ceems-dev · mahendrapaipuri · Sep 23, 2025 · Sep 23, 2025 · Sep 23, 2025 · Sep 23, 2025
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -22,3 +22,12 @@ updates:
       npm-dependencies:
         patterns:
           - "*"
+
+  - package-ecosystem: "github-actions" # See documentation for possible values
+    directory: "/" # Workflow files stored in the default location of `.github/workflows`
+    schedule:
+      interval: "weekly"
+    groups:
+      actions-dependencies:
+        patterns:
+          - "*"
diff --git a/pkg/api/http/docs/docs.go b/pkg/api/http/docs/docs.go
@@ -1267,17 +1267,17 @@ const docTemplate = `{
                 "not_acceptable"
             ],
             "x-enum-varnames": [
-                "errorNone",
-                "errorUnauthorized",
-                "errorForbidden",
-                "errorTimeout",
-                "errorCanceled",
-                "errorExec",
-                "errorBadData",
-                "errorInternal",
-                "errorUnavailable",
-                "errorNotFound",
-                "errorNotAcceptable"
+                "ErrorNone",
+                "ErrorUnauthorized",
+                "ErrorForbidden",
+                "ErrorTimeout",
+                "ErrorCanceled",
+                "ErrorExec",
+                "ErrorBadData",
+                "ErrorInternal",
+                "ErrorUnavailable",
+                "ErrorNotFound",
+                "ErrorNotAcceptable"
             ]
         },
         "models.Cluster": {

diff --git a/pkg/api/http/docs/swagger.json b/pkg/api/http/docs/swagger.json
@@ -1264,17 +1264,17 @@
                 "not_acceptable"
             ],
             "x-enum-varnames": [
-                "errorNone",
-                "errorUnauthorized",
-                "errorForbidden",
-                "errorTimeout",
-                "errorCanceled",
-                "errorExec",
-                "errorBadData",
-                "errorInternal",
-                "errorUnavailable",
-                "errorNotFound",
-                "errorNotAcceptable"
+                "ErrorNone",
+                "ErrorUnauthorized",
+                "ErrorForbidden",
+                "ErrorTimeout",
+                "ErrorCanceled",
+                "ErrorExec",
+                "ErrorBadData",
+                "ErrorInternal",
+                "ErrorUnavailable",
+                "ErrorNotFound",
+                "ErrorNotAcceptable"
             ]
         },
         "models.Cluster": {

diff --git a/pkg/api/http/docs/swagger.yaml b/pkg/api/http/docs/swagger.yaml
@@ -196,17 +196,17 @@ definitions:
     - not_acceptable
     type: string
     x-enum-varnames:
-    - errorNone
-    - errorUnauthorized
-    - errorForbidden
-    - errorTimeout
-    - errorCanceled
-    - errorExec
-    - errorBadData
-    - errorInternal
-    - errorUnavailable
-    - errorNotFound
-    - errorNotAcceptable
+    - ErrorNone
+    - ErrorUnauthorized
+    - ErrorForbidden
+    - ErrorTimeout
+    - ErrorCanceled
+    - ErrorExec
+    - ErrorBadData
+    - ErrorInternal
+    - ErrorUnavailable
+    - ErrorNotFound
+    - ErrorNotAcceptable
   models.Cluster:
     properties:
       id:

diff --git a/pkg/api/http/error.go b/pkg/api/http/error.go
@@ -20,28 +20,28 @@ var (
 type errorType string
 
 // Error response.
-type apiError struct {
-	typ errorType
-	err error
+type APIError struct {
+	Typ errorType
+	Err error
 }
 
-func (e *apiError) Error() string {
-	return fmt.Sprintf("%s: %s", e.typ, e.err)
+func (e *APIError) Error() string {
+	return fmt.Sprintf("%s: %s", e.Typ, e.Err)
 }
 
 // List of predefined errors.
 const (
-	errorNone          errorType = ""
-	errorUnauthorized  errorType = "unauthorized"
-	errorForbidden     errorType = "forbidden"
-	errorTimeout       errorType = "timeout"
-	errorCanceled      errorType = "canceled"
-	errorExec          errorType = "execution"
-	errorBadData       errorType = "bad_data"
-	errorInternal      errorType = "internal"
-	errorUnavailable   errorType = "unavailable"
-	errorNotFound      errorType = "not_found"
-	errorNotAcceptable errorType = "not_acceptable"
+	ErrorNone          errorType = ""
+	ErrorUnauthorized  errorType = "unauthorized"
+	ErrorForbidden     errorType = "forbidden"
+	ErrorTimeout       errorType = "timeout"
+	ErrorCanceled      errorType = "canceled"
+	ErrorExec          errorType = "execution"
+	ErrorBadData       errorType = "bad_data"
+	ErrorInternal      errorType = "internal"
+	ErrorUnavailable   errorType = "unavailable"
+	ErrorNotFound      errorType = "not_found"
+	ErrorNotAcceptable errorType = "not_acceptable"
 )
 
