From 945d0056be2da99afdfc7e20411c68278599c9d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9na=C3=AFc=20Huard?= Date: Tue, 18 Jan 2022 15:36:08 +0100 Subject: [PATCH] Fix the type of `bearer_token_auth` (#11144) --- .../datadog_checks/azure_iot_edge/config_models/defaults.py | 4 ++-- .../datadog_checks/azure_iot_edge/config_models/instance.py | 4 ++-- .../datadog_checks/azure_iot_edge/data/conf.yaml.example | 3 ++- cilium/datadog_checks/cilium/config_models/defaults.py | 4 ++-- cilium/datadog_checks/cilium/config_models/instance.py | 4 ++-- .../datadog_checks/cockroachdb/config_models/defaults.py | 2 +- .../datadog_checks/cockroachdb/config_models/instance.py | 2 +- coredns/datadog_checks/coredns/config_models/defaults.py | 2 +- coredns/datadog_checks/coredns/config_models/instance.py | 2 +- crio/datadog_checks/crio/config_models/defaults.py | 4 ++-- crio/datadog_checks/crio/config_models/instance.py | 4 ++-- crio/datadog_checks/crio/data/conf.yaml.example | 3 ++- .../configuration/instances/openmetrics_legacy_base.yaml | 5 ++++- .../datadog_cluster_agent/config_models/defaults.py | 4 ++-- .../datadog_cluster_agent/config_models/instance.py | 4 ++-- .../datadog_checks/datadog_cluster_agent/data/auto_conf.yaml | 3 ++- .../datadog_cluster_agent/data/conf.yaml.example | 3 ++- etcd/datadog_checks/etcd/config_models/defaults.py | 4 ++-- etcd/datadog_checks/etcd/config_models/instance.py | 4 ++-- etcd/datadog_checks/etcd/data/conf.yaml.example | 3 ++- .../datadog_checks/external_dns/config_models/defaults.py | 4 ++-- .../datadog_checks/external_dns/config_models/instance.py | 4 ++-- .../datadog_checks/external_dns/data/conf.yaml.example | 3 ++- gitlab/datadog_checks/gitlab/config_models/defaults.py | 4 ++-- gitlab/datadog_checks/gitlab/config_models/instance.py | 4 ++-- gitlab/datadog_checks/gitlab/data/conf.yaml.example | 3 ++- .../datadog_checks/gitlab_runner/config_models/defaults.py | 4 ++-- .../datadog_checks/gitlab_runner/config_models/instance.py | 4 ++-- .../datadog_checks/gitlab_runner/data/conf.yaml.example | 3 ++- haproxy/datadog_checks/haproxy/config_models/defaults.py | 4 ++-- haproxy/datadog_checks/haproxy/config_models/instance.py | 4 ++-- haproxy/datadog_checks/haproxy/data/conf.yaml.example | 3 ++- istio/datadog_checks/istio/config_models/defaults.py | 4 ++-- istio/datadog_checks/istio/config_models/instance.py | 4 ++-- .../kube_apiserver_metrics/config_models/instance.py | 4 ++-- .../kube_apiserver_metrics/data/conf.yaml.example | 3 ++- .../kube_controller_manager/data/conf.yaml.example | 3 ++- kube_dns/datadog_checks/kube_dns/data/conf.yaml.example | 3 ++- .../kube_metrics_server/data/conf.yaml.example | 3 ++- kube_proxy/datadog_checks/kube_proxy/data/conf.yaml.example | 3 ++- .../datadog_checks/kube_scheduler/config_models/defaults.py | 4 ++-- .../datadog_checks/kube_scheduler/config_models/instance.py | 4 ++-- .../datadog_checks/kube_scheduler/data/conf.yaml.example | 3 ++- linkerd/datadog_checks/linkerd/config_models/defaults.py | 4 ++-- linkerd/datadog_checks/linkerd/config_models/instance.py | 4 ++-- .../nginx_ingress_controller/config_models/defaults.py | 4 ++-- .../nginx_ingress_controller/config_models/instance.py | 4 ++-- .../nginx_ingress_controller/data/conf.yaml.example | 3 ++- .../datadog_checks/openmetrics/config_models/defaults.py | 4 ++-- .../datadog_checks/openmetrics/config_models/instance.py | 4 ++-- scylla/datadog_checks/scylla/config_models/defaults.py | 4 ++-- scylla/datadog_checks/scylla/config_models/instance.py | 4 ++-- scylla/datadog_checks/scylla/data/conf.yaml.example | 3 ++- 53 files changed, 104 insertions(+), 84 deletions(-) diff --git a/azure_iot_edge/datadog_checks/azure_iot_edge/config_models/defaults.py b/azure_iot_edge/datadog_checks/azure_iot_edge/config_models/defaults.py index b96736be0feb3..3b84d405072ac 100644 --- a/azure_iot_edge/datadog_checks/azure_iot_edge/config_models/defaults.py +++ b/azure_iot_edge/datadog_checks/azure_iot_edge/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/azure_iot_edge/datadog_checks/azure_iot_edge/config_models/instance.py b/azure_iot_edge/datadog_checks/azure_iot_edge/config_models/instance.py index 7183f259fe6c0..b519cb5070f59 100644 --- a/azure_iot_edge/datadog_checks/azure_iot_edge/config_models/instance.py +++ b/azure_iot_edge/datadog_checks/azure_iot_edge/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -69,7 +69,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] connect_timeout: Optional[float] disable_generic_tags: Optional[bool] diff --git a/azure_iot_edge/datadog_checks/azure_iot_edge/data/conf.yaml.example b/azure_iot_edge/datadog_checks/azure_iot_edge/data/conf.yaml.example index 3ab0119856040..ff6e0a3e428f8 100644 --- a/azure_iot_edge/datadog_checks/azure_iot_edge/data/conf.yaml.example +++ b/azure_iot_edge/datadog_checks/azure_iot_edge/data/conf.yaml.example @@ -144,8 +144,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/cilium/datadog_checks/cilium/config_models/defaults.py b/cilium/datadog_checks/cilium/config_models/defaults.py index 6fa20f2ed6397..5eec6df45e23e 100644 --- a/cilium/datadog_checks/cilium/config_models/defaults.py +++ b/cilium/datadog_checks/cilium/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -55,7 +55,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/cilium/datadog_checks/cilium/config_models/instance.py b/cilium/datadog_checks/cilium/config_models/instance.py index 7ac150a898eab..4c6a900c667a3 100644 --- a/cilium/datadog_checks/cilium/config_models/instance.py +++ b/cilium/datadog_checks/cilium/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -96,7 +96,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] cache_metric_wildcards: Optional[bool] cache_shared_labels: Optional[bool] diff --git a/cockroachdb/datadog_checks/cockroachdb/config_models/defaults.py b/cockroachdb/datadog_checks/cockroachdb/config_models/defaults.py index 1dcb13d5cd64c..c8850d40f1e55 100644 --- a/cockroachdb/datadog_checks/cockroachdb/config_models/defaults.py +++ b/cockroachdb/datadog_checks/cockroachdb/config_models/defaults.py @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/cockroachdb/datadog_checks/cockroachdb/config_models/instance.py b/cockroachdb/datadog_checks/cockroachdb/config_models/instance.py index 178280644952c..a994f53da6bce 100644 --- a/cockroachdb/datadog_checks/cockroachdb/config_models/instance.py +++ b/cockroachdb/datadog_checks/cockroachdb/config_models/instance.py @@ -95,7 +95,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] cache_metric_wildcards: Optional[bool] cache_shared_labels: Optional[bool] diff --git a/coredns/datadog_checks/coredns/config_models/defaults.py b/coredns/datadog_checks/coredns/config_models/defaults.py index c1181c2fe322a..47f6a6f209952 100644 --- a/coredns/datadog_checks/coredns/config_models/defaults.py +++ b/coredns/datadog_checks/coredns/config_models/defaults.py @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/coredns/datadog_checks/coredns/config_models/instance.py b/coredns/datadog_checks/coredns/config_models/instance.py index 178280644952c..a994f53da6bce 100644 --- a/coredns/datadog_checks/coredns/config_models/instance.py +++ b/coredns/datadog_checks/coredns/config_models/instance.py @@ -95,7 +95,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] cache_metric_wildcards: Optional[bool] cache_shared_labels: Optional[bool] diff --git a/crio/datadog_checks/crio/config_models/defaults.py b/crio/datadog_checks/crio/config_models/defaults.py index c49252bcf0455..b260d2216f2d0 100644 --- a/crio/datadog_checks/crio/config_models/defaults.py +++ b/crio/datadog_checks/crio/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/crio/datadog_checks/crio/config_models/instance.py