Exporting traces to insecure gRPC endpoint with auto instrumentation

[edeNFed]

Hello,
I am trying to export traces via OTLP exporter to an insecure gRPC endpoint.
Unfortunately, this export fails due to:
E0405 18:57:14.693304400 13 ssl_transport_security.cc:1395] Handshake failed with fatal error SSL_ERROR_SSL: error:100000f7:SSL routines:OPENSSL_internal:WRONG_VERSION_NUMBER.
If I understand correctly, it looks like the exporter tries to use a secure gRPC connection even though OTEL_EXPORTER_*_CERTIFICATE is not set while using auto instrumentation.

Steps to reproduce

1. Application is invoked via:
   opentelemetry-instrument python server.py
2. The following packages are used:

opentelemetry-distro==0.19b0
opentelemetry-api==1.0.0
opentelemetry-exporter-otlp==1.0.0
opentelemetry-instrumentation==0.19b0
opentelemetry-instrumentation-grpc==0.19b0
opentelemetry-instrumentation-requests==0.19b0
opentelemetry-instrumentation-sqlite3==0.19b0
opentelemetry-instrumentation-urllib==0.19b0

3. The following env vars are set:

        - name: OTEL_EXPORTER_OTLP_ENDPOINT
          value: "otel-collector:55680"
        - name: OTEL_EXPORTER_OTLP_INSECURE
          value: "True"
        - name: `OTEL_TRACES_EXPORTER
          value: otlp
        - name: OTEL_RESOURCE_ATTRIBUTES
          value: service.name=recommendationservice

I tried removing/changing OTEL_EXPORTER_OTLP_INSECURE and OTEL_TRACES_EXPORTER but without any luck.

I think the problem is that auto instrumentation is creating OTLP exporter without any args
and the default behavior for OTLP exporter, when insecure is None, is to use a secure channel.

If that's sounds correct, I will be happy to create a PR to fix it.
Thanks!

[wangzlei]

Have the same problem today when I bump dependency to 1.0.0. From this change, the insecure is None in auto-instrumentation, there is no way to configure it to True by env variable.

[codeboten]

According to the spec, the endpoint should be a full URL and the scheme should be used to determine if the connection should be secure or not:

The endpoint MUST be a valid URL with scheme (http or https) and host, and MAY contain a port and path. A scheme of https indicates a secure connection.

The fix here should be to add a check after the endpoint is set here:

opentelemetry-python/exporter/opentelemetry-exporter-otlp-proto-grpc/src/opentelemetry/exporter/otlp/proto/grpc/exporter.py

Lines 196 to 199 in 6f8c077

	endpoint = endpoint or environ.get(
	OTEL_EXPORTER_OTLP_ENDPOINT, "localhost:4317"
	)

[codeboten]

@edeNFed if you have time to get a PR together for this, it would be great to have this fixed in the next release