Summary:
Our stan consumers are slow. That combined with a large MaxInFlight
and a large AckWait causes memory to grow really fast.
See https://github.com/nats-io/stan.go/issues/314

We had a MaxInFlight in D8658 but it got removed as part of D9448.

Test Plan: N/A

Reviewers: philkuz, michelle

Reviewed By: michelle

Differential Revision: https://phab.corp.pixielabs.ai/D9690

GitOrigin-RevId: 261448b21ab94d42c4213a59ed36101e67bfde37

Summary: Mostly cleaning up interfaces and making it easier to parse.

Test Plan: Existing test

Reviewers: michelle, philkuz

Reviewed By: michelle, philkuz

Differential Revision: https://phab.corp.pixielabs.ai/D9681

GitOrigin-RevId: de1f11838845b5ce8612655a8b030a8c9bb1d4b2

Summary: TSIA

Test Plan: Ran it

Reviewers: philkuz

Reviewed By: philkuz

Differential Revision: https://phab.corp.pixielabs.ai/D9686

GitOrigin-RevId: 63919faef659606824d53403c523f2353bf7e5de

Summary:
Adds rules to enforce the use of pure components (`React.memo`, `PureComponent`) and memoization (`React.useMemo`, `React.useCallback`) to improve performance and prevent useless renders. See [this document](https://www.notion.so/pixielabs/UI-Performance-Tooling-1960f7d9c7ce440aaa5a0442eeba5815) for details on rationale.

Introducing this rule also introduces quite a few warnings in high-touch files. It also triggers a bug in the new plugin that has to be addressed before turning the plugin on. See D9661 for that fix. Other diffs for high-touch files will also submit before this one, so head off annoyingly frequent warnings before they happen.

Of note, most of the new warnings appear to be valid, but low-value to fix in terms of performance (the big ones were already fixed without this rule's help). The rules are being added for the benefit of future changes: defaulting to memoization helps us avoid writing components that can introduce new performance problems in the UI.

Test Plan: No changes to output. Large number of new eslint warnings in existing files, but the frequently-changed ones should already be addressed in other diffs.

Reviewers: michelle, vihang, #third_party_approvers

Reviewed By: vihang, #third_party_approvers

JIRA Issues: PC-1161

Differential Revision: https://phab.corp.pixielabs.ai/D9651

GitOrigin-RevId: eb5ea298ad983017d5821608cfe70538c1282bf8

Summary: D9651 will use eslint to enforce memoization. Frequently-changed files are being updated to comply with these rules in advance, to limit annoyances.

Test Plan:
Play around with the cluster details view in the admin area.
As with every diff for this issue, check that all actions that _should_ update affected components still do.

Reviewers: michelle, vihang

Reviewed By: vihang

JIRA Issues: PC-1161

Differential Revision: https://phab.corp.pixielabs.ai/D9684

GitOrigin-RevId: e7372f863cf89c6196e22b940224014e4facf639

Summary: D9651 will use eslint to enforce memoization. Frequently-changed files are being updated to comply with these rules in advance, to limit annoyances.

Test Plan:
Logging out/in and changing clusters should behave as before.
As with every diff for this issue, check that all actions that _should_ update affected components still do.

Reviewers: michelle, vihang

Reviewed By: vihang

JIRA Issues: PC-1161

Differential Revision: https://phab.corp.pixielabs.ai/D9682

GitOrigin-RevId: 3a8d9aa980b49d336df039b33e9bd9753ff043d5

Summary: D9651 will use eslint to enforce memoization. Frequently-changed files are being updated to comply with these rules in advance, to limit annoyances.

Test Plan:
Run a few scripts.
As with every diff for this issue, check that all actions that _should_ update affected components still do.

Reviewers: michelle, vihang

Reviewed By: vihang

JIRA Issues: PC-1161

Differential Revision: https://phab.corp.pixielabs.ai/D9683

GitOrigin-RevId: b092c507495126cc2e31c1e36942c071c4bfc637

Summary: D9651 will use eslint to enforce memoization. Frequently-changed files are being updated to comply with these rules in advance, to limit annoyances.

