ClusterCockpit/cc-backend
1
0
Fork 0
mirror of https://github.com/ClusterCockpit/cc-backend synced 2026-06-18 01:17:29 +02:00
Code Issues Packages Releases Activity
2,819 Commits 4 Branches 18 Tags
83d04dff179edd37a3440606b0f7c4f3a135a82b
Commit Graph

144 Commits

Author SHA1 Message Date
Jan Eitzinger
83d04dff17 feat(auth): replace .env/godotenv secret handling with config-based secrets 
Secrets (JWT keys, LDAP sync password, OIDC client id/secret, cross-login
keys) are now configured directly in config.json under the auth section
where they are used. Each secret can still be supplied via its existing
environment variable, which takes precedence over the config value.

The godotenv dependency, the .env file, configs/env-template.txt and the
loadEnvironment() bootstrap step are removed. -init now writes the demo
JWT keys into config.json instead of a .env file.

Closes #283

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Entire-Checkpoint: 3a7cb814c53f
 2026-06-17 12:28:17 +02:00
Jan Eitzinger
2b01b57495 feat: replace gorilla/sessions with alexedwards/scs/v2 
Browser sessions are now server-side, stored in the SQLite database via
scs/sqlite3store (new `sessions` table, DB migration to version 12) instead
of gorilla/sessions client-side cookie storage. Only an opaque random token
is kept in the cookie; session data lives server-side and survives restarts.

Session middleware is wired as a hybrid to avoid buffering large responses:
scs.LoadAndSave on the login/logout write paths, and a non-buffering
read-only LoadSession middleware on the secured/config/frontend read paths
so the large GraphQL /query responses stream unbuffered. JWT-only APIs
(/api, /userapi, /api/metricstore) and static files are left unwrapped.

The session cookie Secure flag is now derived from the server config (set
when cc-backend terminates TLS itself); previously it was effectively never
set. The SESSION_KEY env var is removed as server-side tokens need no
signing secret. The dormant Bearer-JWT branch in the frontend urql client
is removed; the web UI authenticates GraphQL via the session cookie.

Closes #558

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Entire-Checkpoint: b51075f43cc7
 2026-06-17 07:54:26 +02:00
Jan Eitzinger
3bef199cbe Regenerate GraphQL 2026-06-04 20:12:27 +02:00
Jan Eitzinger
8bf5f67bb2 Update dependencies 2026-05-29 16:44:05 +02:00
Jan Eitzinger
2ca3285ccd Upgrade dependencies 2026-04-24 09:09:11 +02:00
Jan Eitzinger
999d93efc3 Fix goreleaser config. Cleanup. 2026-03-20 09:19:13 +01:00
Jan Eitzinger
33bc19c732 Upgrade cc-lib 2026-03-18 05:52:58 +01:00
Jan Eitzinger
0aad8f01c8 Upgrade cc-lib 
Fixes panic in AddNodeScope

Entire-Checkpoint: afef27e07ec9
 2026-03-16 08:55:56 +01:00
Jan Eitzinger
e38396a081 Upgrade dependencies. Rebuild GraphQL. 
Entire-Checkpoint: f770853c9fa0
 2026-03-13 17:22:34 +01:00
Jan Eitzinger
47181330e9 Update to latest cc-lib 2026-03-04 17:39:46 +01:00
Jan Eitzinger
763e0c8d7c Upgrade dependencies 2026-03-03 15:43:38 +01:00
Jan Eitzinger
4c3cd8e66a Merge branch 'dev' into optimize-checkpoint-wal 2026-02-27 09:30:32 +01:00
Jan Eitzinger
6ecb934967 Switch to CC line-protocol package. Update cc-lib. 2026-02-27 08:55:33 +01:00
Jan Eitzinger
ca0f9a42c7 Introduce metric store binary checkpoints with write ahead log 2026-02-26 10:08:40 +01:00
Jan Eitzinger
8989b7a410 Update cclib 2026-02-23 18:45:41 +01:00
Jan Eitzinger
d8ad6dd3f0 Upgrade cc-lib to 2.5.1 2026-02-18 09:21:05 +01:00
Jan Eitzinger
589149790f Upgrade dependencies 2026-02-18 07:45:45 +01:00
Christoph Kluge
fe3ebe0abc add healthStatus tab to status details, add graphql endpoints and handlers 2026-02-17 14:38:06 +01:00
Jan Eitzinger
f016bd4232 Extend node repository unit tests 2026-02-12 09:30:14 +01:00
Jan Eitzinger
865cd3db54 Prersist faulty nodestate metric lists to db 2026-02-12 08:48:15 +01:00
Jan Eitzinger
f4ee0d1042 Update cc-lib and extend nodestate sql schema 2026-02-12 07:34:24 +01:00
Jan Eitzinger
8d6c6b819b Update and port to cc-lib 2026-02-11 07:06:06 +01:00
Christoph Kluge
49a1748641 add not configured info cards, show short job filter options if one active filter 2026-02-10 13:49:23 +01:00
Jan Eitzinger
d21943a514 Upgrade cc-lib 2026-02-10 07:52:58 +01:00
Jan Eitzinger
f6aa40d927 Migrate from gorilla to chi web framework. add 404 handler 2026-02-07 17:48:12 +01:00
Jan Eitzinger
c920c57f5d Add parquet file job archiving target 2026-02-07 10:51:56 +01:00
Christoph Kluge
5655639320 add subCluster jobFilter for statusDetail queries 2026-02-06 11:10:08 +01:00
Jan Eitzinger
28a3ff8d67 Upgrade cc-lib. Change nodestate log levels 2026-01-27 14:26:41 +01:00
Jan Eitzinger
c782043c64 Upgrade cclib and remove usage of obsolete util.Float 2026-01-26 08:38:53 +01:00
Jan Eitzinger
e1efc68476 Update dependencies. Rebuild graphql and swagger 2026-01-15 08:32:06 +01:00
Jan Eitzinger
fb8db3c3ae Add query which node metric data needs to be retained 2026-01-14 07:37:31 +01:00
Jan Eitzinger
d3f3c532b1 Merge branch 'master' into dev 2026-01-12 11:18:56 +01:00
Jan Eitzinger
affa85c086 Merge pull request #469 from ClusterCockpit/dependabot/go_modules/github.com/aws/aws-sdk-go-v2/credentials-1.19.7 
Bump github.com/aws/aws-sdk-go-v2/credentials from 1.19.6 to 1.19.7
 2026-01-12 10:30:35 +01:00
dependabot[bot]
fae6d9d835 Bump github.com/mattn/go-sqlite3 from 1.14.32 to 1.14.33 
Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.32 to 1.14.33.
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.32...v1.14.33)

