* fix(frontend): Introduce ALLOWED_ARTIFACT_DOMAIN_REGEX flag to prevent accessing undesired domains. Remove user input string from server response.
1. Remove user query parameter string from server response.
2. Introduce ALLOWED_ARTIFACT_DOMAIN_REGEX to allow configuration of allowed domains querying.
3. By default, ALLOWED_ARTIFACT_DOMAIN_REGEX is match all. Default configuration is meant to be demo purpose and not for production.
4. Users can provide ALLOWED_ARTIFACT_DOMAIN_REGEX environment variable to restrict object storage endpoint querying domains.
* add test
* feat(frontend): make container name configurable
Add an UIConfig param to specify the container name in a pod
where logs are retrieved. The default container name for
the Argo is `main`. However, in Tekton, the main container name
contains the `step-` prefix. Make this configurable to support
other orchestrations.
Signed-off-by: Yihong Wang <yh.wang@ibm.com>
* fix test case error
add `undefined` as the expected `logContainerName` param
Signed-off-by: Yihong Wang <yh.wang@ibm.com>
* address the comment
use default value `main` in `getPodLogsStreamFromK8s`
same as `getPodLogs`
Signed-off-by: Yihong Wang <yh.wang@ibm.com>
* only pass podLogContainerName
Signed-off-by: Yihong Wang <yh.wang@ibm.com>
---------
Signed-off-by: Yihong Wang <yh.wang@ibm.com>
* Add apiVersion2 and apiVersion2Prefix in configs.ts
Support v2 request in frontend server.
* Fix incorrect prefix for v2.
* Fix incorrect reference for apiVersion2Prefix
Add v2 healthz handler().
* Add v2 pod / logs handler
Add v2 conditions for sending 403 to endpoints.
Add proxyMiddleware for v2 prefix.
* New server API: read run log
- The new server API endpoint (/apis/v1beta1/runs/{run_id}/nodes/{node_id}/log) to fetch run log
- `ARCHIVE_LOG_FILE_NAME` and `ARCHIVE_LOG_PATH_PREFIX` options allows to control archive log path
- UI Server fetches logs from server API or directly from k8s depending on `STREAM_LOGS_FROM_SERVER_API` option
* New server API: read run log
- ml-pipeline rbac update: allow for access to log
* Read run log: enhanced error handling
- log message on Pod access errors
* Read run log: enhanced log archive options
* Code format
* Test update after getPodLogs signature change
* Updated comments after review
* `follow` query parameter in GET /apis/v1beta1/runs/{run_id}/nodes/{node_id}/log
* Env variable friendly config names & comments
- Config options: ARCHIVE_CONFIG_LOG_FILE_NAME, ARCHIVE_CONFIG_LOG_PATH_PREFIX
- Copyright message update
- New endpoint as `v1alpha1`
* Licence updates
- fluent-bit licence inlined
- copyright message updates
* Master merge
- dependency conflicts
* Authorization service proto
* implement auth service
* Add unit tests
* Generate auth api client
* Authorization checks for tensorboard apis
* UI Server authorization checks
* Clean up error parsing
* Revert changes
* Fix portable-fetch not found bug
* Fix unit test
* Include portable-fetch required by api client
* Fix portable-fetch module import error
* Fix portable-fetch again
* Add unit tests
* Address CR comments
* add unit test for header
* Update readme
* [UI Server] Proxy /namespaces/:namespace/artifacts/get requests to namespace specific artifact services
* [UI] Show artifacts by namespace
* Fix minio artifact link tests
* Fix DetailsTable tests
* Fix OutputArtifactLoader.test
* Change artifact proxy to use query param instead
* Add integration tests for artifact proxy
* Fix unit tests
* Rename service name
* Add comment
* add more comments
* Fix import
* Refactored how to spy on internal methods from tests
* [UI Server] Pod info handler
* [UI] Pod info tab in run details page
* Change pod info preview to use yaml editor
* Fix namespace
* Adds error handling for PodInfo
* Adjust to warning message
* [UI] Pod events in RunDetails page
* Adjust error message
* Refactor k8s helper to get rid of in cluster limit
* Tests for pod info handler
* Tests for pod event list handler
* Move pod yaml viewer related components to separate file.
* Unit tests for PodYaml component
* Fix react unit tests
* Fix error message
* Address CR comments
* Add permission to ui role
* Parametrize the image used for the Tensorboard viewer
Right now, the image is hard-coded and it's not possible to override it.
This is a problem when running Kubeflow Pipelines in a cluster without
access to the internet or public repositories (e.g.
https://github.com/kubeflow/pipelines/issues/3232). This solves the
issue by parametrizing the image name through an environment
variable.
* Fix formatting issues
* Address review comments
* Remove @jupyter/html-manager from full.tpl
* Include visualization server cloudbuild yaml to facilitate local dev
* Stop fallback behavior of KFP UI to improve dev experience
* Add unit tests for aws-helper and minio-helper.
* Break up server.ts into app.ts and handlers/*.ts so that unit test can be written more easily.
* update @types/node because of https://github.com/microsoft/TypeScript/issues/32333
* upgrade kubernete-client version to be compatible with new @types/node version
* fix bug: AWSInstanceProfileCredentials.profile() returns a promise not a string
* remove I prefix from interfaces. minor fixes on lint errors.
* fix format errors
* Added more unit tests, and minor fixes.
* Fix comment: GKS should be GKE
* use jest.resetAllMocks instead of reset each mock individually
* fix format for helper test
James Liu
Yihong Wang
Joe Li
Alexey Volkov
Rafał Bigaj
Yuan (Bob) Gong
Rafael Barreto
Eterna2