Support more configurable secret parameters

[dongx1x]

Hello @gebn, I got non-OK status: 0x04 when using this tool, looks it is authentication algorithm issue, how about add more configurable parameters to secrets.yml, like authentication/integrity algorithm? If it's ok, I can help submit PR for this.

Thanks.

[gebn]

Hi @dongx1x, this sounds like a great idea. One of the core tenets of the exporter is it should require only valid credentials for a given BMC in order to interact with it, as this makes it much easier to integrate into a heterogeneous environment. I'm definitely open to a PR that adds negotiation of cipher suites based on discovering capabilities. The best place is in the underlying BMC library.

[dongx1x]

Hi @gebn, thanks for your quick response, automatically discovering capabilities is a better idea, I noticed you open a issue here https://github.com/gebn/bmc/issues/50, like your mentioned Get Channel Cipher Suites by ipmitool ... channel getciphers ipmi, maybe we can implement a function in the BMC library like https://github.com/ipmitool/ipmitool/blob/master/src/plugins/lanplus/lanplus.c#L3366: get all supported cipher suite and select the prefer one (maybe 17), and fall back on suite 3.

[gebn]

It looks like 17 and 3 are by far the most widely supported, so agree those two alone are sufficient for the first iteration.

[gebn]

@dongx1x can you confirm you are no longer getting non-OK status: 0x04 when building from master? If so, I'll publish a release.

[dongx1x]

I verified master in my environment (only support cipher suite 17), it worked well.

[gebn]

Included in v1.2.13.