From c3e6ea23715a1503cae845141e8842592dcd2e92 Mon Sep 17 00:00:00 2001 From: Georgios Andrianakis Date: Thu, 27 Jul 2023 15:07:26 +0300 Subject: [PATCH] Take quarkus.tls.trust-all into account in Otlp export --- .../exporter/otlp/OtlpExporterProcessor.java | 4 ++- .../runtime/exporter/otlp/OtlpRecorder.java | 7 ++++- .../OtelCollectorLifecycleManager.java | 10 ++++++- ...ithTLSWithTrustAllWithCompressionTest.java | 30 +++++++++++++++++++ 4 files changed, 48 insertions(+), 3 deletions(-) create mode 100644 integration-tests/opentelemetry-vertx-grpc-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/grpc/exporter/WithTLSWithTrustAllWithCompressionTest.java diff --git a/extensions/opentelemetry/deployment/src/main/java/io/quarkus/opentelemetry/deployment/exporter/otlp/OtlpExporterProcessor.java b/extensions/opentelemetry/deployment/src/main/java/io/quarkus/opentelemetry/deployment/exporter/otlp/OtlpExporterProcessor.java index ca0f2d9570b46..1c03b5bd44920 100644 --- a/extensions/opentelemetry/deployment/src/main/java/io/quarkus/opentelemetry/deployment/exporter/otlp/OtlpExporterProcessor.java +++ b/extensions/opentelemetry/deployment/src/main/java/io/quarkus/opentelemetry/deployment/exporter/otlp/OtlpExporterProcessor.java @@ -28,6 +28,7 @@ import io.quarkus.opentelemetry.runtime.exporter.otlp.EndUserSpanProcessor; import io.quarkus.opentelemetry.runtime.exporter.otlp.LateBoundBatchSpanProcessor; import io.quarkus.opentelemetry.runtime.exporter.otlp.OtlpRecorder; +import io.quarkus.runtime.TlsConfig; import io.quarkus.vertx.core.deployment.CoreVertxBuildItem; @BuildSteps(onlyIf = OtlpExporterProcessor.OtlpExporterEnabled.class) @@ -62,6 +63,7 @@ void createEndUserSpanProcessor( SyntheticBeanBuildItem createBatchSpanProcessor(OtlpRecorder recorder, OTelRuntimeConfig otelRuntimeConfig, OtlpExporterRuntimeConfig exporterRuntimeConfig, + TlsConfig tlsConfig, CoreVertxBuildItem vertxBuildItem) { return SyntheticBeanBuildItem .configure(LateBoundBatchSpanProcessor.class) @@ -71,7 +73,7 @@ SyntheticBeanBuildItem createBatchSpanProcessor(OtlpRecorder recorder, .unremovable() .addInjectionPoint(ParameterizedType.create(DotName.createSimple(Instance.class), new Type[] { ClassType.create(DotName.createSimple(SpanExporter.class.getName())) }, null)) - .createWith(recorder.batchSpanProcessorForOtlp(otelRuntimeConfig, exporterRuntimeConfig, + .createWith(recorder.batchSpanProcessorForOtlp(otelRuntimeConfig, exporterRuntimeConfig, tlsConfig, vertxBuildItem.getVertx())) .done(); diff --git a/extensions/opentelemetry/runtime/src/main/java/io/quarkus/opentelemetry/runtime/exporter/otlp/OtlpRecorder.java b/extensions/opentelemetry/runtime/src/main/java/io/quarkus/opentelemetry/runtime/exporter/otlp/OtlpRecorder.java index 02087407d5534..c33d1c50d1a84 100644 --- a/extensions/opentelemetry/runtime/src/main/java/io/quarkus/opentelemetry/runtime/exporter/otlp/OtlpRecorder.java +++ b/extensions/opentelemetry/runtime/src/main/java/io/quarkus/opentelemetry/runtime/exporter/otlp/OtlpRecorder.java @@ -25,6 +25,7 @@ import io.quarkus.opentelemetry.runtime.config.runtime.exporter.CompressionType; import io.quarkus.opentelemetry.runtime.config.runtime.exporter.OtlpExporterRuntimeConfig; import io.quarkus.opentelemetry.runtime.config.runtime.exporter.OtlpExporterTracesConfig; +import io.quarkus.runtime.TlsConfig; import io.quarkus.runtime.annotations.Recorder; import io.vertx.core.Vertx; import io.vertx.core.http.HttpClientOptions; @@ -39,7 +40,7 @@ public class OtlpRecorder { public Function, LateBoundBatchSpanProcessor> batchSpanProcessorForOtlp( OTelRuntimeConfig otelRuntimeConfig, OtlpExporterRuntimeConfig exporterRuntimeConfig, - Supplier vertx) { + TlsConfig tlsConfig, Supplier vertx) { URI grpcBaseUri = getGrpcBaseUri(exporterRuntimeConfig); // do the creation and validation here in order to preserve backward