From 54fcc959a2a1015a10ea5728831606b567b16b15 Mon Sep 17 00:00:00 2001
From: Gemma <58080601+gememma@users.noreply.github.com>
Date: Tue, 10 Sep 2024 13:15:56 +0100
Subject: [PATCH] Suggest mfT when user uses HTTP filter (#2747)
* Add warning for users using http filters without mft
* Show users either multipod or http filter warning if both apply
* Add changelog
* Fix choosing random option for warning to display
* Move selection logic to function
---
Cargo.lock | 17 ++++
Cargo.toml | 1 -
changelog.d/2701.internal.md | 1 +
mirrord/cli/Cargo.toml | 1 +
mirrord/cli/src/connection.rs | 136 +++++++++++++++++++++++--------
mirrord/progress/src/messages.rs | 9 ++
6 files changed, 130 insertions(+), 35 deletions(-)
create mode 100644 changelog.d/2701.internal.md
diff --git a/Cargo.lock b/Cargo.lock
index b6a744b4d8a..eb411917b4c 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2603,6 +2603,12 @@ dependencies = [
"digest",
]
+[[package]]
+name = "hmac-sha256"
+version = "1.1.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3688e69b38018fec1557254f64c8dc2cc8ec502890182f395dbb0aa997aa5735"
+
[[package]]
name = "home"
version = "0.5.9"
@@ -3601,6 +3607,16 @@ dependencies = [
"autocfg",
]
+[[package]]
+name = "mid"
+version = "2.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f0ab4b7ce393ddb4cab95c46e5585bc6283fdcf8f4f6a81be98e6cce9ee39624"
+dependencies = [
+ "hex",
+ "hmac-sha256",
+]
+
[[package]]
name = "miette"
version = "7.2.0"
@@ -3707,6 +3723,7 @@ dependencies = [
"k8s-openapi",
"kube",
"local-ip-address",
+ "mid",
"miette",
"mirrord-analytics",
"mirrord-config",
diff --git a/Cargo.toml b/Cargo.toml
index e4949442bf3..b57e28f7ac5 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -93,7 +93,6 @@ rand = "0.8"
streammap-ext = "0.1"
num-traits = "0.2"
regex = { version = "1", features = ["unicode-case"] }
-miette = "5"
fancy-regex = { version = "0.13" }
enum_dispatch = "0.3"
diff --git a/changelog.d/2701.internal.md b/changelog.d/2701.internal.md
new file mode 100644
index 00000000000..6a34f64b2c8
--- /dev/null
+++ b/changelog.d/2701.internal.md
@@ -0,0 +1 @@
+Suggest mfT when user uses HTTP filter, only show user one warning for multipod/ HTTP filter.
\ No newline at end of file
diff --git a/mirrord/cli/Cargo.toml b/mirrord/cli/Cargo.toml
index 5dd12d7dfe7..1de3cdf1e16 100644
--- a/mirrord/cli/Cargo.toml
+++ b/mirrord/cli/Cargo.toml
@@ -67,6 +67,7 @@ tokio-rustls = "0.26"
tokio-stream = { workspace = true, features = ["net"] }
tokio-retry = "0.3"
regex.workspace = true
+mid = "2.1.0"
[target.'cfg(target_os = "macos")'.dependencies]
diff --git a/mirrord/cli/src/connection.rs b/mirrord/cli/src/connection.rs
index 08d1b593f3d..b0360c45bd1 100644
--- a/mirrord/cli/src/connection.rs
+++ b/mirrord/cli/src/connection.rs
@@ -9,7 +9,8 @@ use mirrord_kube::{
};
use mirrord_operator::client::{OperatorApi, OperatorSessionConnection};
use mirrord_progress::{
- messages::MULTIPOD_WARNING, IdeAction, IdeMessage, NotificationLevel, Progress,
+ messages::{HTTP_FILTER_WARNING, MULTIPOD_WARNING},
+ IdeAction, IdeMessage, NotificationLevel, Progress,
};
use mirrord_protocol::{ClientMessage, DaemonMessage};
use tokio::sync::mpsc;
@@ -120,40 +121,33 @@ where
return Err(CliError::FeatureRequiresOperatorError("copy_target".into()));
}
- if matches!(
- config.target,
- mirrord_config::target::TargetConfig {
- path: Some(
- mirrord_config::target::Target::Deployment { .. }
- | mirrord_config::target::Target::Rollout(..)
- ),
- ..
- }
+ match (
+ // user in mutipod without operator
+ matches!(
+ config.target,
+ mirrord_config::target::TargetConfig {
+ path: Some(
+ mirrord_config::target::Target::Deployment { .. }
+ | mirrord_config::target::Target::Rollout(..)
+ ),
+ ..
+ }
+ ),
+ // user using http filter(s) without operator
+ config.feature.network.incoming.http_filter.is_filter_set(),
) {
- // Send to IDEs that we're in multi-pod without operator.
- progress.ide(serde_json::to_value(IdeMessage {
- id: MULTIPOD_WARNING.0.to_string(),
- level: NotificationLevel::Warning,
- text: MULTIPOD_WARNING.1.to_string(),
- actions: {
- let mut actions = HashSet::new();
- actions.insert(IdeAction::Link {
- label: "Get started (read the docs)".to_string(),
- link: "https://mirrord.dev/docs/overview/teams/?utm_source=multipodwarn&utm_medium=plugin".to_string(),
- });
- actions.insert(IdeAction::Link {
- label: "Try it now".to_string(),
- link: "https://app.metalbear.co/".to_string(),
- });
-
- actions
- },
- })?);
- // This is CLI Only because the extensions also implement this check with better messaging.