Test Plan:
Play around with the sidebar in live views.
As with every diff for this issue, check that all actions that _should_ update affected components still do.

Reviewers: michelle, vihang

Reviewed By: vihang

JIRA Issues: PC-1161

Differential Revision: https://phab.corp.pixielabs.ai/D9685

GitOrigin-RevId: 522b10162a9712a9b8aee3abe77f891bd1bdc2fd

Test Plan: Jenkins

Reviewers: #stirling, oazizi

Reviewed By: #stirling, oazizi

Differential Revision: https://phab.corp.pixielabs.ai/D9671

GitOrigin-RevId: cd4070b7680c7cc02771eec9a5fef322295a46fd

Summary:
we were noticing instances where there were multiple copies of service tokens. after some investigation, these are basically created everytime the operator tries to run an update.
this is because the token is created everytime the service account is reapplied.

updated the deploy logic so that if it is doing an update, the service accoutns arent reapplied. this didnt use to happen in our old update scheme because we used to fully delete all resources and recreate them.

Test Plan: skaffolded operator, triggered an update and verify that the token was not created

Reviewers: vihang, philkuz, zasgar

Reviewed By: vihang

Differential Revision: https://phab.corp.pixielabs.ai/D9679

GitOrigin-RevId: 87f296933f093596bb64e8d8f7e75bf4d3549a30

Summary: Buildifier rewrote this

Test Plan: n/a

Reviewers: michelle, zasgar

Reviewed By: michelle

Differential Revision: https://phab.corp.pixielabs.ai/D9680

GitOrigin-RevId: ee797d04cadd288dace10b549c6ee8dae4a94642

Summary:
we previously allowed the MUI theme to be specified in a postmessage. however, that causes a brief flicker between when the page first renders and then applies the customTheme from the postmessage.
instead, we can allow users to specify the custom theme in the URL similar with how we allow them to set the "theme" from "light"/"dark".

alternatively, another solution was to add logic so that we wait until the postMessage is received until we render the page. however, the series of postmessage calls is already complex enough and becomes harder to test. so lets keep with the simple solution for now.

the largest downside is the max length of the URL, but we shouldnt be close to hitting that.

Test Plan: yarn dev

Reviewers: vihang, nlanam, zasgar

Reviewed By: vihang

Differential Revision: https://phab.corp.pixielabs.ai/D9677

GitOrigin-RevId: a4ef96de99ac1de3cdf69af0ba6e24e6cc70d479

Summary: add configs for launching testing.withpixie.dev

Test Plan: deployed testing cloud

Reviewers: zasgar, vihang

Reviewed By: zasgar

Differential Revision: https://phab.corp.pixielabs.ai/D9672

GitOrigin-RevId: d05681351b67c02dec3dc0bfe84b7851e3f87bc5

Summary:
Resolve issue that was reported in https://github.com/pixie-io/pixie/issues/309.

recvmmsg and sendmmsg are rare, so likely wasn't hurting too much, but conn_stats would have been wrong in such cases.

And the DCHECK would fire, of course.

Test Plan: Added a test that uses recvmmsg/sendmmsg with TCP.

Reviewers: #stirling, jps

Reviewed By: #stirling, jps

Differential Revision: https://phab.corp.pixielabs.ai/D9663

GitOrigin-RevId: f7bd20498427dd5dc74a0dc53626a8b39303eb92

Summary: TSIA

Test Plan: skaffold

Reviewers: michelle, philkuz

Reviewed By: michelle, philkuz

Differential Revision: https://phab.corp.pixielabs.ai/D9674

GitOrigin-RevId: 23c2ab88c59b206f1bd4f6d0ab8572fe2bde3226

Summary: Events cause unnecessary complexity and we can just get the same data from the actual pod conditions. Might as well remove this extra load from the k8s api and rely on what's inside PodConditions.