b/crio/datadog_checks/crio/config_models/instance.py index e251977678d0b..eb73b95c991db 100644 --- a/crio/datadog_checks/crio/config_models/instance.py +++ b/crio/datadog_checks/crio/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -69,7 +69,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] connect_timeout: Optional[float] disable_generic_tags: Optional[bool] diff --git a/crio/datadog_checks/crio/data/conf.yaml.example b/crio/datadog_checks/crio/data/conf.yaml.example index cba518cf4c009..abb6adb1e7f3f 100644 --- a/crio/datadog_checks/crio/data/conf.yaml.example +++ b/crio/datadog_checks/crio/data/conf.yaml.example @@ -139,8 +139,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/datadog_checks_dev/datadog_checks/dev/tooling/templates/configuration/instances/openmetrics_legacy_base.yaml b/datadog_checks_dev/datadog_checks/dev/tooling/templates/configuration/instances/openmetrics_legacy_base.yaml index 0726f8a57c0d5..8e9513ebb8df2 100644 --- a/datadog_checks_dev/datadog_checks/dev/tooling/templates/configuration/instances/openmetrics_legacy_base.yaml +++ b/datadog_checks_dev/datadog_checks/dev/tooling/templates/configuration/instances/openmetrics_legacy_base.yaml @@ -147,10 +147,13 @@ - name: bearer_token_auth description: | If set to true, adds a bearer token authentication header. + If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. value: example: false - type: boolean + anyOf: + - type: boolean + - type: string - name: bearer_token_path description: | The path to a Kubernetes service account bearer token file. Make sure the file exists and is mounted correctly. diff --git a/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/config_models/defaults.py b/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/config_models/defaults.py index c49252bcf0455..b260d2216f2d0 100644 --- a/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/config_models/defaults.py +++ b/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/config_models/instance.py b/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/config_models/instance.py index e251977678d0b..eb73b95c991db 100644 --- a/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/config_models/instance.py +++ b/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -69,7 +69,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] connect_timeout: Optional[float] disable_generic_tags: Optional[bool] diff --git a/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/data/auto_conf.yaml b/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/data/auto_conf.yaml index 214b06546c455..98dd675c19ef0 100644 --- a/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/data/auto_conf.yaml +++ b/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/data/auto_conf.yaml @@ -147,8 +147,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/data/conf.yaml.example b/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/data/conf.yaml.example index fc0f1155ed38a..075e821e84e03 100644 --- a/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/data/conf.yaml.example +++ b/datadog_cluster_agent/datadog_checks/datadog_cluster_agent/data/conf.yaml.example @@ -139,8 +139,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/etcd/datadog_checks/etcd/config_models/defaults.py b/etcd/datadog_checks/etcd/config_models/defaults.py index 5a1b996041bbd..0c7ea85e660db 100644 --- a/etcd/datadog_checks/etcd/config_models/defaults.py +++ b/etcd/datadog_checks/etcd/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/etcd/datadog_checks/etcd/config_models/instance.py b/etcd/datadog_checks/etcd/config_models/instance.py index 7520c91e44514..0f409bd5126d2 100644 --- a/etcd/datadog_checks/etcd/config_models/instance.py +++ b/etcd/datadog_checks/etcd/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -69,7 +69,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] connect_timeout: Optional[float] disable_generic_tags: Optional[bool] diff --git a/etcd/datadog_checks/etcd/data/conf.yaml.example b/etcd/datadog_checks/etcd/data/conf.yaml.example index 9cb8c61b19608..8227bcd1f44b9 100644 --- a/etcd/datadog_checks/etcd/data/conf.yaml.example +++ b/etcd/datadog_checks/etcd/data/conf.yaml.example @@ -145,8 +145,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/external_dns/datadog_checks/external_dns/config_models/defaults.py b/external_dns/datadog_checks/external_dns/config_models/defaults.py index c49252bcf0455..b260d2216f2d0 100644 --- a/external_dns/datadog_checks/external_dns/config_models/defaults.py +++ b/external_dns/datadog_checks/external_dns/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/external_dns/datadog_checks/external_dns/config_models/instance.py b/external_dns/datadog_checks/external_dns/config_models/instance.py index e251977678d0b..eb73b95c991db 100644 --- a/external_dns/datadog_checks/external_dns/config_models/instance.py +++ b/external_dns/datadog_checks/external_dns/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -69,7 +69,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] connect_timeout: Optional[float] disable_generic_tags: Optional[bool] diff --git a/external_dns/datadog_checks/external_dns/data/conf.yaml.example b/external_dns/datadog_checks/external_dns/data/conf.yaml.example index bf7288c5c810b..fa04f272eb1b7 100644 --- a/external_dns/datadog_checks/external_dns/data/conf.yaml.example +++ b/external_dns/datadog_checks/external_dns/data/conf.yaml.example @@ -139,8 +139,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/gitlab/datadog_checks/gitlab/config_models/defaults.py b/gitlab/datadog_checks/gitlab/config_models/defaults.py index 7483fd4afccb3..0b733f151d0e1 100644 --- a/gitlab/datadog_checks/gitlab/config_models/defaults.py +++ b/gitlab/datadog_checks/gitlab/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -59,7 +59,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/gitlab/datadog_checks/gitlab/config_models/instance.py b/gitlab/datadog_checks/gitlab/config_models/instance.py index d48ad421bfd7e..b8414de645000 100644 --- a/gitlab/datadog_checks/gitlab/config_models/instance.py +++ b/gitlab/datadog_checks/gitlab/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -70,7 +70,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] connect_timeout: Optional[float] disable_generic_tags: Optional[bool] diff --git a/gitlab/datadog_checks/gitlab/data/conf.yaml.example b/gitlab/datadog_checks/gitlab/data/conf.yaml.example index 045784240c455..d1dcb50d0ef3e 100644 --- a/gitlab/datadog_checks/gitlab/data/conf.yaml.example +++ b/gitlab/datadog_checks/gitlab/data/conf.yaml.example @@ -110,8 +110,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/gitlab_runner/datadog_checks/gitlab_runner/config_models/defaults.py b/gitlab_runner/datadog_checks/gitlab_runner/config_models/defaults.py index c49252bcf0455..b260d2216f2d0 100644 --- a/gitlab_runner/datadog_checks/gitlab_runner/config_models/defaults.py +++ b/gitlab_runner/datadog_checks/gitlab_runner/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/gitlab_runner/datadog_checks/gitlab_runner/config_models/instance.py b/gitlab_runner/datadog_checks/gitlab_runner/config_models/instance.py index 846a71578a4e0..44cac8c37fe60 100644 --- a/gitlab_runner/datadog_checks/gitlab_runner/config_models/instance.py +++ b/gitlab_runner/datadog_checks/gitlab_runner/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -69,7 +69,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] connect_timeout: Optional[float] disable_generic_tags: Optional[bool] diff --git a/gitlab_runner/datadog_checks/gitlab_runner/data/conf.yaml.example b/gitlab_runner/datadog_checks/gitlab_runner/data/conf.yaml.example index