From 6cfe25c03dcafe3f57a366bea3d5b9bb544166cd Mon Sep 17 00:00:00 2001 From: Constance Caramanolis <19931185+ccaraman@users.noreply.github.com> Date: Tue, 2 Jun 2020 13:04:27 -0700 Subject: [PATCH] Refactor SecureReceiverSettings to use TLSSetting (#1015) * Refactor SecureReceiverSettings to use TLSSetting * Address test code coverage failure * Update file to use new license format * Address few small comments --- config/configgrpc/configgrpc.go | 2 +- config/configtls/configtls.go | 11 ++- config/configtls/configtls_test.go | 10 +- receiver/empty.go | 22 +++++ receiver/jaegerreceiver/config.go | 17 +++- receiver/jaegerreceiver/config_test.go | 12 +-- receiver/jaegerreceiver/factory.go | 9 +- receiver/jaegerreceiver/factory_test.go | 25 +++-- .../jaegerreceiver/trace_receiver_test.go | 7 +- receiver/opencensusreceiver/config.go | 40 ++++---- receiver/opencensusreceiver/config_test.go | 93 ++++++++++--------- receiver/opencensusreceiver/factory.go | 12 +-- receiver/opencensusreceiver/factory_test.go | 45 ++++----- receiver/otlpreceiver/config.go | 39 ++++---- receiver/otlpreceiver/config_test.go | 92 +++++++++--------- receiver/otlpreceiver/factory.go | 11 +-- receiver/otlpreceiver/factory_test.go | 45 ++++----- receiver/securereceiverconfig.go | 53 ----------- receiver/securereceiverconfig_test.go | 68 -------------- 19 files changed, 250 insertions(+), 363 deletions(-) create mode 100644 receiver/empty.go delete mode 100644 receiver/securereceiverconfig.go delete mode 100644 receiver/securereceiverconfig_test.go diff --git a/config/configgrpc/configgrpc.go b/config/configgrpc/configgrpc.go index d2d599fe066..91588383997 100644 --- a/config/configgrpc/configgrpc.go +++ b/config/configgrpc/configgrpc.go @@ -79,7 +79,7 @@ func GrpcSettingsToDialOptions(settings GRPCClientSettings) ([]grpc.DialOption, } } - tlsDialOption, err := settings.TLSSetting.LoadGRPCTLSCredentials() + tlsDialOption, err := settings.TLSSetting.LoadgRPCTLSClientCredentials() if err != nil { return nil, err } diff --git a/config/configtls/configtls.go b/config/configtls/configtls.go index 966ba3e2d81..0ec1fca2676 100644 --- a/config/configtls/configtls.go +++ b/config/configtls/configtls.go @@ -109,7 +109,7 @@ func (c TLSSetting) loadCert(caPath string) (*x509.CertPool, error) { return certPool, nil } -func (c TLSClientSetting) LoadGRPCTLSCredentials() (grpc.DialOption, error) { +func (c TLSClientSetting) LoadgRPCTLSClientCredentials() (grpc.DialOption, error) { if c.Insecure && c.CAFile == "" { return grpc.WithInsecure(), nil } @@ -122,3 +122,12 @@ func (c TLSClientSetting) LoadGRPCTLSCredentials() (grpc.DialOption, error) { creds := credentials.NewTLS(tlsConf) return grpc.WithTransportCredentials(creds), nil } + +func (c TLSSetting) LoadgRPCTLSServerCredentials() (grpc.ServerOption, error) { + tlsConf, err := c.LoadTLSConfig() + if err != nil { + return nil, fmt.Errorf("failed to load TLS config: %w", err) + } + creds := credentials.NewTLS(tlsConf) + return grpc.Creds(creds), nil +} diff --git a/config/configtls/configtls_test.go b/config/configtls/configtls_test.go index 49f252fd642..9485087bcbc 100644 --- a/config/configtls/configtls_test.go +++ b/config/configtls/configtls_test.go @@ -25,7 +25,6 @@ func TestOptionsToConfig(t *testing.T) { tests := []struct { name string options TLSSetting - fakeSysPool bool expectError string }{ { @@ -123,3 +122,12 @@ func TestOptionsToConfig(t *testing.T) { }) } } + +func TestTLSSetting_LoadgRPCTLSServerCredentialsError(t *testing.T) { + tlsSetting := TLSSetting{ + CertFile: "doesnt/exist", + KeyFile: "doesnt/exist", + } + _, err := tlsSetting.LoadgRPCTLSServerCredentials() + assert.Error(t, err) +} diff --git a/receiver/empty.go b/receiver/empty.go new file mode 100644 index 00000000000..c88d92b8696 --- /dev/null +++ b/receiver/empty.go @@ -0,0 +1,22 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Package receiver contains implementations of Receiver components. +// +// To implement a custom receiver you will need to implement component.ReceiverFactory +// interface and component.Receiver interface. +// +// To make the custom receiver part of the Collector build the factory must be added +// to defaultcomponents.Components() function. +package receiver diff --git a/receiver/jaegerreceiver/config.go b/receiver/jaegerreceiver/config.go index 7b51a712c62..d5bafc3bd88 100644 --- a/receiver/jaegerreceiver/config.go +++ b/receiver/jaegerreceiver/config.go @@ -17,7 +17,7 @@ package jaegerreceiver import ( "go.opentelemetry.io/collector/config/configgrpc" "go.opentelemetry.io/collector/config/configmodels" - "go.opentelemetry.io/collector/receiver" + "go.opentelemetry.io/collector/config/configtls" ) // The