Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add otlp tls configuration #998

Merged
merged 7 commits into from
Dec 11, 2024
Merged

feat: add otlp tls configuration #998

merged 7 commits into from
Dec 11, 2024

Conversation

fabriziosestito
Copy link
Contributor

@fabriziosestito fabriziosestito commented Dec 9, 2024
edited
Loading

Description

This PR adds the following flags and env variables:

  • otlp-certificate/OTEL_EXPORTER_OTLP_CERTIFICATE: The trusted certificate to use when verifying a server's TLS credentials.
  • otlp-client-certificate/OTEL_EXPORTER_OTLP_CLIENT_CERTIFICATE: Client certificate/chain trust for clients private key to use in mTLS communication in PEM format.
  • otlp-client-key/ OTEL_EXPORTER_OTLP_CLIENT_KEY: Client certificate/chain trust for clients private key to use in mTLS communication in PEM format.

Test

Updates otel integration test

Additional Information

Tradeoff

Rust opentelemetry only supports tls by using tonic (grpc).

Closes #993

fabriziosestito
fabriziosestito commented Dec 9, 2024
View reviewed changes
@fabriziosestito fabriziosestito force-pushed the feat/add-otlp-tls-flags branch 2 times, most recently from 1fa0050 to 2e6f873 Compare December 9, 2024 18:43
@fabriziosestito fabriziosestito added this to the 1.20 milestone Dec 9, 2024
@fabriziosestito fabriziosestito self-assigned this Dec 9, 2024
@fabriziosestito fabriziosestito marked this pull request as ready for review December 9, 2024 18:46
@fabriziosestito fabriziosestito requested a review from a team as a code owner December 9, 2024 18:46
@fabriziosestito fabriziosestito force-pushed the feat/add-otlp-tls-flags branch from 2e6f873 to 9cccaa1 Compare December 9, 2024 18:57
@codecov Codecov
Copy link

codecov bot commented Dec 9, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 93.10345% with 2 lines in your changes missing coverage. Please review.

Project coverage is 63.58%. Comparing base (7a38476) to head (f0879b1).
Report is 8 commits behind head on main.

Files with missing lines Patch % Lines
src/main.rs 0.00% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #998      +/-   ##
==========================================
+ Coverage   62.64%   63.58%   +0.94%     
==========================================
  Files          17       17              
  Lines        1052     1071      +19     
==========================================
+ Hits          659      681      +22     
+ Misses        393      390       -3
Flag Coverage Δ
integration-tests 56.26% <93.10%> (+1.07%) ⬆️
unit-tests 37.29% <0.00%> (-0.81%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

flavio
flavio reviewed Dec 10, 2024
View reviewed changes
Copy link
Member

@flavio flavio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Everything looks good, modulo what Jose pointed out about the test.

Moreover, as a nitpick, I would not add the certificate CA, keys and certificates to the test directory, but I would generate them before running the tests. This can be easily done with the rcgen crate from the rustls project.

@fabriziosestito fabriziosestito force-pushed the feat/add-otlp-tls-flags branch 3 times, most recently from cbb96c7 to 218f5db Compare December 10, 2024 11:51
@fabriziosestito fabriziosestito changed the title feat: add otlp tls flags feat: add otlp tls configuration Dec 11, 2024
@fabriziosestito
Copy link
Contributor Author

fabriziosestito commented Dec 11, 2024
edited
Loading

@flavio @jvanz I've added a new commit 8a011af which removes the flags entirely and uses the env variables for everything.
However, I needed to implement the certificates env vars logic which is not provided by opentelemetry-rust, see open-telemetry/opentelemetry-rust#984

flavio
flavio requested changes Dec 11, 2024
View reviewed changes
Copy link
Member

@flavio flavio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like it. The only comment that must be addressed is the one about the mTLS tests

viccuad
viccuad approved these changes Dec 11, 2024
View reviewed changes
Copy link
Member

@viccuad viccuad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, modulo Flavio's suggestions.

flavio
flavio approved these changes Dec 11, 2024
View reviewed changes
Copy link
Member

@flavio flavio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks for having implemented the requested changes

@fabriziosestito fabriziosestito merged commit 63f80a8 into kubewarden:main Dec 11, 2024
11 checks passed
@jvanz
Copy link
Member

jvanz commented Dec 11, 2024

👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@viccuad viccuad viccuad approved these changes

@flavio flavio flavio approved these changes

@jvanz jvanz Awaiting requested review from jvanz

Assignees

@fabriziosestito fabriziosestito

Labels
kind/feature
Projects
Kubewarden
Archived in project
Milestone
1.20
Development

Successfully merging this pull request may close these issues.

Support send data to remote Otel collector
4 participants
@fabriziosestito @jvanz @flavio @viccuad