAMLFactory());
-		objectMapper.configure(SerializationFeature.ORDER_MAP_ENTRIES_BY_KEYS, true);
-		objectMapper.configure(MapperFeature.SORT_PROPERTIES_ALPHABETICALLY, true);
-
-		File file = getPathToConfigFile();
-		if (file == null) {
-			// this should only happen in tests
-			instanceId = "unknown-instance-id";
-			return instanceId;
-		}
-
-		Object parsedConfig = objectMapper.readValue(file, Object.class);
-		String canonicalConfigFile =  objectMapper.writeValueAsString(parsedConfig);
-
-		MessageDigest digest = MessageDigest.getInstance("SHA-1");
-		digest.reset();
-		digest.update(canonicalConfigFile.getBytes(Charsets.UTF_8));
-		instanceId = String.format("%040x", new BigInteger(1, digest.digest()));
-		return instanceId;
-	}
-
 	/**
 	 * Computes the correct targetPath to use, to make the configuration of the targetPath easier.
 	 *  - Removes any double slashes (can happen when using SpeL surrounded with static paths)
@@ -334,11 +280,11 @@ public static String computeTargetPath(String targetPath) {
 	private void setRuntimeValues(Proxy proxy) {
 		proxy.addRuntimeValue(new RuntimeValue(ProxiedAppKey.inst, "true"));
 		proxy.addRuntimeValue(new RuntimeValue(ProxyIdKey.inst, proxy.getId()));
-		proxy.addRuntimeValue(new RuntimeValue(InstanceIdKey.inst, instanceId));
+		proxy.addRuntimeValue(new RuntimeValue(InstanceIdKey.inst, identifierService.instanceId));
 		proxy.addRuntimeValue(new RuntimeValue(ProxySpecIdKey.inst, proxy.getSpec().getId()));
 
-		if (realmId != null) {
-			proxy.addRuntimeValue(new RuntimeValue(RealmIdKey.inst, realmId));
+		if (identifierService.realmId != null) {
+			proxy.addRuntimeValue(new RuntimeValue(RealmIdKey.inst, identifierService.realmId));
 		}
 
 		proxy.addRuntimeValue(new RuntimeValue(UserIdKey.inst, proxy.getUserId()));

src/main/java/eu/openanalytics/containerproxy/backend/docker/AbstractDockerBackend.java

@@ -20,16 +20,6 @@
  */
 package eu.openanalytics.containerproxy.backend.docker;
 
-import java.io.IOException;
-import java.io.OutputStream;
-import java.net.URI;
-import java.nio.file.Paths;
-import java.util.HashMap;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-import java.util.function.BiConsumer;
-
 import com.google.common.collect.ImmutableMap;
 import com.spotify.docker.client.DefaultDockerClient;
 import com.spotify.docker.client.DockerCertificates;
@@ -53,9 +43,9 @@
 import java.net.URI;
 import java.nio.file.Paths;
 import java.util.ArrayList;
+import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
-import java.util.Optional;
 import java.util.function.BiConsumer;
 
 
@@ -161,7 +151,7 @@ protected Map<RuntimeValueKey<?>, RuntimeValue> parseLabelsAsRuntimeValues(Strin
 		}
 
 		String containerInstanceId = labels.get(InstanceIdKey.inst.getKeyAsLabel());
-		if (containerInstanceId == null || !containerInstanceId.equals(instanceId)) {
+		if (containerInstanceId == null || !containerInstanceId.equals(identifierService.instanceId)) {
 			log.warn("Ignoring container {} because instanceId {} is not correct", containerId, containerInstanceId);
 			return null;
 		}

src/main/java/eu/openanalytics/containerproxy/backend/kubernetes/KubernetesBackend.java

@@ -508,7 +508,7 @@ public List<ExistingContainerInfo> scanExistingContainers() {
 		for (String namespace : namespaces) {
             List<Pod> pods = kubeClient.pods().inNamespace(namespace)
 					.withLabel(ProxiedAppKey.inst.getKeyAsLabel(), "true")
-					.withLabel(InstanceIdKey.inst.getKeyAsLabel(), instanceId)
+					.withLabel(InstanceIdKey.inst.getKeyAsLabel(), identifierService.instanceId)
 					.list().getItems();
 
 			for (Pod pod : pods) {
@@ -558,7 +558,7 @@ private Map<RuntimeValueKey<?>, RuntimeValue> parseLabelsAndAnnotationsAsRuntime
 																						Map<String, String> annotations) {
 
 		String containerInstanceId = labels.get(InstanceIdKey.inst.getKeyAsLabel());
-		if (containerInstanceId == null || !containerInstanceId.equals(instanceId)) {
+		if (containerInstanceId == null || !containerInstanceId.equals(identifierService.instanceId)) {
 			log.warn("Ignoring container {} because instanceId {} is not correct", containerId, containerInstanceId);
 			return null;
 		}