Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add new tls_only choice to the bearer_token parameter that sends the bearer token only to secure HTTPS endpoints #10706

Merged
merged 1 commit into from
Dec 29, 2021
Merged

Add new tls_only choice to the bearer_token parameter that sends the bearer token only to secure HTTPS endpoints #10706

merged 1 commit into from
Dec 29, 2021

Conversation

L3n41c
Copy link
Member

@L3n41c L3n41c commented Nov 23, 2021
edited
Loading

What does this PR do?

Change the meaning of the default value of the bearer_token parameter of the OpenMetrics based checks.
The default behaviour if not set is now to send the bearer token to secure https endpoints and not to clear text http endpoints.

Motivation

This is useful for all the checks that are leveraging the possible_prometheus_urls to try to autodetect what is the usable endpoint url based on a list of commonly used ones.
This is the case for the Kubernetes control plane components checks.

Additional Notes

Review checklist (to be filled by reviewers)

  • Feature or bugfix MUST have appropriate tests (unit, integration, e2e)
  • PR title must be written as a CHANGELOG entry (see why)
  • Files changes must correspond to the primary purpose of the PR as described in the title (small unrelated changes should have their own PR)
  • PR must have changelog/ and integration/ labels attached

@L3n41c L3n41c requested review from a team as code owners November 23, 2021 09:11
@codecov
Copy link

codecov bot commented Nov 23, 2021
edited
Loading

Codecov Report

Merging #10706 (3444d84) into master (cd2c541) will increase coverage by 0.07%.
The diff coverage is 100.00%.

