Skip to content

Draft:Improve local dev experience with Observability

Daniele Rossetti requested to merge rossetd-improve-obs-local-dev into rossetd-observability-ui-iframe

This change should improve the dev experience when running local instance of GL and GOP ( either full GOP stack, including the GOUI, or GOUI only )

gitlab-org/opstrace/opstrace-ui#88 (closed)

Will update Docs once approach is proved to work.

gitlab-org/opstrace/opstrace!1769 (merged)

Local GitLab + Local GOP

GitLab

  • Create env.runit file if it does not exist already in the root GDK folder
  • Add export OVERRIDE_OBSERVABILITY_URL=http://localhost:3000 ( or wherever you are hosting your local instance )
  • gdk restart
  • Enable the Observability Feature
rails c

Feature.enable(:observability_group_tab)
  • Make sure that both GL and Ops are running on the same protocol (HTTP or HTTPs)

GOP

  • If running GOP locally and loading GOUI from a Docker image, you need to have the following env vars:
GF_SECURITY_ALLOW_EMBEDDING=true
GF_SECURITY_COOKIE_SAMESITE='none'
GF_SECURITY_COOKIE_SECURE='true'
GF_SECURITY_CONTENT_SECURITY_POLICY=false
  • If running both GOP and GOUI locally, it should just work

[ Local GitLab | GL Review App ] + Hosted GOP

If on the other hand you either want to test a hosted prod/staging instance of GO ( e.g. observe.gitlab.com / staging.observe.gitlab.com ) against

  • a local instance of GitLab
  • a GitLab Review App

the quickest way might be to just install a Chrome Extension ( e.g. this ) to disable CSP and iframe security policies all together.

Alternatively, could we also deploy GO to a test env with CSP security disabled ( i.e. the env flags above ) ? Is that safe? Note: this currently does not seem to be enough as we are getting a SameSite exception!

Unclear if we need the SameSite change from this MR

What does this MR do and why?

Describe in detail what your merge request does and why.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Daniele Rossetti

Merge request reports