Skip to content

Commit 914de99

Browse files
cwperksjoshuali925
cwperks
and
joshuali925
authored
Fix issue connecting with prometheus by wrapping with AccessController.doPrivilegedChecked (#5061)
Co-authored-by: Joshua Li <joshuali925@gmail.com>
1 parent f83d89d commit 914de99

1 file changed

Lines changed: 15 additions & 14 deletions

File tree

direct-query-core/src/main/java/org/opensearch/sql/prometheus/client/PrometheusClientImpl.java

Lines changed: 15 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@
2626
import org.json.JSONArray;
2727
import org.json.JSONException;
2828
import org.json.JSONObject;
29+
import org.opensearch.secure_sm.AccessController;
2930
import org.opensearch.sql.prometheus.exception.PrometheusClientException;
3031
import org.opensearch.sql.prometheus.model.MetricMetadata;
3132

@@ -91,7 +92,7 @@ public JSONObject queryRange(
9192
Request request = new Request.Builder().url(queryUrl).build();
9293

9394
logger.debug("Executing Prometheus request with headers: {}", request.headers().toString());
94-
Response response = this.prometheusHttpClient.newCall(request).execute();
95+
Response response = AccessController.doPrivilegedChecked(() -> this.prometheusHttpClient.newCall(request).execute());
9596

9697
logger.debug("Received Prometheus response for query_range: code={}", response);
9798

@@ -126,7 +127,7 @@ public JSONObject query(String query, Long time, Integer limit, Integer timeout)
126127
Request request = new Request.Builder().url(queryUrl).build();
127128

128129
logger.info("Executing Prometheus request with headers: {}", request.headers().toString());
129-
Response response = this.prometheusHttpClient.newCall(request).execute();
130+
Response response = AccessController.doPrivilegedChecked(() -> this.prometheusHttpClient.newCall(request).execute());
130131

131132
logger.info("Received Prometheus response for instant query: code={}", response);
132133
// Return the full response object, not just the data field
@@ -146,7 +147,7 @@ public List<String> getLabels(Map<String, String> queryParams) throws IOExceptio
146147
"%s/api/v1/labels%s", prometheusUri.toString().replaceAll("/$", ""), queryString);
147148
logger.debug("queryUrl: " + queryUrl);
148149
Request request = new Request.Builder().url(queryUrl).build();
149-
Response response = this.prometheusHttpClient.newCall(request).execute();
150+
Response response = AccessController.doPrivilegedChecked(() -> this.prometheusHttpClient.newCall(request).execute());
150151
JSONObject jsonObject = readResponse(response);
151152
return toListOfLabels(jsonObject.getJSONArray("data"));
152153
}
@@ -161,7 +162,7 @@ public List<String> getLabel(String labelName, Map<String, String> queryParams)
161162
prometheusUri.toString().replaceAll("/$", ""), labelName, queryString);
162163
logger.debug("queryUrl: " + queryUrl);
163164
Request request = new Request.Builder().url(queryUrl).build();
164-
Response response = this.prometheusHttpClient.newCall(request).execute();
165+
Response response = AccessController.doPrivilegedChecked(() -> this.prometheusHttpClient.newCall(request).execute());
165166
JSONObject jsonObject = readResponse(response);
166167
return toListOfLabels(jsonObject.getJSONArray("data"));
167168
}
@@ -175,7 +176,7 @@ public Map<String, List<MetricMetadata>> getAllMetrics(Map<String, String> query
175176
"%s/api/v1/metadata%s", prometheusUri.toString().replaceAll("/$", ""), queryString);
176177
logger.debug("queryUrl: " + queryUrl);
177178
Request request = new Request.Builder().url(queryUrl).build();
178-
Response response = this.prometheusHttpClient.newCall(request).execute();
179+
Response response = AccessController.doPrivilegedChecked(() -> this.prometheusHttpClient.newCall(request).execute());
179180
JSONObject jsonObject = readResponse(response);
180181
TypeReference<HashMap<String, List<MetricMetadata>>> typeRef = new TypeReference<>() {};
181182
return new ObjectMapper().readValue(jsonObject.getJSONObject("data").toString(), typeRef);
@@ -194,7 +195,7 @@ public List<Map<String, String>> getSeries(Map<String, String> queryParams) thro
194195
"%s/api/v1/series%s", prometheusUri.toString().replaceAll("/$", ""), queryString);
195196
logger.debug("queryUrl: " + queryUrl);
196197
Request request = new Request.Builder().url(queryUrl).build();
197-
Response response = this.prometheusHttpClient.newCall(request).execute();
198+
Response response = AccessController.doPrivilegedChecked(() -> this.prometheusHttpClient.newCall(request).execute());
198199
JSONObject jsonObject = readResponse(response);
199200
JSONArray dataArray = jsonObject.getJSONArray("data");
200201
return toListOfSeries(dataArray);
@@ -211,7 +212,7 @@ public JSONArray queryExemplars(String query, Long start, Long end) throws IOExc
211212
end);
212213
logger.debug("queryUrl: " + queryUrl);
213214
Request request = new Request.Builder().url(queryUrl).build();
214-
Response response = this.prometheusHttpClient.newCall(request).execute();
215+
Response response = AccessController.doPrivilegedChecked(() -> this.prometheusHttpClient.newCall(request).execute());
215216
JSONObject jsonObject = readResponse(response);
216217
return jsonObject.getJSONArray("data");
217218
}
@@ -222,7 +223,7 @@ public JSONObject getAlerts() throws IOException {
222223
String.format("%s/api/v1/alerts", prometheusUri.toString().replaceAll("/$", ""));
223224
logger.debug("Making Prometheus alerts request: {}", queryUrl);
224225
Request request = new Request.Builder().url(queryUrl).build();
225-
Response response = this.prometheusHttpClient.newCall(request).execute();
226+
Response response = AccessController.doPrivilegedChecked(() -> this.prometheusHttpClient.newCall(request).execute());
226227
JSONObject jsonObject = readResponse(response);
227228
return jsonObject.getJSONObject("data");
228229
}
@@ -235,7 +236,7 @@ public JSONObject getRules(Map<String, String> queryParams) throws IOException {
235236
"%s/api/v1/rules%s", prometheusUri.toString().replaceAll("/$", ""), queryString);
236237
logger.debug("Making Prometheus rules request: {}", queryUrl);
237238
Request request = new Request.Builder().url(queryUrl).build();
238-
Response response = this.prometheusHttpClient.newCall(request).execute();
239+
Response response = AccessController.doPrivilegedChecked(() -> this.prometheusHttpClient.newCall(request).execute());
239240
JSONObject jsonObject = readResponse(response);
240241
return jsonObject.getJSONObject("data");
241242
}
@@ -248,7 +249,7 @@ public JSONArray getAlertmanagerAlerts(Map<String, String> queryParams) throws I
248249

