Use SSL authentication if SSL params are provided (#8531)

* Use SSL if SSL options are provided * Do not override if specificly disabled
DataDog · Feb 8, 2021 · a849833 · a849833
1 parent bd40e77
commit a849833
Showing 1 changed file with 13 additions and 8 deletions.
diff --git a/ibm_mq/datadog_checks/ibm_mq/config.py b/ibm_mq/datadog_checks/ibm_mq/config.py
@@ -3,14 +3,14 @@
 # Licensed under a 3-clause BSD style license (see LICENSE)
 
 import datetime as dt
-import logging
 import re
 
 from dateutil.tz import UTC
 from six import iteritems
 
 from datadog_checks.base import AgentCheck, ConfigurationError, is_affirmative
 from datadog_checks.base.constants import ServiceCheck
+from datadog_checks.base.log import get_check_logger
 
 try:
     from typing import Dict, List, Pattern
@@ -24,9 +24,6 @@
     pymqi = None
 
 
-log = logging.getLogger(__file__)
-
-
 class IBMMQConfig:
     """
     A config object. Parse the instance and return it as an object that can be passed around
@@ -44,6 +41,7 @@ class IBMMQConfig:
     ]
 
     def __init__(self, instance):
+        self.log = get_check_logger()
         self.channel = instance.get('channel')  # type: str
         self.queue_manager_name = instance.get('queue_manager', 'default')  # type: str
 
@@ -79,7 +77,7 @@ def __init__(self, instance):
         )  # type: bool
 
         if int(self.auto_discover_queues) + int(bool(self.queue_patterns)) + int(bool(self.queue_regex)) > 1:
-            log.warning(
+            self.log.warning(
                 "Configurations auto_discover_queues, queue_patterns and queue_regex are not intended to be used "
                 "together."
             )
@@ -102,14 +100,21 @@ def __init__(self, instance):
         self.tags_no_channel = tags
         self.tags = tags + ["channel:{}".format(self.channel)]  # type: List[str]
 
+        # SSL options
         self.ssl = is_affirmative(instance.get('ssl_auth', False))  # type: bool
         self.ssl_cipher_spec = instance.get('ssl_cipher_spec', 'TLS_RSA_WITH_AES_256_CBC_SHA')  # type: str
-
         self.ssl_key_repository_location = instance.get(
             'ssl_key_repository_location', '/var/mqm/ssl-db/client/KeyringClient'
         )  # type: str
-
         self.ssl_certificate_label = instance.get('ssl_certificate_label')  # type: str
+        if instance.get('ssl_auth') is None and (
+            instance.get('ssl_cipher_spec') or instance.get('ssl_key_repository_location') or self.ssl_certificate_label
+        ):
+            self.log.info(
+                "ssl_auth has not been explictly enabled but other SSL options have been provided. "
+                "SSL will be used for connecting"
+            )
+            self.ssl = True
 
         self.mq_installation_dir = instance.get('mq_installation_dir', '/opt/mqm/')
 
@@ -139,7 +144,7 @@ def _compile_tag_re(self):
             try:
                 queue_tag_list.append([re.compile(regex_str), [t.strip() for t in tags.split(',')]])
             except TypeError:
-                log.warning('%s is not a valid regular expression and will be ignored', regex_str)
+                self.log.warning('%s is not a valid regular expression and will be ignored', regex_str)
         return queue_tag_list
 
     @staticmethod