Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support insecure configuration #2350

Merged
merged 14 commits into from
Jan 11, 2022
Merged
Show file tree
Hide file tree
Changes from 5 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
([#2334](https://github.com/open-telemetry/opentelemetry-python/pull/2334))
- Add otlp entrypoint for log exporter
([#2322](https://github.com/open-telemetry/opentelemetry-python/pull/2322))
- Support insecure configuration for OTLP gRPC exporter
([#2350](https://github.com/open-telemetry/opentelemetry-python/pull/2350))

## [1.7.1-0.26b1](https://github.com/open-telemetry/opentelemetry-python/releases/tag/v1.7.0-0.26b0) - 2021-11-11

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@
OTEL_EXPORTER_OTLP_COMPRESSION,
OTEL_EXPORTER_OTLP_ENDPOINT,
OTEL_EXPORTER_OTLP_HEADERS,
OTEL_EXPORTER_OTLP_INSECURE,
OTEL_EXPORTER_OTLP_TIMEOUT,
)
from opentelemetry.sdk.resources import Resource as SDKResource
Expand Down Expand Up @@ -202,7 +203,7 @@ class OTLPExporterMixin(
def __init__(
self,
endpoint: Optional[str] = None,
insecure: Optional[bool] = None,
insecure: Optional[bool] = False,
areveny marked this conversation as resolved.
Show resolved Hide resolved
credentials: Optional[ChannelCredentials] = None,
headers: Optional[
Union[TypingSequence[Tuple[str, str]], Dict[str, str], str]
Expand All @@ -218,11 +219,12 @@ def __init__(

parsed_url = urlparse(endpoint)

if insecure is None:
if parsed_url.scheme == "https":
insecure = False
else:
insecure = True
insecure = insecure or environ.get(OTEL_EXPORTER_OTLP_INSECURE, False)

if insecure and parsed_url.scheme != "https":
areveny marked this conversation as resolved.
Show resolved Hide resolved
insecure = True
else:
insecure = False

areveny marked this conversation as resolved.
Show resolved Hide resolved
if parsed_url.netloc:
endpoint = parsed_url.netloc
Expand Down Expand Up @@ -250,9 +252,10 @@ def __init__(
insecure_channel(endpoint, compression=compression)
)
else:
credentials = _get_credentials(
credentials, OTEL_EXPORTER_OTLP_CERTIFICATE
)
if not credentials:
credentials = _get_credentials(
credentials, OTEL_EXPORTER_OTLP_CERTIFICATE
)
areveny marked this conversation as resolved.
Show resolved Hide resolved
self._client = self._stub(
secure_channel(endpoint, credentials, compression=compression)
)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@
OTEL_EXPORTER_OTLP_TRACES_COMPRESSION,
OTEL_EXPORTER_OTLP_TRACES_ENDPOINT,
OTEL_EXPORTER_OTLP_TRACES_HEADERS,
OTEL_EXPORTER_OTLP_TRACES_INSECURE,
OTEL_EXPORTER_OTLP_TRACES_TIMEOUT,
)
from opentelemetry.sdk.trace import ReadableSpan
Expand Down Expand Up @@ -78,12 +79,16 @@ class OTLPSpanExporter(
def __init__(
self,
endpoint: Optional[str] = None,
insecure: Optional[bool] = None,
insecure: Optional[bool] = False,
credentials: Optional[ChannelCredentials] = None,
headers: Optional[Sequence] = None,
timeout: Optional[int] = None,
compression: Optional[Compression] = None,
):

insecure = insecure or environ.get(
OTEL_EXPORTER_OTLP_TRACES_INSECURE, False
)
if (
not insecure
and environ.get(OTEL_EXPORTER_OTLP_TRACES_CERTIFICATE) is not None
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@
OTEL_EXPORTER_OTLP_TRACES_COMPRESSION,
OTEL_EXPORTER_OTLP_TRACES_ENDPOINT,
OTEL_EXPORTER_OTLP_TRACES_HEADERS,
OTEL_EXPORTER_OTLP_TRACES_INSECURE,
OTEL_EXPORTER_OTLP_TRACES_TIMEOUT,
)
from opentelemetry.sdk.resources import Resource as SDKResource
Expand Down Expand Up @@ -289,6 +290,22 @@ def test_otlp_headers_from_env(self, mock_ssl_channel, mock_secure):
exporter._headers, (("key5", "value5"), ("key6", "value6"))
)