Flag Coverage Δ
active_directory 100.00% <ø> (ø)
activemq_xml 82.31% <ø> (ø)
aerospike 86.97% <ø> (+0.36%) ⬆️
airflow 90.00% <ø> (ø)
amazon_msk 88.83% <ø> (ø)
ambari 85.75% <ø> (ø)
apache 95.08% <ø> (ø)
aspdotnet 93.87% <ø> (ø)
avi_vantage 91.92% <ø> (ø)
azure_iot_edge 81.93% <ø> (ø)
btrfs 82.91% <ø> (ø)
cacti 83.95% <ø> (ø)
cassandra_nodetool 94.19% <ø> (ø)
ceph 91.02% <ø> (ø)
cilium 85.84% <ø> (+1.88%) ⬆️
cisco_aci 95.88% <ø> (ø)
citrix_hypervisor 87.50% <ø> (ø)
clickhouse 95.63% <ø> (ø)
cloud_foundry_api 95.98% <ø> (+0.12%) ⬆️
cockroachdb 100.00% <ø> (+2.81%) ⬆️
consul 91.74% <ø> (ø)
coredns 95.74% <ø> (ø)
couch 95.19% <ø> (+0.24%) ⬆️
couchbase 81.45% <ø> (ø)
crio 100.00% <ø> (ø)
datadog_checks_base 90.23% <100.00%> (+0.37%) ⬆️
datadog_checks_dev 79.99% <ø> (-0.06%) ⬇️
datadog_checks_downloader 80.64% <ø> (ø)
datadog_cluster_agent 97.50% <ø> (ø)
directory 94.87% <ø> (ø)
disk 91.61% <ø> (ø)
dns_check 93.84% <ø> (ø)
dotnetclr 100.00% <ø> (ø)
druid 97.70% <ø> (ø)
ecs_fargate 80.23% <ø> (ø)
eks_fargate 94.05% <ø> (ø)
elastic 88.62% <ø> (-0.04%) ⬇️
envoy 93.90% <ø> (ø)
etcd 93.87% <ø> (+0.60%) ⬆️
exchange_server 100.00% <ø> (ø)
external_dns 100.00% <ø> (ø)
fluentd 94.77% <ø> (ø)
gearmand 78.26% <ø> (+1.24%) ⬆️
gitlab 89.94% <ø> (ø)
gitlab_runner 91.94% <ø> (ø)
glusterfs 80.09% <ø> (+0.92%) ⬆️
go_expvar 92.73% <ø> (ø)
gunicorn 93.60% <ø> (+0.75%) ⬆️
haproxy 95.08% <ø> (+0.16%) ⬆️
harbor 81.29% <ø> (ø)
hazelcast 92.39% <ø> (ø)
hdfs_datanode 89.74% <ø> (ø)
hdfs_namenode 86.72% <ø> (ø)
http_check 90.98% <ø> (+2.77%) ⬆️
ibm_db2 94.84% <ø> (ø)
ibm_i 80.65% <ø> (ø)
ibm_mq 89.45% <ø> (-0.17%) ⬇️
ibm_was 96.06% <ø> (ø)
iis 94.35% <ø> (+1.33%) ⬆️
istio 77.46% <ø> (+1.16%) ⬆️
kafka_consumer 82.28% <ø> (ø)
kong 92.21% <ø> (ø)
kube_apiserver_metrics 97.35% <ø> (ø)
kube_controller_manager 96.85% <ø> (ø)
kube_dns 98.85% <ø> (ø)
kube_metrics_server 100.00% <ø> (ø)
kube_proxy 100.00% <ø> (ø)
kube_scheduler 96.20% <ø> (ø)
kubelet 89.61% <ø> (ø)
kubernetes_state 89.52% <ø> (ø)
kyototycoon 85.96% <ø> (ø)
lighttpd 83.64% <ø> (ø)
linkerd 85.14% <ø> (+1.14%) ⬆️
linux_proc_extras 96.22% <ø> (ø)
mapr 82.62% <ø> (ø)
mapreduce 81.77% <ø> (+0.46%) ⬆️
marathon 83.12% <ø> (ø)
marklogic 95.33% <ø> (ø)
mcache 93.52% <ø> (ø)
mesos_master 90.68% <ø> (ø)
mesos_slave 93.63% <ø> (ø)
mongo 94.45% <ø> (+0.49%) ⬆️
mysql 86.87% <ø> (+0.13%) ⬆️
nagios 89.53% <ø> (ø)
network 77.76% <ø> (+1.00%) ⬆️
nfsstat 95.20% <ø> (ø)
nginx 95.26% <ø> (+1.47%) ⬆️
nginx_ingress_controller 98.30% <ø> (ø)
openldap 96.33% <ø> (ø)
openmetrics 97.14% <ø> (ø)
openstack 51.30% <ø> (ø)
openstack_controller 90.74% <ø> (ø)
oracle 93.65% <ø> (+0.52%) ⬆️
pdh_check 95.65% <ø> (ø)
pgbouncer 90.45% <ø> (ø)
php_fpm 90.21% <ø> (+0.60%) ⬆️
postfix 88.04% <ø> (ø)
postgres 91.58% <ø> (+0.30%) ⬆️
powerdns_recursor 96.65% <ø> (ø)
process 85.07% <ø> (+0.28%) ⬆️
prometheus 94.17% <ø> (ø)
proxysql 98.97% <ø> (ø)
rabbitmq 94.40% <ø> (ø)
redisdb 87.12% <ø> (ø)
rethinkdb 97.93% <ø> (ø)
riak 99.22% <ø> (ø)
riakcs 93.61% <ø> (ø)
sap_hana 92.39% <ø> (+0.26%) ⬆️
scylla 100.00% <ø> (ø)
singlestore 90.81% <ø> (ø)
snmp 90.30% <ø> (-0.21%) ⬇️
snowflake 93.60% <ø> (+0.11%) ⬆️
sonarqube 95.69% <ø> (ø)
spark 93.22% <ø> (+<0.01%) ⬆️
sqlserver 85.93% <ø> (+1.26%) ⬆️
squid 100.00% <ø> (ø)
ssh_check 91.58% <ø> (ø)
statsd 87.36% <ø> (+1.05%) ⬆️
supervisord 92.30% <ø> (ø)
system_core 91.04% <ø> (ø)
system_swap 98.30% <ø> (ø)
tcp_check 88.83% <ø> (ø)
teamcity 80.00% <ø> (ø)
tls 97.04% <ø> (+0.87%) ⬆️
tokumx 58.40% <ø> (?)
twemproxy 78.33% <ø> (ø)
twistlock 80.25% <ø> (ø)
varnish 84.57% <ø> (+0.24%) ⬆️
vault 95.04% <ø> (+0.59%) ⬆️
vertica 92.33% <ø> (ø)
voltdb 96.81% <ø> (ø)
vsphere 89.78% <ø> (+0.08%) ⬆️
win32_event_log 86.03% <ø> (+0.28%) ⬆️
windows_performance_counters 98.36% <ø> (ø)
windows_service 95.83% <ø> (ø)
wmi_check 92.91% <ø> (ø)
yarn 89.85% <ø> (ø)
zk 85.81% <ø> (+0.46%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

