From b016d3aa0b6a5ecf75a375565bcda435b6861cc3 Mon Sep 17 00:00:00 2001 From: Nick Parker Date: Wed, 21 Apr 2021 11:48:16 +1200 Subject: [PATCH 1/2] Support providing credentials using AZURE_X environment variables --- Makefile | 9 +++++---- README.md | 12 +++++++----- config/config.go | 16 ++++++++++++++++ 3 files changed, 28 insertions(+), 9 deletions(-) diff --git a/Makefile b/Makefile index ffeaafc..2fdb344 100644 --- a/Makefile +++ b/Makefile @@ -11,9 +11,10 @@ # See the License for the specific language governing permissions and # limitations under the License. -GO := GO15VENDOREXPERIMENT=1 go -PROMU := $(GOPATH)/bin/promu -pkgs = $(shell $(GO) list ./... | grep -v /vendor/) +GO := GO15VENDOREXPERIMENT=1 go +GOPATH ?= ~/go +PROMU := $(GOPATH)/bin/promu +pkgs = $(shell $(GO) list ./... | grep -v /vendor/) PREFIX ?= $(shell pwd) BIN_DIR ?= $(shell pwd) @@ -56,4 +57,4 @@ promu: GOARCH=$(subst x86_64,amd64,$(patsubst i%86,386,$(shell uname -m))) \ $(GO) get -u github.com/prometheus/promu -.PHONY: all style format build test vet tarball docker promu \ No newline at end of file +.PHONY: all style format build test vet tarball docker promu diff --git a/README.md b/README.md index 5fbcb30..57b370d 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ Note that Azure imposes an [API read limit of 15,000 requests per hour](https:// ## Exporter configuration -This exporter requires a configuration file. By default, it will look for the azure.yml file in the CWD. +This exporter requires a configuration file containing the metrics to be collected. By default, it will look for the `azure.yml` file in the CWD, or the file specified via `--config.file=/path/to/azure.yml`. ### Azure account requirements @@ -35,6 +35,8 @@ This exporter reads metrics from an existing Azure subscription with these requi * The VM running the azure-metrics-exporter must have reading permission to Azure Monitor (e.g., Subscriptions -> your_subscription -> Access control (IAM) -> Role assignments -> Add -> Add role assignment -> Role : "Monitoring Reader", Select: your_vm) * Only `subscription_id` will be needed in your credentials configuration. +Any credentials may be provided under the `credentials` section of the `azure.yml` config as in the example below, or alternatively using environment variables named `AZURE_SUBSCRIPTION_ID`, `AZURE_CLIENT_ID`, `AZURE_CLIENT_SECRET`, and `AZURE_TENANT_ID`. These environment variables allow keeping your credentials separate from the metrics configuration. + ### Example azure-metrics-exporter config `azure_resource_id` and `subscription_id` can be found under properties in the Azure portal for your application/service. @@ -55,10 +57,10 @@ You can find endpoints for national clouds [here](http://www.azurespeed.com/Info active_directory_authority_url: "https://login.microsoftonline.com/" resource_manager_url: "https://management.azure.com/" credentials: - subscription_id: - client_id: - client_secret: - tenant_id: + subscription_id: + client_id: + client_secret: + tenant_id: targets: - resource: "azure_resource_id" diff --git a/config/config.go b/config/config.go index 768c165..f9b3c00 100644 --- a/config/config.go +++ b/config/config.go @@ -3,6 +3,7 @@ package config import ( "fmt" "io/ioutil" + "os" "regexp" "strings" "sync" @@ -45,6 +46,21 @@ func (sc *SafeConfig) ReloadConfig(confFile string) (err error) { return fmt.Errorf("Error parsing config file: %s", err) } + // Check for credentials provided using environment variables. + // Treat the environment variables as overrides of anything in the YAML file. + if val, found := os.LookupEnv("AZURE_SUBSCRIPTION_ID"); found { + c.Credentials.SubscriptionID = val + } + if val, found := os.LookupEnv("AZURE_CLIENT_ID"); found { + c.Credentials.ClientID = val + } + if val, found := os.LookupEnv("AZURE_CLIENT_SECRET"); found { + c.Credentials.ClientSecret = val + } + if val, found := os.LookupEnv("AZURE_TENANT_ID"); found { + c.Credentials.TenantID = val + } + if err := c.Validate(); err != nil { return fmt.Errorf("Error validating config file: %s", err) } From 4f85a01fcb856b5793c4d0ba210aa57d665ebf61 Mon Sep 17 00:00:00 2001 From: Nick Parker Date: Wed, 21 Apr 2021 15:25:07 +1200 Subject: [PATCH 2/2] Update builder base image to latest golang --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 5616524..28a7879 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.11 as builder +FROM golang:1.16 as builder WORKDIR /go/src/github.com/RobustPerception/azure_metrics_exporter COPY . . RUN make build