Test Plan: tested on skaffold with memory scheduling, taint scheduling, and updated unit tests.

Reviewers: vihang, michelle

Reviewed By: vihang

Differential Revision: https://phab.corp.pixielabs.ai/D9670

GitOrigin-RevId: 0d822cd2e8e04b1e61bcb17bb8d5a0019dda3562

Summary: TSIA

Test Plan: existing

Reviewers: michelle, vihang, #third_party_approvers

Reviewed By: michelle, vihang, #third_party_approvers

Differential Revision: https://phab.corp.pixielabs.ai/D9655

GitOrigin-RevId: bfbbd3d5690b53193ce564aa03b0e1f61ef19906

Summary: we are linking to a new place now in our footer/timeArgDetail

Test Plan: yarn dev

Reviewers: vihang, nlanam, zasgar

Reviewed By: vihang

Differential Revision: https://phab.corp.pixielabs.ai/D9668

GitOrigin-RevId: 4623eda957aec51fbc95ce03e583f625dfde8ec2

Summary: D9651 will use eslint to enforce memoization. Frequently-changed files are being updated to comply with these rules in advance, to limit annoyances.

Test Plan:
Run scripts like `px/pod` that have charts. Interact with them. Re-run with the same params; different params.
As with every diff for this issue, check that all actions that _should_ update affected components still do.

Reviewers: michelle, vihang

Reviewed By: vihang

JIRA Issues: PC-1161

Differential Revision: https://phab.corp.pixielabs.ai/D9664

GitOrigin-RevId: e5dde9d66194bb571770a54f8a5526f1da0860ba

Summary:
this diff adds the nodeWatcher, which follows the potential new channel/status aggregation scheme discussed.
the nodeWatcher runs in a separate goroutine and separately tracks its status from the monitor itself. the status only updates when there is a node update, and the update is published to the monitor through a channel.
currently the monitor has a separate goroutine which loops through the updateChannels and tracks the last status for each.

Test Plan: deployed on skaffold, ran unit test

Reviewers: vihang, philkuz

Reviewed By: vihang

JIRA Issues: PP-2963

Differential Revision: https://phab.corp.pixielabs.ai/D9648

GitOrigin-RevId: 116652a3c20bd6faf85d83352d11e9e7587374ee

Summary:
Include orgID and orgName from new auth login methods.
Also truncate `auth.json` on save so that the file doesn't include old contents.

Test Plan: Ran cli

Reviewers: zasgar, michelle

Reviewed By: zasgar

Differential Revision: https://phab.corp.pixielabs.ai/D9666

GitOrigin-RevId: ae23c772c66662326970334dad5ab40cf37b7b27

Summary: This will shrink the dev images since they have diverged from the last snapshot.

Test Plan: N/A

Reviewers: michelle, vihang

Reviewed By: michelle

Differential Revision: https://phab.corp.pixielabs.ai/D9659

GitOrigin-RevId: 71d7cb5efbc54992483694e9073a9069d4d5c081

Summary:
When we resolve the address family using sock_alloc tracing,
we need to record the address family even when it isn't AF_INET/AF_INET6.

This is so BPF can make the decision not to report the data.

This was caught by some traces where I observed some AF_ALG data showing up.

Test Plan: Test added using AF_UNIX traffic.

Reviewers: #stirling, yzhao

Reviewed By: #stirling, yzhao

Subscribers: yzhao

Differential Revision: https://phab.corp.pixielabs.ai/D9645

GitOrigin-RevId: 87c881c613949dba2044fb3371f28a84d1248144

Summary:
D9651 will enable two new rules from the `eslint-plugin-react-memo` package: `react-memo/require-memo` and `react-memo/require-usememo`. To avoid making the large number of new warnings a problem, I'm creating diffs to preemptively fix those warnings in high-touch files. This is the first such diff.