f172a0cb24ebf..564c216c2ad63 100644 --- a/gitlab_runner/datadog_checks/gitlab_runner/data/conf.yaml.example +++ b/gitlab_runner/datadog_checks/gitlab_runner/data/conf.yaml.example @@ -193,8 +193,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/haproxy/datadog_checks/haproxy/config_models/defaults.py b/haproxy/datadog_checks/haproxy/config_models/defaults.py index 8fcc1d7226ad2..628522163cbc0 100644 --- a/haproxy/datadog_checks/haproxy/config_models/defaults.py +++ b/haproxy/datadog_checks/haproxy/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -55,7 +55,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/haproxy/datadog_checks/haproxy/config_models/instance.py b/haproxy/datadog_checks/haproxy/config_models/instance.py index 038ee08ceb362..92105b702de7e 100644 --- a/haproxy/datadog_checks/haproxy/config_models/instance.py +++ b/haproxy/datadog_checks/haproxy/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -70,7 +70,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] collate_status_tags_per_host: Optional[bool] collect_aggregates_only: Optional[Union[bool, str]] diff --git a/haproxy/datadog_checks/haproxy/data/conf.yaml.example b/haproxy/datadog_checks/haproxy/data/conf.yaml.example index 1cb667da66349..fea86475b6987 100644 --- a/haproxy/datadog_checks/haproxy/data/conf.yaml.example +++ b/haproxy/datadog_checks/haproxy/data/conf.yaml.example @@ -286,8 +286,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/istio/datadog_checks/istio/config_models/defaults.py b/istio/datadog_checks/istio/config_models/defaults.py index 40816c8d04a14..d5637e17e1925 100644 --- a/istio/datadog_checks/istio/config_models/defaults.py +++ b/istio/datadog_checks/istio/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/istio/datadog_checks/istio/config_models/instance.py b/istio/datadog_checks/istio/config_models/instance.py index 843907d7a6027..87d88b1299c50 100644 --- a/istio/datadog_checks/istio/config_models/instance.py +++ b/istio/datadog_checks/istio/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -95,7 +95,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] cache_metric_wildcards: Optional[bool] cache_shared_labels: Optional[bool] diff --git a/kube_apiserver_metrics/datadog_checks/kube_apiserver_metrics/config_models/instance.py b/kube_apiserver_metrics/datadog_checks/kube_apiserver_metrics/config_models/instance.py index a78ab0e289880..69e09130e0157 100644 --- a/kube_apiserver_metrics/datadog_checks/kube_apiserver_metrics/config_models/instance.py +++ b/kube_apiserver_metrics/datadog_checks/kube_apiserver_metrics/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -69,7 +69,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] connect_timeout: Optional[float] disable_generic_tags: Optional[bool] diff --git a/kube_apiserver_metrics/datadog_checks/kube_apiserver_metrics/data/conf.yaml.example b/kube_apiserver_metrics/datadog_checks/kube_apiserver_metrics/data/conf.yaml.example index 18134bddc2a7b..9c3386ee4f90f 100644 --- a/kube_apiserver_metrics/datadog_checks/kube_apiserver_metrics/data/conf.yaml.example +++ b/kube_apiserver_metrics/datadog_checks/kube_apiserver_metrics/data/conf.yaml.example @@ -146,8 +146,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: true + ## @param bearer_token_auth - boolean or string - optional - default: true ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: true diff --git a/kube_controller_manager/datadog_checks/kube_controller_manager/data/conf.yaml.example b/kube_controller_manager/datadog_checks/kube_controller_manager/data/conf.yaml.example index 1f9163af1e12b..2439882f9704a 100644 --- a/kube_controller_manager/datadog_checks/kube_controller_manager/data/conf.yaml.example +++ b/kube_controller_manager/datadog_checks/kube_controller_manager/data/conf.yaml.example @@ -181,8 +181,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/kube_dns/datadog_checks/kube_dns/data/conf.yaml.example b/kube_dns/datadog_checks/kube_dns/data/conf.yaml.example index a196be9c38c83..83681956349e7 100644 --- a/kube_dns/datadog_checks/kube_dns/data/conf.yaml.example +++ b/kube_dns/datadog_checks/kube_dns/data/conf.yaml.example @@ -139,8 +139,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/kube_metrics_server/datadog_checks/kube_metrics_server/data/conf.yaml.example b/kube_metrics_server/datadog_checks/kube_metrics_server/data/conf.yaml.example index 33b1201e39aa2..9279238f60f52 100644 --- a/kube_metrics_server/datadog_checks/kube_metrics_server/data/conf.yaml.example +++ b/kube_metrics_server/datadog_checks/kube_metrics_server/data/conf.yaml.example @@ -146,8 +146,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/kube_proxy/datadog_checks/kube_proxy/data/conf.yaml.example b/kube_proxy/datadog_checks/kube_proxy/data/conf.yaml.example index 551b9e08947fa..ed8a56474de30 100644 --- a/kube_proxy/datadog_checks/kube_proxy/data/conf.yaml.example +++ b/kube_proxy/datadog_checks/kube_proxy/data/conf.yaml.example @@ -139,8 +139,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/kube_scheduler/datadog_checks/kube_scheduler/config_models/defaults.py b/kube_scheduler/datadog_checks/kube_scheduler/config_models/defaults.py index 392fe2cc159a2..ec78730abccc3 100644 --- a/kube_scheduler/datadog_checks/kube_scheduler/config_models/defaults.py +++ b/kube_scheduler/datadog_checks/kube_scheduler/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/kube_scheduler/datadog_checks/kube_scheduler/config_models/instance.py b/kube_scheduler/datadog_checks/kube_scheduler/config_models/instance.py index a5fd6434f2a3f..2598628ab813a 100644 --- a/kube_scheduler/datadog_checks/kube_scheduler/config_models/instance.py +++ b/kube_scheduler/datadog_checks/kube_scheduler/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -69,7 +69,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] connect_timeout: Optional[float] disable_generic_tags: Optional[bool] diff --git a/kube_scheduler/datadog_checks/kube_scheduler/data/conf.yaml.example b/kube_scheduler/datadog_checks/kube_scheduler/data/conf.yaml.example index 4c025b6d69c39..045e468fc0e1b 100644 --- a/kube_scheduler/datadog_checks/kube_scheduler/data/conf.yaml.example +++ b/kube_scheduler/datadog_checks/kube_scheduler/data/conf.yaml.example @@ -160,8 +160,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/linkerd/datadog_checks/linkerd/config_models/defaults.py b/linkerd/datadog_checks/linkerd/config_models/defaults.py index c05c9307af258..e8c6c14c54504 100644 --- a/linkerd/datadog_checks/linkerd/config_models/defaults.py +++ b/linkerd/datadog_checks/linkerd/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/linkerd/datadog_checks/linkerd/config_models/instance.py b/linkerd/datadog_checks/linkerd/config_models/instance.py index 9c5a09d1d49dc..a994f53da6bce 100644 --- a/linkerd/datadog_checks/linkerd/config_models/instance.py +++ b/linkerd/datadog_checks/linkerd/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -95,7 +95,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] cache_metric_wildcards: Optional[bool] cache_shared_labels: Optional[bool] diff --git a/nginx_ingress_controller/datadog_checks/nginx_ingress_controller/config_models/defaults.py b/nginx_ingress_controller/datadog_checks/nginx_ingress_controller/config_models/defaults.py index a49ac3ef079dc..a5876af9df36f 100644 --- a/nginx_ingress_controller/datadog_checks/nginx_ingress_controller/config_models/defaults.py +++ b/nginx_ingress_controller/datadog_checks/nginx_ingress_controller/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/nginx_ingress_controller/datadog_checks/nginx_ingress_controller/config_models/instance.py b/nginx_ingress_controller/datadog_checks/nginx_ingress_controller/config_models/instance.py