---
updated-dependencies:
- dependency-name: github.com/mattn/go-sqlite3
  dependency-version: 1.14.33
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-12 08:52:44 +00:00
dependabot[bot]
78f1db7ad1 Bump github.com/aws/aws-sdk-go-v2/credentials from 1.19.6 to 1.19.7 
Bumps [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2) from 1.19.6 to 1.19.7.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/m2/v1.19.6...service/m2/v1.19.7)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/credentials
  dependency-version: 1.19.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-12 08:52:40 +00:00
Jan Eitzinger
f1367f84f8 Merge branch 'master' into dev 2026-01-12 09:14:45 +01:00
dependabot[bot]
8641d9053d Bump golang.org/x/oauth2 from 0.32.0 to 0.34.0 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.32.0 to 0.34.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.32.0...v0.34.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-12 08:07:20 +00:00
Jan Eitzinger
4a5ab8a279 Merge pull request #462 from ClusterCockpit/dependabot/go_modules/github.com/99designs/gqlgen-0.17.85 
Bump github.com/99designs/gqlgen from 0.17.84 to 0.17.85
 2026-01-12 09:06:18 +01:00
Jan Eitzinger
d179412ab6 Merge pull request #463 from ClusterCockpit/dependabot/go_modules/github.com/aws/aws-sdk-go-v2/service/s3-1.95.0 
Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.90.2 to 1.95.0
 2026-01-12 09:05:50 +01:00
Jan Eitzinger
56399523d7 Update module deps 2026-01-12 09:00:06 +01:00
dependabot[bot]
a2414791bf Bump github.com/go-co-op/gocron/v2 from 2.18.2 to 2.19.0 
Bumps [github.com/go-co-op/gocron/v2](https://github.com/go-co-op/gocron) from 2.18.2 to 2.19.0.
- [Release notes](https://github.com/go-co-op/gocron/releases)
- [Commits](https://github.com/go-co-op/gocron/compare/v2.18.2...v2.19.0)

---
updated-dependencies:
- dependency-name: github.com/go-co-op/gocron/v2
  dependency-version: 2.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-29 08:05:04 +00:00
dependabot[bot]
faf3a19f0c Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.90.2 to 1.95.0 
Bumps [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) from 1.90.2 to 1.95.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.90.2...service/s3/v1.95.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-version: 1.95.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-29 08:04:58 +00:00
dependabot[bot]
4e6038d6c1 Bump github.com/99designs/gqlgen from 0.17.84 to 0.17.85 
Bumps [github.com/99designs/gqlgen](https://github.com/99designs/gqlgen) from 0.17.84 to 0.17.85.
- [Release notes](https://github.com/99designs/gqlgen/releases)
- [Changelog](https://github.com/99designs/gqlgen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/99designs/gqlgen/compare/v0.17.84...v0.17.85)

---
updated-dependencies:
- dependency-name: github.com/99designs/gqlgen
  dependency-version: 0.17.85
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-29 08:03:41 +00:00
Jan Eitzinger
8576ae458d Switch to cc-lib v2 2025-12-24 09:24:18 +01:00
dependabot[bot]
29a20f7b0b Bump github.com/expr-lang/expr from 1.17.6 to 1.17.7 
Bumps [github.com/expr-lang/expr](https://github.com/expr-lang/expr) from 1.17.6 to 1.17.7.
- [Release notes](https://github.com/expr-lang/expr/releases)
- [Commits](https://github.com/expr-lang/expr/compare/v1.17.6...v1.17.7)

---
updated-dependencies:
- dependency-name: github.com/expr-lang/expr
  dependency-version: 1.17.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-23 09:07:01 +00:00
Jan Eitzinger
874c019fb6 Merge pull request #457 from ClusterCockpit/dependabot/go_modules/github.com/aws/aws-sdk-go-v2/config-1.32.6 
Bump github.com/aws/aws-sdk-go-v2/config from 1.31.20 to 1.32.6
 2025-12-23 10:06:17 +01:00
Jan Eitzinger
c1135531ba Port NATS api to ccMessages 2025-12-23 07:56:13 +01:00
dependabot[bot]
5a8b929448 Bump github.com/aws/aws-sdk-go-v2/config from 1.31.20 to 1.32.6 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.31.20 to 1.32.6.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.31.20...v1.32.6)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.32.6
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-22 08:04:43 +00:00
dependabot[bot]
fe78f2f433 Bump github.com/coreos/go-oidc/v3 from 3.16.0 to 3.17.0 
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.16.0 to 3.17.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](https://github.com/coreos/go-oidc/compare/v3.16.0...v3.17.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-version: 3.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-22 08:03:31 +00:00
Jan Eitzinger
1cd4a57bd3 Remove support for mysql/mariadb 2025-12-20 11:13:41 +01:00