- progress.print("When targeting multi-pod deployments, mirrord impersonates the first pod in the deployment.");
- progress.print("Support for multi-pod impersonation requires the mirrord operator, which is part of mirrord for Teams.");
- progress.print("You can get started with mirrord for Teams at this link: https://mirrord.dev/docs/overview/teams/?utm_source=multipodwarn&utm_medium=cli");
- }
+ (true, true) => {
+ // only show user one of the two msgs - each user should always be shown same msg
+ if user_persistent_random_message_select() {
+ show_multipod_warning(progress)?
+ } else {
+ show_http_filter_warning(progress)?
+ }
+ }
+ (true, false) => show_multipod_warning(progress)?,
+ (false, true) => show_http_filter_warning(progress)?,
+ _ => (),
+ };
let k8s_api = KubernetesAPI::create(config)
.await
@@ -185,3 +179,77 @@ where
AgentConnection { sender, receiver },
))
}
+
+fn user_persistent_random_message_select() -> bool {
+ mid::get("mirrord")
+ .inspect_err(|error| tracing::error!(%error, "failed to obtain machine ID"))
+ .ok()
+ .unwrap_or_default()
+ .as_bytes()
+ .iter()
+ .copied()
+ .reduce(u8::wrapping_add)
+ .unwrap_or_default()
+ % 2
+ == 0
+}
+
+pub(crate) fn show_multipod_warning(progress: &mut P) -> Result<(), CliError>
+where
+ P: Progress + Send + Sync,
+{
+ // Send to IDEs that we're in multi-pod without operator.
+ progress.ide(serde_json::to_value(IdeMessage {
+ id: MULTIPOD_WARNING.0.to_string(),
+ level: NotificationLevel::Warning,
+ text: MULTIPOD_WARNING.1.to_string(),
+ actions: {
+ let mut actions = HashSet::new();
+ actions.insert(IdeAction::Link {
+ label: "Get started (read the docs)".to_string(),
+ link: "https://mirrord.dev/docs/overview/teams/?utm_source=multipodwarn&utm_medium=plugin".to_string(),
+ });
+ actions.insert(IdeAction::Link {
+ label: "Try it now".to_string(),
+ link: "https://app.metalbear.co/".to_string(),
+ });
+
+ actions
+ },
+ })?);
+ // This is CLI Only because the extensions also implement this check with better messaging.
+ progress.print("When targeting multi-pod deployments, mirrord impersonates the first pod in the deployment.");
+ progress.print("Support for multi-pod impersonation requires the mirrord operator, which is part of mirrord for Teams.");
+ progress.print("You can get started with mirrord for Teams at this link: https://mirrord.dev/docs/overview/teams/?utm_source=multipodwarn&utm_medium=cli");
+ Ok(())
+}
+
+pub(crate) fn show_http_filter_warning
(progress: &mut P) -> Result<(), CliError>
+where
+ P: Progress + Send + Sync,
+{
+ // Send to IDEs that at an HTTP filter is set without operator.
+ progress.ide(serde_json::to_value(IdeMessage {
+ id: HTTP_FILTER_WARNING.0.to_string(),
+ level: NotificationLevel::Warning,
+ text: HTTP_FILTER_WARNING.1.to_string(),
+ actions: {
+ let mut actions = HashSet::new();
+ actions.insert(IdeAction::Link {
+ label: "Get started (read the docs)".to_string(),
+ link: "https://mirrord.dev/docs/overview/teams/?utm_source=httpfilter&utm_medium=plugin".to_string(),
+ });
+ actions.insert(IdeAction::Link {
+ label: "Try it now".to_string(),
+ link: "https://app.metalbear.co/".to_string(),
+ });
+
+ actions
+ },
+ })?);
+ // This is CLI Only because the extensions also implement this check with better messaging.
+ progress.print("You're using an HTTP filter, which generally indicates the use of a shared environment. If so, we recommend");
+ progress.print("considering mirrord for Teams, which is better suited to shared environments.");
+ progress.print("You can get started with mirrord for Teams at this link: https://mirrord.dev/docs/overview/teams/?utm_source=httpfilter&utm_medium=cli");
+ Ok(())
+}
diff --git a/mirrord/progress/src/messages.rs b/mirrord/progress/src/messages.rs
index 8246658c63e..016e3b6f369 100644
--- a/mirrord/progress/src/messages.rs
+++ b/mirrord/progress/src/messages.rs
@@ -10,6 +10,15 @@ pub const MULTIPOD_WARNING: (&str, &str) = (
which is part of mirrord for Teams.",
);
+/// Warning when user is using an HTTP filter without MfT.
+pub const HTTP_FILTER_WARNING: (&str, &str) = (
+ "http_filter_warning",
+ "You're using an HTTP filter, which generally indicates \
+ the use of a shared environment. If so, we recommend \
+ considering mirrord for Teams, which is better suited \
+ to shared environments.",
+);
+
/// Warning when user tries to run `mirrord exec docker` (for example), instead of the correct
/// `mirrord container ...`.
pub const EXEC_CONTAINER_BINARY: &str = "`mirrord exec ...` detected! \