config field name to load the protocol map from @@ -30,12 +30,19 @@ type RemoteSamplingConfig struct { configgrpc.GRPCClientSettings `mapstructure:",squash"` } +type SecureSetting struct { + configmodels.ReceiverSettings `mapstructure:",squash"` // squash ensures fields are correctly decoded in embedded struct + // Configures the receiver to use TLS. + // The default value is nil, which will cause the receiver to not use TLS. + TLSCredentials *configtls.TLSSetting `mapstructure:"tls_credentials, omitempty"` +} + // Config defines configuration for Jaeger receiver. type Config struct { - TypeVal configmodels.Type `mapstructure:"-"` - NameVal string `mapstructure:"-"` - Protocols map[string]*receiver.SecureReceiverSettings `mapstructure:"protocols"` - RemoteSampling *RemoteSamplingConfig `mapstructure:"remote_sampling"` + TypeVal configmodels.Type `mapstructure:"-"` + NameVal string `mapstructure:"-"` + Protocols map[string]*SecureSetting `mapstructure:"protocols"` + RemoteSampling *RemoteSamplingConfig `mapstructure:"remote_sampling"` } // Name gets the receiver name. diff --git a/receiver/jaegerreceiver/config_test.go b/receiver/jaegerreceiver/config_test.go index 3c3c4ec7ee8..d633e29bdf2 100644 --- a/receiver/jaegerreceiver/config_test.go +++ b/receiver/jaegerreceiver/config_test.go @@ -24,7 +24,7 @@ import ( "go.opentelemetry.io/collector/config" "go.opentelemetry.io/collector/config/configgrpc" "go.opentelemetry.io/collector/config/configmodels" - "go.opentelemetry.io/collector/receiver" + "go.opentelemetry.io/collector/config/configtls" ) func TestLoadConfig(t *testing.T) { @@ -45,7 +45,7 @@ func TestLoadConfig(t *testing.T) { &Config{ TypeVal: typeStr, NameVal: "jaeger/customname", - Protocols: map[string]*receiver.SecureReceiverSettings{ + Protocols: map[string]*SecureSetting{ "grpc": { ReceiverSettings: configmodels.ReceiverSettings{ Endpoint: "localhost:9876", @@ -81,7 +81,7 @@ func TestLoadConfig(t *testing.T) { &Config{ TypeVal: typeStr, NameVal: "jaeger/defaults", - Protocols: map[string]*receiver.SecureReceiverSettings{ + Protocols: map[string]*SecureSetting{ "grpc": { ReceiverSettings: configmodels.ReceiverSettings{ Endpoint: defaultGRPCBindEndpoint, @@ -110,7 +110,7 @@ func TestLoadConfig(t *testing.T) { &Config{ TypeVal: typeStr, NameVal: "jaeger/mixed", - Protocols: map[string]*receiver.SecureReceiverSettings{ + Protocols: map[string]*SecureSetting{ "grpc": { ReceiverSettings: configmodels.ReceiverSettings{ Endpoint: "localhost:9876", @@ -130,12 +130,12 @@ func TestLoadConfig(t *testing.T) { &Config{ TypeVal: typeStr, NameVal: "jaeger/tls", - Protocols: map[string]*receiver.SecureReceiverSettings{ + Protocols: map[string]*SecureSetting{ "grpc": { ReceiverSettings: configmodels.ReceiverSettings{ Endpoint: "localhost:9876", }, - TLSCredentials: &receiver.TLSCredentials{ + TLSCredentials: &configtls.TLSSetting{ CertFile: "/test.crt", KeyFile: "/test.key", }, diff --git a/receiver/jaegerreceiver/factory.go b/receiver/jaegerreceiver/factory.go index 497a33a9150..92004d2513f 100644 --- a/receiver/jaegerreceiver/factory.go +++ b/receiver/jaegerreceiver/factory.go @@ -30,7 +30,6 @@ import ( "go.opentelemetry.io/collector/config/configerror" "go.opentelemetry.io/collector/config/configmodels" "go.opentelemetry.io/collector/consumer" - "go.opentelemetry.io/collector/receiver" ) const ( @@ -104,7 +103,7 @@ func (f *Factory) CreateDefaultConfig() configmodels.Receiver { return &Config{ TypeVal: typeStr, NameVal: typeStr, - Protocols: map[string]*receiver.SecureReceiverSettings{}, + Protocols: map[string]*SecureSetting{}, } } @@ -141,7 +140,7 @@ func (f *Factory) CreateTraceReceiver( } if protoGRPC.TLSCredentials != nil { - option, err := protoGRPC.TLSCredentials.ToGrpcServerOption() + option, err := protoGRPC.TLSCredentials.LoadgRPCTLSServerCredentials() if err != nil { return nil, fmt.Errorf("failed to configure TLS: %v", err) } @@ -248,7 +247,7 @@ func extractPortFromEndpoint(endpoint string) (int, error) { } // returns a default value for a protocol name. this really just boils down to the endpoint -func defaultsForProtocol(proto string) (*receiver.SecureReceiverSettings, error) { +func defaultsForProtocol(proto string) (*SecureSetting, error) { var defaultEndpoint string switch proto { @@ -264,7 +263,7 @@ func defaultsForProtocol(proto string) (*receiver.SecureReceiverSettings, error) return nil, fmt.Errorf("unknown Jaeger protocol %s", proto) } - return &receiver.SecureReceiverSettings{ + return &SecureSetting{ ReceiverSettings: configmodels.ReceiverSettings{ Endpoint: defaultEndpoint, }, diff --git a/receiver/jaegerreceiver/factory_test.go b/receiver/jaegerreceiver/factory_test.go index 11f7f9225ac..92882379f1d 100644 --- a/receiver/jaegerreceiver/factory_test.go +++ b/receiver/jaegerreceiver/factory_test.go @@ -28,7 +28,7 @@ import ( "go.opentelemetry.io/collector/config/configerror" "go.opentelemetry.io/collector/config/configgrpc" "go.opentelemetry.io/collector/config/configmodels" - "go.opentelemetry.io/collector/receiver" + "go.opentelemetry.io/collector/config/configtls" ) func TestTypeStr(t *testing.T) { @@ -80,16 +80,13 @@ func TestCreateTLSGPRCEndpoint(t *testing.T) { rCfg := cfg.(*Config) rCfg.Protocols[protoGRPC], _ = defaultsForProtocol(protoGRPC) - rCfg.Protocols[protoGRPC].TLSCredentials = &receiver.TLSCredentials{} - params := component.ReceiverCreateParams{Logger: zap.NewNop()} - _, err := factory.CreateTraceReceiver(context.Background(), params, cfg, nil) - assert.Error(t, err, "tls-enabled receiver creation with no credentials must fail") - - rCfg.Protocols[protoGRPC].TLSCredentials = &receiver.TLSCredentials{ + rCfg.Protocols[protoGRPC].TLSCredentials = &configtls.TLSSetting{ CertFile: "./testdata/certificate.pem", KeyFile: "./testdata/key.pem", } - _, err = factory.CreateTraceReceiver(context.Background(), params, cfg, nil) + params := component.ReceiverCreateParams{Logger: zap.NewNop()} + + _, err := factory.CreateTraceReceiver(context.Background(), params, cfg, nil) assert.NoError(t, err, "tls-enabled receiver creation failed") } @@ -172,7 +169,7 @@ func TestCreateNoPort(t *testing.T) { cfg := factory.CreateDefaultConfig() rCfg := cfg.(*Config) - rCfg.Protocols[protoThriftHTTP] = &receiver.SecureReceiverSettings{ + rCfg.Protocols[protoThriftHTTP] = &SecureSetting{ ReceiverSettings: configmodels.ReceiverSettings{ Endpoint: "localhost:", }, @@ -187,7 +184,7 @@ func TestCreateLargePort(t *testing.T) { cfg := factory.CreateDefaultConfig() rCfg := cfg.(*Config) - rCfg.Protocols[protoThriftHTTP] = &receiver.SecureReceiverSettings{ + rCfg.Protocols[protoThriftHTTP] = &SecureSetting{ ReceiverSettings: configmodels.ReceiverSettings{ Endpoint: "localhost:65536", }, @@ -202,7 +199,7 @@ func TestCreateInvalidHost(t *testing.T) { cfg := factory.CreateDefaultConfig() rCfg := cfg.(*Config) - rCfg.Protocols[protoGRPC] = &receiver.SecureReceiverSettings{ + rCfg.Protocols[protoGRPC] = &SecureSetting{ ReceiverSettings: configmodels.ReceiverSettings{ Endpoint: "1234", }, @@ -217,7 +214,7 @@ func TestCreateNoProtocols(t *testing.T) { cfg := factory.CreateDefaultConfig() rCfg := cfg.(*Config) - rCfg.Protocols = make(map[string]*receiver.SecureReceiverSettings) + rCfg.Protocols = make(map[string]*SecureSetting) params := component.ReceiverCreateParams{Logger: zap.NewNop()} _, err := factory.CreateTraceReceiver(context.Background(), params, cfg, nil) @@ -229,7 +226,7 @@ func TestThriftBinaryBadPort(t *testing.T) { cfg := factory.CreateDefaultConfig() rCfg := cfg.(*Config) - rCfg.Protocols[protoThriftBinary] = &receiver.SecureReceiverSettings{ + rCfg.Protocols[protoThriftBinary] = &SecureSetting{ ReceiverSettings: configmodels.ReceiverSettings{ Endpoint: "localhost:65536", }, @@ -245,7 +242,7 @@ func TestThriftCompactBadPort(t *testing.T) { cfg := factory.CreateDefaultConfig() rCfg := cfg.(*Config) - rCfg.Protocols[protoThriftCompact] = &receiver.SecureReceiverSettings{ + rCfg.Protocols[protoThriftCompact] = &SecureSetting{ ReceiverSettings: configmodels.ReceiverSettings{ Endpoint: "localhost:65536", }, diff --git a/receiver/jaegerreceiver/trace_receiver_test.go b/receiver/jaegerreceiver/trace_receiver_test.go index 76aa4f2c544..e928cd74766 100644 --- a/receiver/jaegerreceiver/trace_receiver_test.go +++ b/receiver/jaegerreceiver/trace_receiver_test.go @@ -50,7 +50,6 @@ import ( "go.opentelemetry.io/collector/consumer/pdata" "go.opentelemetry.io/collector/exporter/exportertest" otlptrace "go.opentelemetry.io/collector/internal/data/opentelemetry-proto-gen/trace/v1" - "go.opentelemetry.io/collector/receiver" "go.opentelemetry.io/collector/testutils" "go.opentelemetry.io/collector/translator/conventions" tracetranslator "go.opentelemetry.io/collector/translator/trace" @@ -254,12 +253,12 @@ func TestGRPCReception(t *testing.T) { func TestGRPCReceptionWithTLS(t *testing.T) { // prepare grpcServerOptions := []grpc.ServerOption{} - tlsCreds := receiver.TLSCredentials{ + tlsCreds := configtls.TLSSetting{ CertFile: path.Join(".", "testdata", "certificate.pem"), KeyFile: path.Join(".", "testdata", "key.pem"), } - tlsOption, _ := tlsCreds.ToGrpcServerOption() + tlsOption, _ := tlsCreds.LoadgRPCTLSServerCredentials() grpcServerOptions = append(grpcServerOptions, tlsOption) @@ -591,7 +590,7 @@ func TestSamplingStrategiesMutualTLS(t *testing.T) { // at least one protocol has to be enabled thriftHTTPPort, err := randomAvailablePort() require.NoError(t, err) - cfg.Protocols = map[string]*receiver.SecureReceiverSettings{ + cfg.Protocols = map[string]*SecureSetting{ "thrift_http": {ReceiverSettings: configmodels.ReceiverSettings{ Endpoint: fmt.Sprintf("localhost:%d", thriftHTTPPort), }}, diff --git a/receiver/opencensusreceiver/config.go b/receiver/opencensusreceiver/config.go index 9d97eb3ec25..2c69f5286a5 100644 --- a/receiver/opencensusreceiver/config.go +++ b/receiver/opencensusreceiver/config.go @@ -21,12 +21,17 @@ import ( "google.golang.org/grpc" "google.golang.org/grpc/keepalive" - "go.opentelemetry.io/collector/receiver" + "go.opentelemetry.io/collector/config/configmodels" + "go.opentelemetry.io/collector/config/configtls" ) // Config defines configuration for OpenCensus receiver. type Config struct { - receiver.SecureReceiverSettings `mapstructure:",squash"` // squash ensures fields are correctly decoded in embedded struct + configmodels.ReceiverSettings `mapstructure:",squash"` // squash ensures fields are correctly decoded in embedded struct + + // Configures the receiver to use TLS. + // The default value is nil, which will cause the receiver to not use TLS. + TLSCredentials *configtls.TLSSetting `mapstructure:"tls_credentials, omitempty"` // Transport to use: one of tcp or unix, defaults to tcp Transport string `mapstructure:"transport"` @@ -71,14 +76,16 @@ type keepaliveEnforcementPolicy struct { PermitWithoutStream bool `mapstructure:"permit_without_stream,omitempty"` } -func (rOpts *Config) buildOptions() (opts []Option, err error) { - tlsCredsOption, hasTLSCreds, err := ToOpenCensusReceiverServerOption(rOpts.TLSCredentials) - if err != nil { - return opts, fmt.Errorf("error initializing OpenCensus receiver %q TLS Credentials: %v", rOpts.NameVal, err) - } - if hasTLSCreds { - opts = append(opts, tlsCredsOption) +func (rOpts *Config) buildOptions() ([]Option, error) { + var opts []Option + if rOpts.TLSCredentials != nil { + tlsCredsOptions, err := rOpts.TLSCredentials.LoadgRPCTLSServerCredentials() + if err != nil { + return nil, fmt.Errorf("error initializing OpenCensus receiver %q TLS Credentials: %v", rOpts.NameVal, err) + } + opts = append(opts, WithGRPCServerOptions(tlsCredsOptions)) } + if len(rOpts.CorsOrigins) > 0 { opts = append(opts, WithCorsOrigins(rOpts.CorsOrigins)) } @@ -88,7 +95,7 @@ func (rOpts *Config) buildOptions() (opts []Option, err error) { opts = append(opts, WithGRPCServerOptions(grpcServerOptions...)) } - return opts, err + return opts, nil } func (rOpts *Config) grpcServerOptions() []grpc.ServerOption { @@ -129,16 +136,3 @@ func (rOpts *Config) grpcServerOptions() []grpc.ServerOption { return grpcServerOptions } - -// ToOpenCensusReceiverServerOption checks if the TLS credentials -// in the form of a certificate file and a key file. If they aren't, -// it will return opencensusreceiver.WithNoopOption() and a nil error. -// Otherwise, it will try to retrieve gRPC transport credentials from the file combinations, -// and create a option, along with any errors encountered while retrieving the credentials. -func ToOpenCensusReceiverServerOption(tlsCreds *receiver.TLSCredentials) (opt Option, ok bool, err error) { - gRPCCredsOpt, err := tlsCreds.ToGrpcServerOption() - if err != nil { - return nil, false, err - } - return WithGRPCServerOptions(gRPCCredsOpt), true, nil -} diff --git a/receiver/opencensusreceiver/config_test.go b/receiver/opencensusreceiver/config_test.go index ce17f7092a6..0b43cb738a0 100644 --- a/receiver/opencensusreceiver/config_test.go +++ b/receiver/opencensusreceiver/config_test.go @@ -24,7 +24,7 @@ import ( "go.opentelemetry.io/collector/config" "go.opentelemetry.io/collector/config/configmodels" - "go.opentelemetry.io/collector/receiver" + "go.opentelemetry.io/collector/config/configtls" ) func TestLoadConfig(t *testing.T) { @@ -46,12 +46,10 @@ func TestLoadConfig(t *testing.T) { r1 := cfg.Receivers["opencensus/customname"].(*Config) assert.Equal(t, r1, &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: "opencensus/customname", - Endpoint: "0.0.0.0:9090", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: "opencensus/customname", + Endpoint: "0.0.0.0:9090", }, Transport: "tcp", }) @@ -59,15 +57,13 @@ func TestLoadConfig(t *testing.T) { r2 := cfg.Receivers["opencensus/keepalive"].(*Config) assert.Equal(t, r2, &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: "opencensus/keepalive", - Endpoint: "localhost:55678", - }, - TLSCredentials: nil, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: "opencensus/keepalive", + Endpoint: "localhost:55678", }, - Transport: "tcp", + TLSCredentials: nil, + Transport: "tcp", Keepalive: &serverParametersAndEnforcementPolicy{ ServerParameters: &keepaliveServerParameters{ MaxConnectionIdle: 11 * time.Second, @@ -86,13 +82,12 @@ func TestLoadConfig(t *testing.T) { r3 := cfg.Receivers["opencensus/msg-size-conc-connect-max-idle"].(*Config) assert.Equal(t, r3, &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: "opencensus/msg-size-conc-connect-max-idle", - Endpoint: "localhost:55678", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: "opencensus/msg-size-conc-connect-max-idle", + Endpoint: "localhost:55678", }, + Transport: "tcp", MaxRecvMsgSizeMiB: 32, MaxConcurrentStreams: 16, @@ -108,16 +103,14 @@ func TestLoadConfig(t *testing.T) { r4 := cfg.Receivers["opencensus/tlscredentials"].(*Config) assert.Equal(t, r4, &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: "opencensus/tlscredentials", - Endpoint: "localhost:55678", - }, - TLSCredentials: &receiver.TLSCredentials{ - CertFile: "test.crt", - KeyFile: "test.key", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: "opencensus/tlscredentials", + Endpoint: "localhost:55678", + }, + TLSCredentials: &configtls.TLSSetting{ + CertFile: "test.crt", + KeyFile: "test.key", }, Transport: "tcp", }) @@ -125,12 +118,10 @@ func TestLoadConfig(t *testing.T) { r5 := cfg.Receivers["opencensus/cors"].(*Config) assert.Equal(t, r5, &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: "opencensus/cors", - Endpoint: "localhost:55678", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: "opencensus/cors", + Endpoint: "localhost:55678", }, Transport: "tcp", CorsOrigins: []string{"https://*.test.com", "https://test.com"}, @@ -139,13 +130,29 @@ func TestLoadConfig(t *testing.T) { r6 := cfg.Receivers["opencensus/uds"].(*Config) assert.Equal(t, r6, &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: "opencensus/uds", - Endpoint: "/tmp/opencensus.sock", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: "opencensus/uds", + Endpoint: "/tmp/opencensus.sock", }, Transport: "unix", }) } + +func TestBuildOptions_TLSCredentials(t *testing.T) { + cfg := Config{ + ReceiverSettings: configmodels.ReceiverSettings{ + NameVal: "IncorrectTLS", + }, + TLSCredentials: &configtls.TLSSetting{ + CertFile: "willfail", + }, + } + _, err := cfg.buildOptions() + assert.EqualError(t, err, `error initializing OpenCensus receiver "IncorrectTLS" TLS Credentials: failed to load TLS config: for auth via TLS, either both certificate and key must be supplied, or neither`) + + cfg.TLSCredentials = &configtls.TLSSetting{} + opt, err := cfg.buildOptions() + assert.NoError(t, err) + assert.NotNil(t, opt) +} diff --git a/receiver/opencensusreceiver/factory.go b/receiver/opencensusreceiver/factory.go index 34806c5171d..98c29f091d2 100644 --- a/receiver/opencensusreceiver/factory.go +++ b/receiver/opencensusreceiver/factory.go @@ -22,7 +22,6 @@ import ( "go.opentelemetry.io/collector/component" "go.opentelemetry.io/collector/config/configmodels" "go.opentelemetry.io/collector/consumer" - "go.opentelemetry.io/collector/receiver" ) const ( @@ -47,13 +46,10 @@ func (f *Factory) CustomUnmarshaler() component.CustomUnmarshaler { // CreateDefaultConfig creates the default configuration for receiver. func (f *Factory) CreateDefaultConfig() configmodels.Receiver { return &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: typeStr, - Endpoint: "localhost:55678", - // Disable: false - This receiver is enabled by default. - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: typeStr, + Endpoint: "localhost:55678", }, Transport: "tcp", } diff --git a/receiver/opencensusreceiver/factory_test.go b/receiver/opencensusreceiver/factory_test.go index 4d62e8e836e..3f91c7e81f3 100644 --- a/receiver/opencensusreceiver/factory_test.go +++ b/receiver/opencensusreceiver/factory_test.go @@ -27,7 +27,6 @@ import ( "go.opentelemetry.io/collector/config/configcheck" "go.opentelemetry.io/collector/config/configmodels" "go.opentelemetry.io/collector/exporter/exportertest" - "go.opentelemetry.io/collector/receiver" "go.opentelemetry.io/collector/testutils" ) @@ -70,22 +69,18 @@ func TestCreateTraceReceiver(t *testing.T) { { name: "default", cfg: &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: defaultReceiverSettings, - TLSCredentials: nil, - }, - Transport: "tcp", + ReceiverSettings: defaultReceiverSettings, + TLSCredentials: nil, + Transport: "tcp", }, }, { name: "invalid_port", cfg: &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: typeStr, - Endpoint: "localhost:112233", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: typeStr, + Endpoint: "localhost:112233", }, Transport: "tcp", }, @@ -94,9 +89,7 @@ func TestCreateTraceReceiver(t *testing.T) { { name: "max-msg-size-and-concurrent-connections", cfg: &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: defaultReceiverSettings, - }, + ReceiverSettings: defaultReceiverSettings, Transport: "tcp", MaxRecvMsgSizeMiB: 32, MaxConcurrentStreams: 16, @@ -138,21 +131,17 @@ func TestCreateMetricReceiver(t *testing.T) { { name: "default", cfg: &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: defaultReceiverSettings, - }, - Transport: "tcp", + ReceiverSettings: defaultReceiverSettings, + Transport: "tcp", }, }, { name: "invalid_address", cfg: &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: typeStr, - Endpoint: "327.0.0.1:1122", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: typeStr, + Endpoint: "327.0.0.1:1122", }, Transport: "tcp", }, @@ -161,10 +150,8 @@ func TestCreateMetricReceiver(t *testing.T) { { name: "keepalive", cfg: &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: defaultReceiverSettings, - }, - Transport: "tcp", + ReceiverSettings: defaultReceiverSettings, + Transport: "tcp", Keepalive: &serverParametersAndEnforcementPolicy{ ServerParameters: &keepaliveServerParameters{ MaxConnectionAge: 60 * time.Second, diff --git a/receiver/otlpreceiver/config.go b/receiver/otlpreceiver/config.go index 6acb6b80852..d8b7c035ef1 100644 --- a/receiver/otlpreceiver/config.go +++ b/receiver/otlpreceiver/config.go @@ -21,12 +21,17 @@ import ( "google.golang.org/grpc" "google.golang.org/grpc/keepalive" - "go.opentelemetry.io/collector/receiver" + "go.opentelemetry.io/collector/config/configmodels" + "go.opentelemetry.io/collector/config/configtls" ) // Config defines configuration for OTLP receiver. type Config struct { - receiver.SecureReceiverSettings `mapstructure:",squash"` // squash ensures fields are correctly decoded in embedded struct + configmodels.ReceiverSettings `mapstructure:",squash"` // squash ensures fields are correctly decoded in embedded struct + + // Configures the receiver to use TLS. + // The default value is nil, which will cause the receiver to not use TLS. + TLSCredentials *configtls.TLSSetting `mapstructure:"tls_credentials, omitempty"` // Transport to use: one of tcp or unix, defaults to tcp Transport string `mapstructure:"transport"` @@ -72,13 +77,14 @@ type keepaliveEnforcementPolicy struct { PermitWithoutStream bool `mapstructure:"permit_without_stream,omitempty"` } -func (rOpts *Config) buildOptions() (opts []Option, err error) { - tlsCredsOption, hasTLSCreds, err := ToOTLPReceiverServerOption(rOpts.TLSCredentials) - if err != nil { - return opts, fmt.Errorf("error initializing OTLP receiver %q TLS Credentials: %v", rOpts.NameVal, err) - } - if hasTLSCreds { - opts = append(opts, tlsCredsOption) +func (rOpts *Config) buildOptions() ([]Option, error) { + var opts []Option + if rOpts.TLSCredentials != nil { + tlsCredsOptions, err := rOpts.TLSCredentials.LoadgRPCTLSServerCredentials() + if err != nil { + return nil, fmt.Errorf("error initializing OTLP receiver %q TLS Credentials: %v", rOpts.NameVal, err) + } + opts = append(opts, WithGRPCServerOptions(tlsCredsOptions)) } if len(rOpts.CorsOrigins) > 0 { opts = append(opts, WithCorsOrigins(rOpts.CorsOrigins)) @@ -89,7 +95,7 @@ func (rOpts *Config) buildOptions() (opts []Option, err error) { opts = append(opts, WithGRPCServerOptions(grpcServerOptions...)) } - return opts, err + return opts, nil } func (rOpts *Config) grpcServerOptions() []grpc.ServerOption { @@ -130,16 +136,3 @@ func (rOpts *Config) grpcServerOptions() []grpc.ServerOption { return grpcServerOptions } - -// ToOTLPReceiverServerOption checks if the TLS credentials -// in the form of a certificate file and a key file. If they aren't, -// it will return otlpreceiver.WithNoopOption() and a nil error. -// Otherwise, it will try to retrieve gRPC transport credentials from the file combinations, -// and create a option, along with any errors encountered while retrieving the credentials. -func ToOTLPReceiverServerOption(tlsCreds *receiver.TLSCredentials) (opt Option, ok bool, err error) { - gRPCCredsOpt, err := tlsCreds.ToGrpcServerOption() - if err != nil { - return nil, false, err - } - return WithGRPCServerOptions(gRPCCredsOpt), true, nil -} diff --git a/receiver/otlpreceiver/config_test.go b/receiver/otlpreceiver/config_test.go index 62997f72b9d..d01787f3572 100644 --- a/receiver/otlpreceiver/config_test.go +++ b/receiver/otlpreceiver/config_test.go @@ -24,7 +24,7 @@ import ( "go.opentelemetry.io/collector/config" "go.opentelemetry.io/collector/config/configmodels" - "go.opentelemetry.io/collector/receiver" + "go.opentelemetry.io/collector/config/configtls" ) func TestLoadConfig(t *testing.T) { @@ -46,12 +46,10 @@ func TestLoadConfig(t *testing.T) { r1 := cfg.Receivers["otlp/customname"].(*Config) assert.Equal(t, r1, &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: "otlp/customname", - Endpoint: "0.0.0.0:9090", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: "otlp/customname", + Endpoint: "0.0.0.0:9090", }, Transport: "tcp", }) @@ -59,15 +57,13 @@ func TestLoadConfig(t *testing.T) { r2 := cfg.Receivers["otlp/keepalive"].(*Config) assert.Equal(t, r2, &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: "otlp/keepalive", - Endpoint: "localhost:55680", - }, - TLSCredentials: nil, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: "otlp/keepalive", + Endpoint: "localhost:55680", }, - Transport: "tcp", + TLSCredentials: nil, + Transport: "tcp", Keepalive: &serverParametersAndEnforcementPolicy{ ServerParameters: &keepaliveServerParameters{ MaxConnectionIdle: 11 * time.Second, @@ -86,12 +82,10 @@ func TestLoadConfig(t *testing.T) { r3 := cfg.Receivers["otlp/msg-size-conc-connect-max-idle"].(*Config) assert.Equal(t, r3, &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: "otlp/msg-size-conc-connect-max-idle", - Endpoint: "localhost:55680", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: "otlp/msg-size-conc-connect-max-idle", + Endpoint: "localhost:55680", }, Transport: "tcp", MaxRecvMsgSizeMiB: 32, @@ -108,16 +102,14 @@ func TestLoadConfig(t *testing.T) { r4 := cfg.Receivers["otlp/tlscredentials"].(*Config) assert.Equal(t, r4, &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: "otlp/tlscredentials", - Endpoint: "localhost:55680", - }, - TLSCredentials: &receiver.TLSCredentials{ - CertFile: "test.crt", - KeyFile: "test.key", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: "otlp/tlscredentials", + Endpoint: "localhost:55680", + }, + TLSCredentials: &configtls.TLSSetting{ + CertFile: "test.crt", + KeyFile: "test.key", }, Transport: "tcp", }) @@ -125,12 +117,10 @@ func TestLoadConfig(t *testing.T) { r5 := cfg.Receivers["otlp/cors"].(*Config) assert.Equal(t, r5, &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: "otlp/cors", - Endpoint: "localhost:55680", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: "otlp/cors", + Endpoint: "localhost:55680", }, Transport: "tcp", CorsOrigins: []string{"https://*.test.com", "https://test.com"}, @@ -139,13 +129,29 @@ func TestLoadConfig(t *testing.T) { r6 := cfg.Receivers["otlp/uds"].(*Config) assert.Equal(t, r6, &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: "otlp/uds", - Endpoint: "/tmp/otlp.sock", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: "otlp/uds", + Endpoint: "/tmp/otlp.sock", }, Transport: "unix", }) } + +func TestBuildOptions_TLSCredentials(t *testing.T) { + cfg := Config{ + ReceiverSettings: configmodels.ReceiverSettings{ + NameVal: "IncorrectTLS", + }, + TLSCredentials: &configtls.TLSSetting{ + CertFile: "willfail", + }, + } + _, err := cfg.buildOptions() + assert.EqualError(t, err, `error initializing OTLP receiver "IncorrectTLS" TLS Credentials: failed to load TLS config: for auth via TLS, either both certificate and key must be supplied, or neither`) + + cfg.TLSCredentials = &configtls.TLSSetting{} + opt, err := cfg.buildOptions() + assert.NoError(t, err) + assert.NotNil(t, opt) +} diff --git a/receiver/otlpreceiver/factory.go b/receiver/otlpreceiver/factory.go index 32db7101afa..10749c97827 100644 --- a/receiver/otlpreceiver/factory.go +++ b/receiver/otlpreceiver/factory.go @@ -20,7 +20,6 @@ import ( "go.opentelemetry.io/collector/component" "go.opentelemetry.io/collector/config/configmodels" "go.opentelemetry.io/collector/consumer" - "go.opentelemetry.io/collector/receiver" ) const ( @@ -45,12 +44,10 @@ func (f *Factory) CustomUnmarshaler() component.CustomUnmarshaler { // CreateDefaultConfig creates the default configuration for receiver. func (f *Factory) CreateDefaultConfig() configmodels.Receiver { return &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: typeStr, - Endpoint: "localhost:55680", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: typeStr, + Endpoint: "localhost:55680", }, Transport: "tcp", } diff --git a/receiver/otlpreceiver/factory_test.go b/receiver/otlpreceiver/factory_test.go index 4403ec938eb..3ea7355a863 100644 --- a/receiver/otlpreceiver/factory_test.go +++ b/receiver/otlpreceiver/factory_test.go @@ -28,7 +28,6 @@ import ( "go.opentelemetry.io/collector/config/configcheck" "go.opentelemetry.io/collector/config/configmodels" "go.opentelemetry.io/collector/exporter/exportertest" - "go.opentelemetry.io/collector/receiver" "go.opentelemetry.io/collector/testutils" ) @@ -72,22 +71,18 @@ func TestCreateTraceReceiver(t *testing.T) { { name: "default", cfg: &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: defaultReceiverSettings, - TLSCredentials: nil, - }, - Transport: "tcp", + ReceiverSettings: defaultReceiverSettings, + TLSCredentials: nil, + Transport: "tcp", }, }, { name: "invalid_port", cfg: &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: typeStr, - Endpoint: "localhost:112233", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: typeStr, + Endpoint: "localhost:112233", }, Transport: "tcp", }, @@ -96,9 +91,7 @@ func TestCreateTraceReceiver(t *testing.T) { { name: "max-msg-size-and-concurrent-connections", cfg: &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: defaultReceiverSettings, - }, + ReceiverSettings: defaultReceiverSettings, Transport: "tcp", MaxRecvMsgSizeMiB: 32, MaxConcurrentStreams: 16, @@ -139,21 +132,17 @@ func TestCreateMetricReceiver(t *testing.T) { { name: "default", cfg: &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: defaultReceiverSettings, - }, - Transport: "tcp", + ReceiverSettings: defaultReceiverSettings, + Transport: "tcp", }, }, { name: "invalid_address", cfg: &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: configmodels.ReceiverSettings{ - TypeVal: typeStr, - NameVal: typeStr, - Endpoint: "327.0.0.1:1122", - }, + ReceiverSettings: configmodels.ReceiverSettings{ + TypeVal: typeStr, + NameVal: typeStr, + Endpoint: "327.0.0.1:1122", }, Transport: "tcp", }, @@ -162,10 +151,8 @@ func TestCreateMetricReceiver(t *testing.T) { { name: "keepalive", cfg: &Config{ - SecureReceiverSettings: receiver.SecureReceiverSettings{ - ReceiverSettings: defaultReceiverSettings, - }, - Transport: "tcp", + ReceiverSettings: defaultReceiverSettings, + Transport: "tcp", Keepalive: &serverParametersAndEnforcementPolicy{ ServerParameters: &keepaliveServerParameters{ MaxConnectionAge: 60 * time.Second, diff --git a/receiver/securereceiverconfig.go b/receiver/securereceiverconfig.go deleted file mode 100644 index b7aab0135a5..00000000000 --- a/receiver/securereceiverconfig.go +++ /dev/null @@ -1,53 +0,0 @@ -// Copyright The OpenTelemetry Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package receiver - -import ( - "google.golang.org/grpc" - "google.golang.org/grpc/credentials" - - "go.opentelemetry.io/collector/config/configmodels" -) - -// SecureReceiverSettings defines common settings for receivers that use Transport Layer Security (TLS) -type SecureReceiverSettings struct { - configmodels.ReceiverSettings `mapstructure:",squash"` // squash ensures fields are correctly decoded in embedded struct - // Configures the receiver to use TLS. - // The default value is nil, which will cause the receiver to not use TLS. - TLSCredentials *TLSCredentials `mapstructure:"tls_credentials, omitempty"` -} - -// TLSCredentials contains path information for a certificate and key to be used for TLS -type TLSCredentials struct { - // CertFile is the file path containing the TLS certificate. - CertFile string `mapstructure:"cert_file"` - - // KeyFile is the file path containing the TLS key. - KeyFile string `mapstructure:"key_file"` -} - -// ToGrpcServerOption creates a gRPC ServerOption from TLSCredentials. If TLSCredentials is nil, returns empty option. -func (tlsCreds *TLSCredentials) ToGrpcServerOption() (opt grpc.ServerOption, err error) { - if tlsCreds == nil { - return grpc.EmptyServerOption{}, nil - } - - transportCreds, err := credentials.NewServerTLSFromFile(tlsCreds.CertFile, tlsCreds.KeyFile) - if err != nil { - return nil, err - } - gRPCCredsOpt := grpc.Creds(transportCreds) - return gRPCCredsOpt, nil -} diff --git a/receiver/securereceiverconfig_test.go b/receiver/securereceiverconfig_test.go deleted file mode 100644 index a60a94a42c4..00000000000 --- a/receiver/securereceiverconfig_test.go +++ /dev/null @@ -1,68 +0,0 @@ -// Copyright The OpenTelemetry Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package receiver - -import ( - "os" - "path" - "syscall" - "testing" - - "github.com/stretchr/testify/assert" -) - -func TestToGrpcServerOption(t *testing.T) { - type testCase struct { - in TLSCredentials - err error - } - - testCases := []testCase{ - { - in: TLSCredentials{ - CertFile: "/badpath", - KeyFile: "/badpath", - }, - err: &os.PathError{ - Op: "open", - Path: "/badpath", - Err: syscall.ENOENT, - }, - }, - { - in: TLSCredentials{ - CertFile: path.Join(".", "jaegerreceiver/testdata", "certificate.pem"), - KeyFile: "/badpath", - }, - err: &os.PathError{ - Op: "open", - Path: "/badpath", - Err: syscall.ENOENT, - }, - }, - { - in: TLSCredentials{ - CertFile: path.Join(".", "jaegerreceiver/testdata", "certificate.pem"), - KeyFile: path.Join(".", "jaegerreceiver/testdata", "key.pem"), - }, - err: nil, - }, - } - - for _, c := range testCases { - _, err := c.in.ToGrpcServerOption() - assert.Equal(t, c.err, err) - } -}