diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-09-11 18:10:42 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-09-11 18:10:42 +0000 |
| commit | dd174e8f6a3be398155978ac55836e69a67c0585 (patch) | |
| tree | 9d44a96d1d6cd6dd739aa74954a5341aa348ba3c /app/controllers/groups | |
| parent | b8f2bd7587f656a04f8489e235bae7c6bd93d11c (diff) | |
| download | gitlab-ce-dd174e8f6a3be398155978ac55836e69a67c0585.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/controllers/groups')
| -rw-r--r-- | app/controllers/groups/observability_controller.rb | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/app/controllers/groups/observability_controller.rb b/app/controllers/groups/observability_controller.rb new file mode 100644 index 00000000000..5b6503494c4 --- /dev/null +++ b/app/controllers/groups/observability_controller.rb @@ -0,0 +1,45 @@ +# frozen_string_literal: true +module Groups + class ObservabilityController < Groups::ApplicationController + feature_category :tracing + + content_security_policy do |p| + next if p.directives.blank? + + default_frame_src = p.directives['frame-src'] || p.directives['default-src'] + + # When ObservabilityUI is not authenticated, it needs to be able to redirect to the GL sign-in page, hence 'self' + frame_src_values = Array.wrap(default_frame_src) | [ObservabilityController.observability_url, "'self'"] + + p.frame_src(*frame_src_values) + end + + before_action :check_observability_allowed, only: :index + + def index + # Format: https://observe.gitlab.com/-/GROUP_ID + @observability_iframe_src = "#{ObservabilityController.observability_url}/-/#{@group.id}" + + # Uncomment below for testing with local GDK + # @observability_iframe_src = "#{ObservabilityController.observability_url}/9970?groupId=14485840" + + render layout: 'group', locals: { base_layout: 'layouts/fullscreen' } + end + + private + + def self.observability_url + return ENV['OVERRIDE_OBSERVABILITY_URL'] if ENV['OVERRIDE_OBSERVABILITY_URL'] + # TODO Make observability URL configurable https://gitlab.com/gitlab-org/opstrace/opstrace-ui/-/issues/80 + return "https://staging.observe.gitlab.com" if Gitlab.staging? + + "https://observe.gitlab.com" + end + + def check_observability_allowed + return render_404 unless self.class.observability_url.present? + + render_404 unless can?(current_user, :read_observability, @group) + end + end +end |