feat: block instances (#7129)

* docs: fix init description typos * feat: block instances using limits * translate * unit tests * fix translations * redirect /ui/login * fix http interceptor * cleanup * fix http interceptor * fix: delete cookies on gateway 200 * add integration tests * add command test * docs * fix integration tests * add bulk api and integration test * optimize bulk set limits * unit test bulk limits * fix broken link * fix assets middleware * fix broken link * validate instance id format * Update internal/eventstore/search_query.go Co-authored-by: Livio Spring <livio.a@gmail.com> * remove support for owner bulk limit commands * project limits to instances * migrate instances projection * Revert "migrate instances projection" This reverts commit 214218732a. * join limits, remove owner * remove todo * use optional bool * normally validate instance ids * use 302 * cleanup * cleanup * Update internal/api/grpc/system/limits_converter.go Co-authored-by: Livio Spring <livio.a@gmail.com> * remove owner * remove owner from reset --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-08-11 21:27:42 +00:00 · 2024-01-17 11:16:48 +01:00
parent d9d376a275
commit ed0bc39ea4
80 changed files with 1609 additions and 438 deletions
--- a/internal/integration/config/docker-compose.yaml
+++ b/internal/integration/config/docker-compose.yaml
@@ -14,6 +14,7 @@ services:
      - PGUSER=zitadel
      - POSTGRES_DB=zitadel
      - POSTGRES_HOST_AUTH_METHOD=trust
+    command: postgres -c shared_preload_libraries=pg_stat_statements -c pg_stat_statements.track=all
    healthcheck:
      test: ["CMD-SHELL", "pg_isready"]
      interval: '10s'
--- a/internal/integration/config/zitadel.yaml
+++ b/internal/integration/config/zitadel.yaml
@@ -26,14 +26,6 @@ LogStore:
    Stdout:
      Enabled: true

-Quotas:
-  Access:
-    Enabled: true
-    ExhaustedCookieKey: "zitadel.quota.limiting"
-    ExhaustedCookieMaxAge: "60s"
-  Execution:
-    Enabled: true
-
 Projections:
  HandleActiveInstances: 60s
  Customizations:
--- a/internal/integration/integration.go
+++ b/internal/integration/integration.go
@@ -261,6 +261,14 @@ func (s *Tester) WithAuthorizationToken(ctx context.Context, token string) conte
 	return metadata.NewOutgoingContext(ctx, md)
 }

+func (s *Tester) BearerToken(ctx context.Context) string {
+	md, ok := metadata.FromOutgoingContext(ctx)
+	if !ok {
+		return ""
+	}
+	return md.Get("Authorization")[0]
+}
+
 func (s *Tester) ensureSystemUser() {
 	const ISSUER = "tester"
 	if s.Users.Get(FirstInstanceUsersKey, SystemUser) != nil {
@@ -303,16 +311,18 @@ func (s *Tester) Done() {
 //
 // Note: the database must already be setup and initialized before
 // using NewTester. See the CONTRIBUTING.md document for details.
-func NewTester(ctx context.Context) *Tester {
+func NewTester(ctx context.Context, zitadelConfigYAML ...string) *Tester {
 	args := strings.Split(commandLine, " ")

 	sc := make(chan *start.Server)
 	//nolint:contextcheck
 	cmd := cmd.New(os.Stdout, os.Stdin, args, sc)
 	cmd.SetArgs(args)
-	err := viper.MergeConfig(bytes.NewBuffer(zitadelYAML))
-	logging.OnError(err).Fatal()
-
+	for _, yaml := range append([]string{string(zitadelYAML)}, zitadelConfigYAML...) {
+		err := viper.MergeConfig(bytes.NewBuffer([]byte(yaml)))
+		logging.OnError(err).Fatal()
+	}
+	var err error
 	flavor := os.Getenv("INTEGRATION_DB_FLAVOR")
 	switch flavor {
 	case "cockroach", "":