 // Custom error codes.
@@ -53,36 +53,39 @@ const (
 
 // Custom errors.
 var (
-	errNoUser            = errors.New("no user identified")
-	errNoPrivs           = errors.New("current user does not have admin privileges")
-	errInvalidRequest    = errors.New("invalid request")
-	errInvalidQueryField = errors.New("invalid query fields")
-	errMissingUUIDs      = errors.New("uuids missing in the request")
-	errNoAuth            = errors.New("user do not have permissions on uuids")
+	ErrNoUser            = errors.New("no user identified")
+	ErrNoPrivs           = errors.New("current user does not have admin privileges")
+	ErrInvalidRequest    = errors.New("invalid request")
+	ErrInvalidQueryField = errors.New("invalid query fields")
+	ErrMissingData       = errors.New("missing data in the request")
+	ErrNoAuth            = errors.New("user do not have permissions to view metrics of this job/pod/vm")
+	ErrNoAccess          = errors.New("user do not have permissions to access this resource")
+	ErrInvalidClusterID  = errors.New("invalid ceems cluster id")
+	ErrUnavailable       = errors.New("tsdb/pyroscope unavailable")
 )
 
 // Return error response for by setting errorString and errorType in response.
-func errorResponse[T any](w http.ResponseWriter, apiErr *apiError, logger *slog.Logger, data []T) {
+func ErrorResponse[T any](w http.ResponseWriter, apiErr *APIError, logger *slog.Logger, data []T) {
 	var code int
 
-	switch apiErr.typ { //nolint:exhaustive
-	case errorBadData:
+	switch apiErr.Typ { //nolint:exhaustive
+	case ErrorBadData, errorType(ErrNoUser.Error()), errorType(ErrInvalidRequest.Error()), errorType(ErrInvalidQueryField.Error()), errorType(ErrMissingData.Error()):
 		code = http.StatusBadRequest
-	case errorUnauthorized:
+	case ErrorUnauthorized, errorType(ErrNoPrivs.Error()):
 		code = http.StatusUnauthorized
-	case errorForbidden:
+	case ErrorForbidden, errorType(ErrNoAuth.Error()), errorType(ErrNoAccess.Error()):
 		code = http.StatusForbidden
-	case errorExec:
+	case ErrorExec:
 		code = http.StatusUnprocessableEntity
-	case errorCanceled:
+	case ErrorCanceled:
 		code = statusClientClosedConnection
-	case errorTimeout:
+	case ErrorTimeout, ErrorUnavailable, errorType(ErrUnavailable.Error()):
 		code = http.StatusServiceUnavailable
-	case errorInternal:
+	case ErrorInternal:
 		code = http.StatusInternalServerError
-	case errorNotFound:
+	case ErrorNotFound:
 		code = http.StatusNotFound
-	case errorNotAcceptable:
+	case ErrorNotAcceptable:
 		code = http.StatusNotAcceptable
 	default:
 		code = http.StatusInternalServerError
@@ -92,8 +95,8 @@ func errorResponse[T any](w http.ResponseWriter, apiErr *apiError, logger *slog.
 
 	response := Response[T]{
 		Status:    "error",
-		ErrorType: apiErr.typ,
-		Error:     apiErr.err.Error(),
+		ErrorType: apiErr.Typ,
+		Error:     apiErr.Err.Error(),
 		Data:      data,
 	}
 

diff --git a/pkg/api/http/error_test.go b/pkg/api/http/error_test.go
@@ -11,6 +11,6 @@ import (
 )
 
 func TestApiError(t *testing.T) {
-	e := apiError{typ: errorBadData, err: errors.New("bad data")}
+	e := APIError{Typ: ErrorBadData, Err: errors.New("bad data")}
 	assert.Equal(t, "bad_data: bad data", e.Error())
 }
diff --git a/pkg/api/http/middleware.go b/pkg/api/http/middleware.go
@@ -90,7 +90,7 @@ func (amw *authenticationMiddleware) Middleware(next http.Handler) http.Handler
 			amw.logger.Error("User Header not found. Denying authentication")
 
 			// Write an error and stop the handler chain
-			errorResponse[any](w, &apiError{errorUnauthorized, errNoUser}, amw.logger, nil)
+			ErrorResponse[any](w, &APIError{ErrorUnauthorized, ErrNoUser}, amw.logger, nil)
 
 			return
 		}
@@ -121,7 +121,7 @@ func (amw *authenticationMiddleware) Middleware(next http.Handler) http.Handler
 				amw.logger.Error("Unprivileged user accessing admin resource", "logger_user", loggedUser, "url", r.URL)
 
 				// Write an error and stop the handler chain
-				errorResponse[any](w, &apiError{errorForbidden, errNoPrivs}, amw.logger, nil)
+				ErrorResponse[any](w, &APIError{ErrorForbidden, ErrNoPrivs}, amw.logger, nil)
 
 				return
 			}