249250
logger.debug("Making Alertmanager alerts request: {}", queryUrl);
250251
Request request = new Request.Builder().url(queryUrl).build();
251-
Response response = this.alertmanagerHttpClient.newCall(request).execute();
252+
Response response = AccessController.doPrivilegedChecked(() -> this.alertmanagerHttpClient.newCall(request).execute());
252253

253254
return readAlertmanagerResponse(response);
254255
}
@@ -261,7 +262,7 @@ public JSONArray getAlertmanagerAlertGroups(Map<String, String> queryParams) thr
261262

262263
logger.debug("Making Alertmanager alert groups request: {}", queryUrl);
263264
Request request = new Request.Builder().url(queryUrl).build();
264-
Response response = this.alertmanagerHttpClient.newCall(request).execute();
265+
Response response = AccessController.doPrivilegedChecked(() -> this.alertmanagerHttpClient.newCall(request).execute());
265266

266267
return readAlertmanagerResponse(response);
267268
}
@@ -273,7 +274,7 @@ public JSONArray getAlertmanagerReceivers() throws IOException {
273274

274275
logger.debug("Making Alertmanager receivers request: {}", queryUrl);
275276
Request request = new Request.Builder().url(queryUrl).build();
276-
Response response = this.alertmanagerHttpClient.newCall(request).execute();
277+
Response response = AccessController.doPrivilegedChecked(() -> this.alertmanagerHttpClient.newCall(request).execute());
277278

278279
return readAlertmanagerResponse(response);
279280
}
@@ -285,7 +286,7 @@ public JSONArray getAlertmanagerSilences() throws IOException {
285286

286287
logger.debug("Making Get Alertmanager silences request: {}", queryUrl);
287288
Request request = new Request.Builder().url(queryUrl).build();
288-
Response response = this.alertmanagerHttpClient.newCall(request).execute();
289+
Response response = AccessController.doPrivilegedChecked(() -> this.alertmanagerHttpClient.newCall(request).execute());
289290

290291
return readAlertmanagerResponse(response);
291292
}
@@ -301,7 +302,7 @@ public String createAlertmanagerSilences(String silenceJson) throws IOException
301302
.header("Content-Type", "application/json")
302303
.post(RequestBody.create(silenceJson.getBytes(StandardCharsets.UTF_8)))
303304
.build();
304-
Response response = this.alertmanagerHttpClient.newCall(request).execute();
305+
Response response = AccessController.doPrivilegedChecked(() -> this.alertmanagerHttpClient.newCall(request).execute());
305306

306307
if (response.isSuccessful()) {
307308
return Objects.requireNonNull(response.body()).string();

0 commit comments

Comments
 (0)