These two files were chosen first because there's a bug in the plugin: it assumes that every declaration comes with an initializer, and crashes on `let someVar;` declarations. Moving such declarations to somewhere that `eslint-plugin-react-memo` does not check - such as inside a `useMemo` - prevents this.

Test Plan: Log in to Pixie to test the callback page. Run a script and watch the tooltip change on the execute button to test the execute button. Neither should behave differently than before.

Reviewers: michelle, vihang

Reviewed By: vihang

JIRA Issues: PC-1161

Differential Revision: https://phab.corp.pixielabs.ai/D9661

GitOrigin-RevId: afff911ec92b05e2785d3df91ccf5a4e50d22d51

Summary: This diff adds a fetch action and includes all the expected events of Kafka bpf test

Test Plan: updated test

Reviewers: #stirling, oazizi

Reviewed By: #stirling, oazizi

Subscribers: oazizi

Differential Revision: https://phab.corp.pixielabs.ai/D9630

GitOrigin-RevId: ec96307a222d321222cff3ba82ce66f39a4c2307

Summary: This lets us share code between the two forms of Accept().

Test Plan: Existing tests

Reviewers: #stirling, yzhao

Reviewed By: #stirling, yzhao

Differential Revision: https://phab.corp.pixielabs.ai/D9643

GitOrigin-RevId: b8185fef6e6dce3b9ba97ddefba7276f2c65814c

Summary: Some k8s cluster admins decide to taint every node. To detect that, we just check whether pods that are stuck in pending have an event stating that they cannot be scheduled because of taints. We try to surface a specific error message and recommendation to those users. Also add a generic failed scheduling condition to at least highlight that we've hit some snag.

Test Plan: Tested on skaffold, added unit test.

Reviewers: michelle, vihang

Reviewed By: michelle

JIRA Issues: PP-2965

Differential Revision: https://phab.corp.pixielabs.ai/D9653

GitOrigin-RevId: b72f431fac1a65349ae30ddda4c8dfaa43a89933

Summary: Add a TODO, clean-up the test, add more checks, etc.

Test Plan: The test itself

Reviewers: #stirling, yzhao

Reviewed By: #stirling, yzhao

Differential Revision: https://phab.corp.pixielabs.ai/D9622

GitOrigin-RevId: dc81387281151499075731cc5635c2fd80dc4f06

Summary: Looks like there was a less than optimal merge

Test Plan: N/A

Reviewers: michelle, philkuz

Reviewed By: michelle

Differential Revision: https://phab.corp.pixielabs.ai/D9658

GitOrigin-RevId: 65909565aa8247f580f48b5f868cba5635fd9e69

Summary: when a user hits /api/auth/<authconnector>, they should be redirected to the auth connector callback with the token filled out in the query params

Test Plan: test on staging

Reviewers: vihang, zasgar

Reviewed By: zasgar

Differential Revision: https://phab.corp.pixielabs.ai/D9657

GitOrigin-RevId: 4be0e1e2ce04cd1bf186e0f951470edd754212e8

Summary: TSIA

Test Plan: Existing.

Reviewers: michelle, vihang

Reviewed By: michelle

Differential Revision: https://phab.corp.pixielabs.ai/D9656

GitOrigin-RevId: 5faeee6299739dac9e11757a3c07cb265774b0ad

Summary: the AuthConnectorToken is a short-lived access token with an additional clusterName field.

Test Plan: unit test

Reviewers: vihang, zasgar

Reviewed By: vihang, zasgar

Differential Revision: https://phab.corp.pixielabs.ai/D9654

GitOrigin-RevId: 3967fd911fc7f5b6f6f37a33379e9184d1fb28db

Summary: TSIA

Test Plan: Existing workflows

Reviewers: michelle, vihang

Reviewed By: vihang

Differential Revision: https://phab.corp.pixielabs.ai/D9652

GitOrigin-RevId: 2b85a819571423e26f413e9684885e2c279b90a7

Summary:
Detect PEM pods that are crashing. Need to check the container status of the pems to see if any are in waiting + crash loop backoff or in Terminated + Reason: Error state. Then will only show a problem if greater than 25% of the PEMs are crashing.
We can tweak this number.