vboulineau
vboulineau previously approved these changes Nov 23, 2021
View reviewed changes
@L3n41c L3n41c mentioned this pull request Nov 23, 2021
Merged
4 tasks
@L3n41c L3n41c mentioned this pull request Nov 23, 2021
Merged
4 tasks
@L3n41c L3n41c force-pushed the lenaic/auto_bearer branch 4 times, most recently from 0b43b4c to e442c2b Compare December 1, 2021 14:25
@L3n41c L3n41c mentioned this pull request Dec 1, 2021
Merged
4 tasks
@L3n41c
Update the default value of the bearer_token parameter
3444d84 
to send the bearer token only to secure https endpoints and not to clear text http endpoints.
@L3n41c
Copy link
Member Author

L3n41c commented Dec 2, 2021

/azp help

@azure-pipelines
Copy link

Supported commands
  • help:
    • Get descriptions, examples and documentation about supported commands
    • Example: help "command_name"
  • list:
    • List all pipelines for this repository using a comment.
    • Example: "list"
  • run:
    • Run all pipelines or specific pipelines for this repository using a comment. Use this command by itself to trigger all related pipelines, or specify specific pipelines to run.
    • Example: "run" or "run pipeline_name, pipeline_name, pipeline_name"
  • where:
    • Report back the Azure DevOps orgs that are related to this repository and org
    • Example: "where"

See additional documentation.

@L3n41c
Copy link
Member Author

L3n41c commented Dec 2, 2021

/azp list

@azure-pipelines
Copy link

CI/CD Pipelines for this repository:

@L3n41c
Copy link
Member Author

L3n41c commented Dec 2, 2021

/azp run PR All

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@L3n41c
Copy link
Member Author

L3n41c commented Dec 2, 2021

/azp run PR All

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@ofek ofek changed the title Update the default value of the bearer_token parameter to send the bearer token only to secure https endpoints by default Add new tls_only choice to the bearer_token parameter that sends the bearer token only to secure HTTPS endpoints Dec 2, 2021
@L3n41c L3n41c merged commit 82a3e20 into master Dec 29, 2021
@L3n41c L3n41c deleted the lenaic/auto_bearer branch December 29, 2021 07:46
github-actions bot pushed a commit that referenced this pull request Dec 29, 2021
@L3n41c
Update the default value of the bearer_token parameter (#10706)
3bd3b7c 
to send the bearer token only to secure https endpoints and not to clear text http endpoints. 82a3e20
cswatt pushed a commit that referenced this pull request Jan 5, 2022
@L3n41c @cswatt
Update the default value of the bearer_token parameter (#10706)
aad448e 
to send the bearer token only to secure https endpoints and not to clear text http endpoints.
@L3n41c L3n41c mentioned this pull request Jan 14, 2022
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vickenty vickenty vickenty approved these changes

@ofek ofek ofek approved these changes

@ahmed-mez ahmed-mez ahmed-mez approved these changes

@vboulineau vboulineau vboulineau left review comments

Assignees
No one assigned
Labels
integration/datadog_checks_base integration/kube_controller_manager integration/openmetrics
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@L3n41c @vickenty @ofek @ahmed-mez @vboulineau