Fixed reader to support both authentication and tenant-id

CHANGELOG.md

@@ -178,6 +178,7 @@ to include only the most relevant.
 * [5543](https://github.com/grafana/loki/pull/5543) **cyriltovena**: update loki go version to 1.17.8
 * [5450](https://github.com/grafana/loki/pull/5450) **BenoitKnecht**: pkg/ruler/base: Add external_labels option
 * [5484](https://github.com/grafana/loki/pull/5450) **sandeepsukhani**: Add support for per user index query readiness with limits overrides
+* [5719](https://github.com/grafana/loki/pull/5719) **kovaxur**: Loki can use both basic-auth and tenant-id
 * [5661](https://github.com/grafana/loki/pull/5450) **masslessparticle**: Invalidate caches on deletes
 * [5358](https://github.com/grafana/loki/pull/5358) **DylanGuedes**: Add `RingMode` support to `IndexGateway`
 * [5435](https://github.com/grafana/loki/pull/5435) **slim-bean**: set match_max_concurrent true by default

cmd/loki-canary/main.go

@@ -37,9 +37,9 @@ func main() {
 	port := flag.Int("port", 3500, "Port which loki-canary should expose metrics")
 	addr := flag.String("addr", "", "The Loki server URL:Port, e.g. loki:3100")
 	tls := flag.Bool("tls", false, "Does the loki connection use TLS?")
-	user := flag.String("user", "", "Loki username. Must not be set with tenant-id flag.")
-	pass := flag.String("pass", "", "Loki password. Must not be set with tenant-id flag.")
-	tenantID := flag.String("tenant-id", "", "Tenant id to be set in X-Scope-OrgID header. Must not be set with user/pass flags.")
+	user := flag.String("user", "", "Loki username.")
+	pass := flag.String("pass", "", "Loki password.")
+	tenantID := flag.String("tenant-id", "", "Tenant ID to be set in X-Scope-OrgID header.")
 	queryTimeout := flag.Duration("query-timeout", 10*time.Second, "How long to wait for a query response from Loki")
 
 	interval := flag.Duration("interval", 1000*time.Millisecond, "Duration between log entries")

docs/sources/operations/loki-canary.md

@@ -355,6 +355,8 @@ All options:
   -streamvalue string
         The unique stream value for this instance of Loki Canary to use in the log selector
         (default "stdout")
+  -tenant-id string
+        Tenant ID to be set in X-Scope-OrgID header.
   -tls
         Does the Loki connection use TLS?
   -user string

pkg/canary/reader/reader.go

@@ -87,9 +87,10 @@ func NewReader(writer io.Writer,
 ) *Reader {
 	h := http.Header{}
 	if user != "" {
-		h = http.Header{"Authorization": {"Basic " + base64.StdEncoding.EncodeToString([]byte(user+":"+pass))}}
-	} else if tenantID != "" {
-		h = http.Header{"X-Scope-OrgID": {tenantID}}
+		h.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte(user+":"+pass)))
+	}
+	if tenantID != "" {
+		h.Set("X-Scope-OrgID", tenantID)
 	}
 
 	next := time.Now()
@@ -182,7 +183,8 @@ func (r *Reader) QueryCountOverTime(queryRange string) (float64, error) {
 
 	if r.user != "" {
 		req.SetBasicAuth(r.user, r.pass)
-	} else if r.tenantID != "" {
+	}
+	if r.tenantID != "" {
 		req.Header.Set("X-Scope-OrgID", r.tenantID)
 	}
 	req.Header.Set("User-Agent", userAgent)
@@ -272,7 +274,8 @@ func (r *Reader) Query(start time.Time, end time.Time) ([]time.Time, error) {
 
 	if r.user != "" {
 		req.SetBasicAuth(r.user, r.pass)
-	} else if r.tenantID != "" {
+	}
+	if r.tenantID != "" {
 		req.Header.Set("X-Scope-OrgID", r.tenantID)
 	}
 	req.Header.Set("User-Agent", userAgent)