Test Plan: Tested on skaffold with a forced PEM failure. Added unit test for the tester.

Reviewers: vihang, michelle

Reviewed By: vihang

JIRA Issues: PP-2964

Differential Revision: https://phab.corp.pixielabs.ai/D9646

GitOrigin-RevId: ea3aa683a5c798ec13baedd5490002e700bb71b1

Summary:
these configs/secrets will tell Pixie cloud:
1. The name of project being integrated with (this will affect the `api/auth/<integration_service>` endpoint name.
2. The callback URL for the project
3. the keys that the integration jwe should be encrypted with

Test Plan: n/a

Reviewers: zasgar, vihang

Reviewed By: vihang

Differential Revision: https://phab.corp.pixielabs.ai/D9624

GitOrigin-RevId: 5f75ebd976efa66624cd618a2d117f94d90d7a16

Summary: This adds the protos for getting an authconnector token from the auth service

Test Plan: everything still builds

Reviewers: vihang, zasgar

Reviewed By: vihang

Differential Revision: https://phab.corp.pixielabs.ai/D9650

GitOrigin-RevId: c48fd194c3c7fb9b2b808a62ef8844a0d297112b

Summary:
there are potential security risks with being able to blindly use the MUITheme sent over postmessage.
instead, we should restrict it to using `palette`, which is the only MUITheme field that we should actually need anyway.

Test Plan: yarn dev

Reviewers: nlanam, vihang, zasgar

Reviewed By: vihang

Differential Revision: https://phab.corp.pixielabs.ai/D9649

GitOrigin-RevId: eb66a445a6d9f9b8913afe7a10c189d3d49e7200

Summary:
When we test with both client and server side tracing, we have full coverage,
so no need to trace client and server side separately too.

This shortens the test a bit.

Test Plan: This is about tests.

Reviewers: #stirling, rcheng

Reviewed By: #stirling, rcheng

Differential Revision: https://phab.corp.pixielabs.ai/D9647

GitOrigin-RevId: 8446e7c0673055b54f7ff145f08a487b98afa438

Summary:
HTTP requests with large JSON responses over ~130k fail to trace because it surpasses our BPF limit of how data we can send to user-space.

With this diff, we at least report the missing data explicitly, and allow user-space to fill it with filler data.

In most cases, this should be okay, because the final payload data gets truncated anyways.

In the future, we need a better solution (better than filler), but that's a larger architectural change, which will be left for later.

Test Plan: Test for large messages was adapted.

Reviewers: #stirling, rcheng

Reviewed By: #stirling, rcheng

Subscribers: rcheng

JIRA Issues: PP-2985

Differential Revision: https://phab.corp.pixielabs.ai/D9639

GitOrigin-RevId: 8fb75c7d7ea6eb3bde6b718e07a4628f2897143b

Summary:
we are seeing a case where the retryWatcher stops running with the error:
`E0830 19:01:32.178337       1 retrywatcher.go:130] Watch failed: Get "https://10.0.0.1:443/api/v1/namespaces/pl/pods?allowWatchBookmarks=true&resourceVersion=216699922&watch=true": dial tcp 10.0.0.1:443: connect: connection refused`

This may get surfaced to us through the resultChan, so I added some logging to be sure. if there is a failure, we might as well restart the retry watcher.

Test Plan: ran skaffold, things seem to work normally. however, unclear how to cause issues to repro the error message mentioned above

Reviewers: philkuz, vihang

Reviewed By: philkuz

Differential Revision: https://phab.corp.pixielabs.ai/D9641

GitOrigin-RevId: 52c000634afa2495445b1f18bb0249ab01d324a1