Support for Custom Exporter Authenticators as Extensions #3128
Conversation
|
@jpkrohling please let me know what you think. |
There was a problem hiding this comment.
Once you move the auth configuration to the ToClient, do the same for the gRPC and provide an example of what it would take for a gRPC client to get authentication. Should be relatively simple.
We would probably also want to deprecate/remove the PerRPCCredentials we currently have, in favor of an extension with a static token. In fact, I think the current implementation could be the first implementation of the authenticator, as it's both existing and simple. The OAuth2 could be a second implementation, part of a follow-up PR.
There was a problem hiding this comment.
Looks way better! But would it be possible to split this PR, removing the OAuth extension, in favor of a simple "static token"? This way, this PR will purely be a refactor of the current gRPC PerRPCCredentials, with a subsequent PR being a new feature (OAuth2 client auth for both HTTP and gRPC).
pavankrish123
changed the title
|
@pavankrish123 - Can you verify your rebase with the 'main' branch? The build-and-test CircleCI is still failing due to "unauthorized" which should have been resolved by #3423. |
This is the core repo, not contrib, I was wrong. Contrib is now fixed, we need a similar fix for the core. @owais I believe you are already working on this. |
|
Good catch, @tigrannajaryan! Ignore my comment, @pavankrish123. |
|
@pavankrish123 - Once #3219 has been merged, we'll just need to rebase again to kickoff the blocked tests. Once this is done, let's ping Tigran to get this merged. |
|
Please rebase. |
|
I am on it. |
|
Thank again, @pavankrish123! Looks like everything is ready to be merged 🚀 |
|
Thanks @gramidt @tigrannajaryan - let me know if you need anything else. |
|
@pavankrish123 Great, I can merge this now. Are you prepared to quickly fix the contrib which will be failing because of this change as soon as we try to update it to the latest version of core? |
|
@tigrannajaryan - I'm happy to help quickly fix contrib |
|
@tigrannajaryan @gramidt I am happy to jump on too. Just let me know as soon as the contrib is updated to the latest version of core |
|
Thank you, @pavankrish123! |
|
@tigrannajaryan @gramidt open-telemetry/opentelemetry-collector-contrib#3438 opened this to track the work. All in all it looks like there are 5 exporters that need to be touched. |
|
@pavankrish123 @gramidt I merged this PR, thank you all. Please decide who updates the contrib and create a PR that does it. |
This PR renames the OIDC Auth Extension to oidcauthextension, following the naming pattern agreed as part of #3128 Signed-off-by: Juraci Paixão Kröhling <juraci@kroehling.de>
This PR ports the client authenticator interfaces from PR #3128 in a piece meal fashion. The interfaces are currently not used by any client configurations and are published for reviewing only. Plan is to modify ToClient and ToDialOptions apis once all the clients are prepared per #3287 (core and contrib side as well). Link to tracking Issue: #3287 #3282 Testing: Unit tests, [manual test described (for only oidc)](#3128 (comment))
… extensions configuration map (#3340) This PR is a port of the configfrpc's ToDialOptions() and confighttp ToClient() from PR #3128 in a piece meal fashion. The following are the changes - Refactored configgrpc.PerRPCAuth as extension implementing configauth.GrpcClientAuthenticator - Plugged in extensions configuration to all the grpc based clients in the core (OTLP, OpenCensus, Jaeger, JaegerReceiver) - Plugged in extensions configuration to all the HTTP based clients in the core (Zipkin, OTLPHTTP) Link to tracking Issue: #3282 #3276 Testing: Unit tests, [manual test described (for only oidc)](#3128 (comment))
…try#3128) This PR adds support to add client side (exporter) authenticators for HTTP and gRPC clients through extension based authenticators. This is built of top of what was added for receiver (server) side authenticators via extensions in open-telemetry#2603 **Link to tracking Issue:** open-telemetry#3115 **Testing:** - Did a manual testing for static bearer token. - Added unit tests
Description:
Adding a feature - This PR adds support to add client side (exporter) authenticators for HTTP and gRPC clients through extension based authenticators. This is built of top of what was added for receiver (server) side authenticators via extensions in #2603
Link to tracking Issue: #3115
Pending
This is a draft PR to get an approval on the design and direction to start conversation. There are these pending items
Testing: