Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] Allow basic auth for non-cloud node types #308

Closed
irontoby opened this issue Jun 15, 2023 · 3 comments · Fixed by #313
Closed

[FEATURE] Allow basic auth for non-cloud node types #308

irontoby opened this issue Jun 15, 2023 · 3 comments · Fixed by #313
Labels
enhancement New feature or request

Comments

@irontoby
Copy link

ECS integration/library project(s) (e.g. Elastic.CommonSchema.Serilog): Elasticsearch.Extensions.Logging

Is your feature request related to a problem? Please describe.
Our self-hosted Elasticsearch instance requires HTTP basic auth. (Note, we are using the docker-compose setup from this project). However, the Username and Password config settings are only used for Cloud node types.

Describe the solution you'd like
Allow using Username/Password for single node pools also.

Describe alternatives you've considered
I was able to work around this by using e.g. https://username:password@example.com as the URL but it would be better if I could store the username/password separately and provide them via secure means (Azure KeyVault in our case).

Additional context
It looks like fixing this would also involve updating SingleNodePool from elastic-transport-net to have the same AuthenticationHeader as CloudNodePool so I wasn't sure if I should file an issue in both places. I didn't see any existing related issues in that repo either.
@irontoby irontoby added the enhancement New feature or request label Jun 15, 2023
@Mpdreamz
Copy link
Member

Through code you can always create your own transport (or reuse one from an ElasticsearchClient):

loggingBuilder.AddElasticsearch(CreateTransport(), loggerOpts =>
{
	//
}, channelOpts =>
{
	//
});
static HttpTransport CreateTransport()
{
	var pool = new SingleNodePool(new Uri("http://localhost:9200"));
	var config = new TransportConfiguration(pool)
		.Authentication(new BasicAuthentication("u", "p"));
	return new DefaultHttpTransport(config);

}

Through config however

  "Logging": {
    "Elasticsearch": {
      "Tags": [ "Development", "Example" ],
      "IndexOffset": "00:00",
      "IsEnabled": true,
      "IncludeScopes": true,
      "IncludeHost": true,
      "IncludeProcess": true,
      "IncludeUser": true,
      "ShipTo": {
        "NodePoolType": "SingleNode",
        "NodeUris": [ "http://localhost:9200" ],
		"Username": "u",
		"Password": "p"
      }
    },
    "LogLevel" : {
      "Default": "Trace",
      "Microsoft": "Warning"
    }
  }
}

Username/Password and ApiKey currently only will be applied when NodePoolType ==
Cloud.

I will create a PR to rectify this, thank you for bringing this to our attention @irontoby!

@irontoby
Copy link
Author

@Mpdreamz thanks for the update, I saw the option to add my own HttpTransport but once I started looking through the code I wasn't comfortable enough in creating my own instance and being sure I didn't miss anything. But I'll give your code a try!

@Mpdreamz
Copy link
Member

#313 should fix configuring authentication through config.

@Mpdreamz Mpdreamz linked a pull request Jun 23, 2023 that will close this issue
Ensure Elastic.Extensions.Logging can set auth through config #313
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Ensure Elastic.Extensions.Logging can set auth through config elastic/ecs-dotnet
2 participants
@Mpdreamz @irontoby