compatibility return new Function<>() { @Override @@ -128,6 +129,10 @@ private void configureTLS(HttpClientOptions options) { options.setSsl(true); options.setUseAlpn(true); } + if (tlsConfig.trustAll) { + options.setTrustAll(true); + options.setVerifyHost(false); + } } private KeyCertOptions toPemKeyCertOptions(OtlpExporterTracesConfig configuration) { diff --git a/integration-tests/opentelemetry-vertx-grpc-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/grpc/exporter/OtelCollectorLifecycleManager.java b/integration-tests/opentelemetry-vertx-grpc-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/grpc/exporter/OtelCollectorLifecycleManager.java index fdcf042e8d973..c80e748bdf4b5 100644 --- a/integration-tests/opentelemetry-vertx-grpc-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/grpc/exporter/OtelCollectorLifecycleManager.java +++ b/integration-tests/opentelemetry-vertx-grpc-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/grpc/exporter/OtelCollectorLifecycleManager.java @@ -45,6 +45,7 @@ public class OtelCollectorLifecycleManager implements QuarkusTestResourceLifecyc private SelfSignedCertificate serverTls; private SelfSignedCertificate clientTlS; private boolean enableTLS = false; + private boolean preventTrustCert = false; private boolean enableCompression = false; private Vertx vertx; @@ -58,6 +59,11 @@ public void init(Map initArgs) { var enableTLSStr = initArgs.get("enableTLS"); if (enableTLSStr != null && !enableTLSStr.isEmpty()) { enableTLS = Boolean.parseBoolean(enableTLSStr); + + var preventTrustCertStr = initArgs.get("preventTrustCert"); + if (preventTrustCertStr != null && !preventTrustCertStr.isEmpty()) { + preventTrustCert = Boolean.parseBoolean(preventTrustCertStr); + } } var enableCompressionStr = initArgs.get("enableCompression"); @@ -112,7 +118,9 @@ public Map start() { if (enableTLS) { result.put("quarkus.otel.exporter.otlp.traces.endpoint", "https://" + collector.getHost() + ":" + collector.getMappedPort(COLLECTOR_OTLP_GRPC_MTLS_PORT)); - result.put("quarkus.otel.exporter.otlp.traces.trust-cert.certs", serverTls.certificatePath()); + if (!preventTrustCert) { + result.put("quarkus.otel.exporter.otlp.traces.trust-cert.certs", serverTls.certificatePath()); + } result.put("quarkus.otel.exporter.otlp.traces.key-cert.certs", clientTlS.certificatePath()); result.put("quarkus.otel.exporter.otlp.traces.key-cert.keys", clientTlS.privateKeyPath()); } else { diff --git a/integration-tests/opentelemetry-vertx-grpc-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/grpc/exporter/WithTLSWithTrustAllWithCompressionTest.java b/integration-tests/opentelemetry-vertx-grpc-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/grpc/exporter/WithTLSWithTrustAllWithCompressionTest.java new file mode 100644 index 0000000000000..bd5a85940192f --- /dev/null +++ b/integration-tests/opentelemetry-vertx-grpc-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/grpc/exporter/WithTLSWithTrustAllWithCompressionTest.java @@ -0,0 +1,30 @@ +package io.quarkus.it.opentelemetry.vertx.grpc.exporter; + +import java.util.Collections; +import java.util.List; +import java.util.Map; + +import io.quarkus.test.junit.QuarkusTest; +import io.quarkus.test.junit.QuarkusTestProfile; +import io.quarkus.test.junit.TestProfile; + +@QuarkusTest +@TestProfile(WithTLSWithTrustAllWithCompressionTest.Profile.class) +public class WithTLSWithTrustAllWithCompressionTest extends AbstractExporterTest { + + public static class Profile implements QuarkusTestProfile { + @Override + public Map getConfigOverrides() { + return Map.of("quarkus.tls.trust-all", "true"); + } + + @Override + public List testResources() { + return Collections.singletonList( + new TestResourceEntry( + OtelCollectorLifecycleManager.class, + Map.of("enableTLS", "true", "enableCompression", "true", "preventTrustCert", "true"))); + } + } + +}