index e5e422d3c425e..ebe20c8820afe 100644 --- a/nginx_ingress_controller/datadog_checks/nginx_ingress_controller/config_models/instance.py +++ b/nginx_ingress_controller/datadog_checks/nginx_ingress_controller/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -69,7 +69,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] collect_nginx_histograms: Optional[bool] connect_timeout: Optional[float] diff --git a/nginx_ingress_controller/datadog_checks/nginx_ingress_controller/data/conf.yaml.example b/nginx_ingress_controller/datadog_checks/nginx_ingress_controller/data/conf.yaml.example index 001c96b4047fe..21449162f4aa5 100644 --- a/nginx_ingress_controller/datadog_checks/nginx_ingress_controller/data/conf.yaml.example +++ b/nginx_ingress_controller/datadog_checks/nginx_ingress_controller/data/conf.yaml.example @@ -147,8 +147,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false diff --git a/openmetrics/datadog_checks/openmetrics/config_models/defaults.py b/openmetrics/datadog_checks/openmetrics/config_models/defaults.py index e51eeaeeb729f..8fd599ad7a0bf 100644 --- a/openmetrics/datadog_checks/openmetrics/config_models/defaults.py +++ b/openmetrics/datadog_checks/openmetrics/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/openmetrics/datadog_checks/openmetrics/config_models/instance.py b/openmetrics/datadog_checks/openmetrics/config_models/instance.py index 98f19f880e3c0..711c3dbcd72db 100644 --- a/openmetrics/datadog_checks/openmetrics/config_models/instance.py +++ b/openmetrics/datadog_checks/openmetrics/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -95,7 +95,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] cache_metric_wildcards: Optional[bool] cache_shared_labels: Optional[bool] diff --git a/scylla/datadog_checks/scylla/config_models/defaults.py b/scylla/datadog_checks/scylla/config_models/defaults.py index 022fb56af96a8..31308b9e07b49 100644 --- a/scylla/datadog_checks/scylla/config_models/defaults.py +++ b/scylla/datadog_checks/scylla/config_models/defaults.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -51,7 +51,7 @@ def instance_aws_service(field, value): def instance_bearer_token_auth(field, value): - return False + return get_default_field_value(field, value) def instance_bearer_token_path(field, value): diff --git a/scylla/datadog_checks/scylla/config_models/instance.py b/scylla/datadog_checks/scylla/config_models/instance.py index f4be6eb1a3c11..3abd629f73ed4 100644 --- a/scylla/datadog_checks/scylla/config_models/instance.py +++ b/scylla/datadog_checks/scylla/config_models/instance.py @@ -1,4 +1,4 @@ -# (C) Datadog, Inc. 2021-present +# (C) Datadog, Inc. 2022-present # All rights reserved # Licensed under a 3-clause BSD style license (see LICENSE) @@ -69,7 +69,7 @@ class Config: aws_host: Optional[str] aws_region: Optional[str] aws_service: Optional[str] - bearer_token_auth: Optional[bool] + bearer_token_auth: Optional[Union[bool, str]] bearer_token_path: Optional[str] connect_timeout: Optional[float] disable_generic_tags: Optional[bool] diff --git a/scylla/datadog_checks/scylla/data/conf.yaml.example b/scylla/datadog_checks/scylla/data/conf.yaml.example index 3b92c5372a8fc..ac2cfa08d7e04 100644 --- a/scylla/datadog_checks/scylla/data/conf.yaml.example +++ b/scylla/datadog_checks/scylla/data/conf.yaml.example @@ -156,8 +156,9 @@ instances: # # include_labels: [] - ## @param bearer_token_auth - boolean - optional - default: false + ## @param bearer_token_auth - boolean or string - optional - default: false ## If set to true, adds a bearer token authentication header. + ## If set to 'tls_only', only adds a bearer token authentication header if the endpoint is secure https. ## Note: If bearer_token_path is not set, the default path is /var/run/secrets/kubernetes.io/serviceaccount/token. # # bearer_token_auth: false