Support insecure configuration

CHANGELOG.md

@@ -25,6 +25,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   ([#2334](https://github.com/open-telemetry/opentelemetry-python/pull/2334))
 - Add otlp entrypoint for log exporter
   ([#2322](https://github.com/open-telemetry/opentelemetry-python/pull/2322))
+- Support insecure configuration for OTLP gRPC exporter
+  ([#2350](https://github.com/open-telemetry/opentelemetry-python/pull/2350))
 
 ## [1.7.1-0.26b1](https://github.com/open-telemetry/opentelemetry-python/releases/tag/v1.7.0-0.26b0) - 2021-11-11
 

exporter/opentelemetry-exporter-otlp-proto-grpc/src/opentelemetry/exporter/otlp/proto/grpc/exporter.py

@@ -47,6 +47,7 @@
     OTEL_EXPORTER_OTLP_COMPRESSION,
     OTEL_EXPORTER_OTLP_ENDPOINT,
     OTEL_EXPORTER_OTLP_HEADERS,
+    OTEL_EXPORTER_OTLP_INSECURE,
     OTEL_EXPORTER_OTLP_TIMEOUT,
 )
 from opentelemetry.sdk.resources import Resource as SDKResource
@@ -219,10 +220,15 @@ def __init__(
         parsed_url = urlparse(endpoint)
 
         if insecure is None:
-            if parsed_url.scheme == "https":
-                insecure = False
-            else:
+            insecure = environ.get(OTEL_EXPORTER_OTLP_INSECURE)
+
+        if parsed_url.scheme == "https":
+            insecure = False
+        if insecure is None:
+            if parsed_url.scheme == "http":
                 insecure = True
+            else:
+                insecure = False
 
         if parsed_url.netloc:
             endpoint = parsed_url.netloc

exporter/opentelemetry-exporter-otlp-proto-grpc/src/opentelemetry/exporter/otlp/proto/grpc/trace_exporter/__init__.py

@@ -44,6 +44,7 @@
     OTEL_EXPORTER_OTLP_TRACES_COMPRESSION,
     OTEL_EXPORTER_OTLP_TRACES_ENDPOINT,
     OTEL_EXPORTER_OTLP_TRACES_HEADERS,
+    OTEL_EXPORTER_OTLP_TRACES_INSECURE,
     OTEL_EXPORTER_OTLP_TRACES_TIMEOUT,
 )
 from opentelemetry.sdk.trace import ReadableSpan
@@ -84,6 +85,10 @@ def __init__(
         timeout: Optional[int] = None,
         compression: Optional[Compression] = None,
     ):
+
+        if insecure is None:
+            insecure = environ.get(OTEL_EXPORTER_OTLP_TRACES_INSECURE)
+
         if (
             not insecure
             and environ.get(OTEL_EXPORTER_OTLP_TRACES_CERTIFICATE) is not None

exporter/opentelemetry-exporter-otlp-proto-grpc/tests/logs/test_otlp_logs_exporter.py

@@ -193,7 +193,7 @@ def test_otlp_exporter_endpoint(self, mock_secure, mock_insecure):
             (
                 "localhost:4317",
                 None,
-                mock_insecure,
+                mock_secure,
             ),
             (
                 "localhost:4317",
@@ -208,7 +208,7 @@ def test_otlp_exporter_endpoint(self, mock_secure, mock_insecure):
             (
                 "https://localhost:4317",
                 True,
-                mock_insecure,
+                mock_secure,
             ),
         ]
         # pylint: disable=C0209

exporter/opentelemetry-exporter-otlp-proto-grpc/tests/test_otlp_trace_exporter.py

@@ -58,6 +58,7 @@
     OTEL_EXPORTER_OTLP_TRACES_COMPRESSION,
     OTEL_EXPORTER_OTLP_TRACES_ENDPOINT,
     OTEL_EXPORTER_OTLP_TRACES_HEADERS,
+    OTEL_EXPORTER_OTLP_TRACES_INSECURE,
     OTEL_EXPORTER_OTLP_TRACES_TIMEOUT,
 )
 from opentelemetry.sdk.resources import Resource as SDKResource
@@ -289,6 +290,22 @@ def test_otlp_headers_from_env(self, mock_ssl_channel, mock_secure):
             exporter._headers, (("key5", "value5"), ("key6", "value6"))
         )
 
