root
/
grafana
mirror of https://github.com/grafana/grafana.git
1
0
Fork 0
Code Issues Actions 176 Packages Projects Releases Wiki Activity

Authz: add logs for monitoring (#110959) 

* add logs for monitoring

* add logging around hook enablement
This commit is contained in:
Cory Forseth 2025-09-12 07:04:31 -05:00 committed by GitHub
parent edcd113054
commit fbdfab8ceb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
pkg/registry/apis/folders/hooks.go
View File

@ -12,43 +12,56 @@ import (
)
// "Almost nobody should use this hook" but we do because we need ctx and AfterCreate doesn't have it.
func (b *FolderAPIBuilder) beginCreate(_ context.Context, obj runtime.Object, _ *metav1.CreateOptions) (registry.FinishFunc, error) {
func (b *FolderAPIBuilder) beginCreate(ctx context.Context, obj runtime.Object, _ *metav1.CreateOptions) (registry.FinishFunc, error) {
log := logging.FromContext(ctx)
meta, err := utils.MetaAccessor(obj)
if err != nil {
log.Error("Failed to access new folder object metadata", "error", err)
return nil, err
}
if meta.GetFolder() == "" {
// Zanzana only cares about parent-child folder relationships; nothing to do if folder is at root.
log.Info("Skipping Zanzana folder propagation for new root-level folder", "folder", meta.GetName())
return func(ctx context.Context, success bool) {}, nil
}
return func(ctx context.Context, success bool) {
if success {
log.Info("Propagating new folder to Zanzana", "folder", meta.GetName(), "parent", meta.GetFolder())
b.writeFolderToZanzana(ctx, meta)
} else {
log.Info("Got success=false in folder create hook", "folder", meta.GetName())
}
}, nil
}
// "Almost nobody should use this hook" but we do because we need ctx and AfterUpdate doesn't have it.
func (b *FolderAPIBuilder) beginUpdate(_ context.Context, obj runtime.Object, old runtime.Object, _ *metav1.UpdateOptions) (registry.FinishFunc, error) {
func (b *FolderAPIBuilder) beginUpdate(ctx context.Context, obj runtime.Object, old runtime.Object, _ *metav1.UpdateOptions) (registry.FinishFunc, error) {
log := logging.FromContext(ctx)
updatedMeta, err := utils.MetaAccessor(obj)
if err != nil {
log.Error("Failed to access updated folder object metadata", "error", err)
return nil, err
}
oldMeta, err := utils.MetaAccessor(old)
if err != nil {
log.Error("Failed to access existing folder object metadata", "error", err)
return nil, err
}
if updatedMeta.GetFolder() == oldMeta.GetFolder() {
// No change to parent folder, nothing to do.
log.Info("Skipping Zanzana folder propagation; no change in parent", "folder", oldMeta.GetName())
return func(ctx context.Context, success bool) {}, nil
}
return func(ctx context.Context, success bool) {
if success {
log.Info("Propagating updated folder to Zanzana", "folder", oldMeta.GetName(), "oldParent", oldMeta.GetFolder(), "newParent", updatedMeta.GetFolder())
b.writeFolderToZanzana(ctx, updatedMeta)
} else {
log.Info("Got success=false in folder update hook", "folder", oldMeta.GetName())
}
}, nil
}

6
pkg/registry/apis/folders/register.go
View File

@ -19,6 +19,8 @@ import (
authlib "github.com/grafana/authlib/types"
"github.com/grafana/grafana-app-sdk/logging"
folders "github.com/grafana/grafana/apps/folder/pkg/apis/folder/v1beta1"
"github.com/grafana/grafana/apps/iam/pkg/reconcilers"
"github.com/grafana/grafana/pkg/apimachinery/identity"
@ -181,9 +183,13 @@ func (b *FolderAPIBuilder) UpdateAPIGroupInfo(apiGroupInfo *genericapiserver.API
return err
}
log := logging.FromContext(context.Background())
if b.features.IsEnabledGlobally(featuremgmt.FlagZanzana) {
log.Info("Enabling Zanzana folder propagation hooks")
store.BeginCreate = b.beginCreate
store.BeginUpdate = b.beginUpdate
} else {
log.Info("Zanzana is not enabled; skipping folder propagation hooks")
}
dw, err := dualWriteBuilder(resourceInfo.GroupResource(), legacyStore, store)