search

aws-observability / aws-otel-collector

AWS Distro for OpenTelemetry Collector (see ADOT Roadmap at https://github.com/orgs/aws-observability/projects/4)
https://aws-otel.github.io/
Other
583 stars 239 forks source link

Add basicauth extension to collectors #1930

Open cedricziel opened 1 year ago

cedricziel commented 1 year ago

Is your feature request related to a problem? Please describe. As a user, I want to use credentials in a transparent way, without having to transform them first. As such, basic auth credentials currently have to be base64 encoded and passed as raw header array.

receivers:
  otlp:
exporters:
  otlphttp:
    endpoint: ${OTLPHTTP_ENDPOINT}
    headers:
      Authorization: "Basic base64encodedcreds="
processors:
  batch:
extensions:
  health_check:
service:
  extensions: [health_check]
  pipelines:
    traces:
      receivers: [otlp]
      processors: []
      exporters: [otlphttp]

Describe the solution you'd like The otelcol-contrib offers a basicauth extension so configuration and secret values become more readable and less opaque.

The following example uses the extension and allows users to work with explicit values instead of opaque strings:

receivers:
  otlp:
exporters:
  otlphttp:
    auth:
      authenticator: basicauth
    endpoint: ${OTLPHTTP_ENDPOINT}
processors:
  batch:
extensions:
  health_check:
  basicauth:
    client_auth:
      username: ${USERNAME}
      password: ${PASSWORD}
service:
  extensions: [health_check, basicauth]
  pipelines:
    traces:
      receivers: [otlp]
      processors: []
      exporters: [otlphttp]

I thought this was a straight forward change so I added the implementation in #1923 which is ready to bring in. The extension itself is very lean and doesnt add a lot of overhead in the binary or the startup.

jonbretman commented 1 year ago

Would also love to see this land 🙌 Interestingly came across this issue while trying to set up Tempo and following Grafana's docs.

eriweb commented 1 year ago

Plus one from here as well, also we'd like to see oauth2client extension to allow more sophisticated 3rd parties

github-actions[bot] commented 1 year ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.

github-actions[bot] commented 1 year ago

This issue was closed because it has been marked as stale for 30 days with no activity.

cedricziel commented 1 year ago

Bump?

johnjunjiezhao commented 1 year ago

Updates on it? I really want this extension!

mhausenblas commented 1 year ago

Thanks for reaching out @johnjunjiezhao and could you share your use case please?

johnjunjiezhao commented 1 year ago

Hi @mhausenblas , I want the adot sidecar on my ecs cluster also sends traces to grafana cloud. According their guide, I need this extension. https://grafana.com/docs/opentelemetry/collector/send-otlp-to-grafana-cloud-databases/ I think it will be convenient if adot can have it. Thanks!

wjoel commented 1 year ago

@johnjunjiezhao if you can use Grafana's OTLP gateway (currently only available in some regions) it's possible to send data to Grafana Cloud with a config similar to this:

exporters:
  otlphttp:
    endpoint: "https://otlp-gateway-prod-eu-west-2.grafana.net/otlp"
    headers: {"Authorization": "Basic the-base64-encoded-value"}

service:
  pipelines:
    traces:
      receivers: [otlp]
      processors: [batch/traces]
      exporters: [otlphttp]
    metrics:
      receivers: [otlp]
      processors: [batch/metrics]
      exporters: [otlphttp]
    logs:
      receivers: [otlp]
      processors: [batch/logs]
      exporters: [otlphttp]

where the-base64-encoded-value is the output from echo -n $GRAFANA_INSTANCE_ID:$TOKEN | base64 -w 0.

I suspect it's possible to set the basic auth header manually like this also for https://grafana.com/docs/opentelemetry/collector/send-otlp-to-grafana-cloud-databases/, but I haven't tried it, as I'm able to use Grafana's OTLP gateway.

Still, +1 for requesting the extension, it would make using basic auth easier and clearer.

johnjunjiezhao commented 1 year ago

Thanks @wjoel , I am using it. And I do think this extension is useful to make auth cleaner

github-actions[bot] commented 11 months ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.

cedricziel commented 11 months ago

Keep open

github-actions[bot] commented 9 months ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.

luxaritas commented 9 months ago

Keep open

akhileshreddy98 commented 8 months ago

I want to configure auth using this extension b/w Auto instrumentation resource and an Otel collector. Can someone please help me out?

github-actions[bot] commented 6 months ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.

luxaritas commented 6 months ago

Not stale

github-actions[bot] commented 4 months ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.

NinjaPerson24119 commented 4 months ago

Not stale

github-actions[bot] commented 1 month ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days.

cedricziel commented 1 month ago

Not stale.

@mhausenblas any Feedback for us here?