@patch.dict(
"os.environ",
{OTEL_EXPORTER_OTLP_TRACES_INSECURE: "True"},
)
@patch("opentelemetry.exporter.otlp.proto.grpc.exporter.insecure_channel")
# pylint: disable=unused-argument
def test_otlp_insecure_from_env(self, mock_insecure):
exporter = OTLPSpanExporter()
# pylint: disable=protected-access
self.assertTrue(mock_insecure.called)
self.assertEqual(
1,
mock_insecure.call_count,
f"expected {mock_insecure} to be called",
)

# pylint: disable=no-self-use
@patch("opentelemetry.exporter.otlp.proto.grpc.exporter.insecure_channel")
@patch("opentelemetry.exporter.otlp.proto.grpc.exporter.secure_channel")
Expand All @@ -299,15 +316,35 @@ def test_otlp_exporter_endpoint(self, mock_secure, mock_insecure):
(
"http://localhost:4317",
None,
mock_insecure,
mock_secure, # Default secure
areveny marked this conversation as resolved.
Show resolved Hide resolved
),
(
"localhost:4317",
None,
mock_secure, # Default secure
),
(
"http://localhost:4317",
True,
mock_insecure,
),
(
"localhost:4317",
True,
mock_insecure,
),
(
"http://localhost:4317",
False,
mock_secure,
),
(
"localhost:4317",
False,
mock_secure,
),
(
"https://localhost:4317",
False,
mock_secure,
),
Expand All @@ -319,7 +356,7 @@ def test_otlp_exporter_endpoint(self, mock_secure, mock_insecure):
(
"https://localhost:4317",
True,
mock_insecure,
mock_secure, # https scheme overrides explicit insecure
),
]
for endpoint, insecure, mock_method in endpoints:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -281,18 +281,38 @@
.. envvar:: OTEL_EXPORTER_OTLP_ENDPOINT

The :envvar:`OTEL_EXPORTER_OTLP_ENDPOINT` target to which the exporter is going to send spans or metrics.
The endpoint MUST be a valid URL with scheme (http or https) and host, and MAY contain a port and path.
A scheme of https indicates a secure connection.
Default: "https://localhost:4317"
The endpoint MUST be a valid URL host, and MAY contain a scheme (http or https), port and path.
A scheme of https indicates a secure connection and takes precedence over the `insecure` configuration setting.
Default: "http://localhost:4317"
"""

OTEL_EXPORTER_OTLP_INSECURE = "OTEL_EXPORTER_OTLP_INSECURE"
"""
.. envvar:: OTEL_EXPORTER_OTLP_INSECURE

The :envvar:`OTEL_EXPORTER_OTLP_INSECURE` represents whether to enable client transport security for gRPC requests.
An scheme of https takes precedence over the `insecure` configuration setting.
areveny marked this conversation as resolved.
Show resolved Hide resolved
Default: False
"""


OTEL_EXPORTER_OTLP_TRACES_INSECURE = "OTEL_EXPORTER_OTLP_TRACES_INSECURE"
lzchen marked this conversation as resolved.
Show resolved Hide resolved
"""
.. envvar:: OTEL_EXPORTER_OTLP_TRACES_INSECURE

The :envvar:`OTEL_EXPORTER_OTLP_TRACES_INSECURE` represents whether to enable client transport security
for gRPC requests for spans. An scheme of https takes precedence over the `insecure` configuration setting.
areveny marked this conversation as resolved.
Show resolved Hide resolved
Default: False
"""


OTEL_EXPORTER_OTLP_TRACES_ENDPOINT = "OTEL_EXPORTER_OTLP_TRACES_ENDPOINT"
"""
.. envvar:: OTEL_EXPORTER_OTLP_TRACES_ENDPOINT

The :envvar:`OTEL_EXPORTER_OTLP_TRACES_ENDPOINT` target to which the span exporter is going to send spans.
The endpoint MUST be a valid URL with scheme (http or https) and host, and MAY contain a port and path.
A scheme of https indicates a secure connection.
The endpoint MUST be a valid URL host, and MAY contain a scheme (http or https), port and path.
A scheme of https indicates a secure connection and takes precedence over the `insecure` configuration setting.
"""

OTEL_EXPORTER_OTLP_TRACES_PROTOCOL = "OTEL_EXPORTER_OTLP_TRACES_PROTOCOL"
Expand Down