+    @patch.dict(
+        "os.environ",
+        {OTEL_EXPORTER_OTLP_TRACES_INSECURE: "True"},
+    )
+    @patch("opentelemetry.exporter.otlp.proto.grpc.exporter.insecure_channel")
+    # pylint: disable=unused-argument
+    def test_otlp_insecure_from_env(self, mock_insecure):
+        exporter = OTLPSpanExporter()
+        # pylint: disable=protected-access
+        self.assertTrue(mock_insecure.called)
+        self.assertEqual(
+            1,
+            mock_insecure.call_count,
+            f"expected {mock_insecure} to be called",
+        )
+
     # pylint: disable=no-self-use
     @patch("opentelemetry.exporter.otlp.proto.grpc.exporter.insecure_channel")
     @patch("opentelemetry.exporter.otlp.proto.grpc.exporter.secure_channel")
@@ -304,10 +321,30 @@ def test_otlp_exporter_endpoint(self, mock_secure, mock_insecure):
             (
                 "localhost:4317",
                 None,
+                mock_secure,
+            ),
+            (
+                "http://localhost:4317",
+                True,
                 mock_insecure,
             ),
             (
                 "localhost:4317",
+                True,
+                mock_insecure,
+            ),
+            (
+                "http://localhost:4317",
+                False,
+                mock_secure,
+            ),
+            (
+                "localhost:4317",
+                False,
+                mock_secure,
+            ),
+            (
+                "https://localhost:4317",
                 False,
                 mock_secure,
             ),
@@ -319,7 +356,7 @@ def test_otlp_exporter_endpoint(self, mock_secure, mock_insecure):
             (
                 "https://localhost:4317",
                 True,
-                mock_insecure,
+                mock_secure,  # https scheme overrides explicit insecure
             ),
         ]
         for endpoint, insecure, mock_method in endpoints:

opentelemetry-sdk/src/opentelemetry/sdk/environment_variables.py

@@ -281,18 +281,38 @@
 .. envvar:: OTEL_EXPORTER_OTLP_ENDPOINT
 
 The :envvar:`OTEL_EXPORTER_OTLP_ENDPOINT` target to which the exporter is going to send spans or metrics.
-The endpoint MUST be a valid URL with scheme (http or https) and host, and MAY contain a port and path.
-A scheme of https indicates a secure connection.
-Default: "https://localhost:4317"
+The endpoint MUST be a valid URL host, and MAY contain a scheme (http or https), port and path.
+A scheme of https indicates a secure connection and takes precedence over the `insecure` configuration setting.
+Default: "http://localhost:4317"
 """
 
+OTEL_EXPORTER_OTLP_INSECURE = "OTEL_EXPORTER_OTLP_INSECURE"
+"""
+.. envvar:: OTEL_EXPORTER_OTLP_INSECURE
+
+The :envvar:`OTEL_EXPORTER_OTLP_INSECURE` represents whether to enable client transport security for gRPC requests.
+An scheme of https takes precedence over the `insecure` configuration setting.
+Default: False
+"""
+
+
+OTEL_EXPORTER_OTLP_TRACES_INSECURE = "OTEL_EXPORTER_OTLP_TRACES_INSECURE"
+"""
+.. envvar:: OTEL_EXPORTER_OTLP_TRACES_INSECURE
+
+The :envvar:`OTEL_EXPORTER_OTLP_TRACES_INSECURE` represents whether to enable client transport security 
+for gRPC requests for spans. An scheme of https takes precedence over the `insecure` configuration setting.
+Default: False
+"""
+
+
 OTEL_EXPORTER_OTLP_TRACES_ENDPOINT = "OTEL_EXPORTER_OTLP_TRACES_ENDPOINT"
 """
 .. envvar:: OTEL_EXPORTER_OTLP_TRACES_ENDPOINT
 
 The :envvar:`OTEL_EXPORTER_OTLP_TRACES_ENDPOINT` target to which the span exporter is going to send spans.
-The endpoint MUST be a valid URL with scheme (http or https) and host, and MAY contain a port and path.
-A scheme of https indicates a secure connection.
+The endpoint MUST be a valid URL host, and MAY contain a scheme (http or https), port and path.
+A scheme of https indicates a secure connection and takes precedence over the `insecure` configuration setting.
 """
 
 OTEL_EXPORTER_OTLP_TRACES_PROTOCOL = "OTEL_EXPORTER_OTLP_TRACES_PROTOCOL"