mirror of
https://github.com/prometheus-community/elasticsearch_exporter.git
synced 2026-02-06 10:58:13 +00:00
ca4c3133e5
* Add multi-target support Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Update example-prometheus.yml Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Make `es.uri` optional by setting default to empty string check if it's empty and if so, don't parse it Signed-off-by: pincher95 <yuri.tsuprun@logz.io> Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Update README.md Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add sanity target scheme validation Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Change yaml package to go.yaml.in/yaml/v3 Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Update yaml package to go.yaml.in/yaml/v3 Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Update CHANGELOG.md Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Remove whitespaces from README.md Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add testing for apikey authentication module Update examples/auth_modules.yml Fix main.go to apply userpass credentials only if the module type is explicitly set to userpass. Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add Load-time validation for the auth module config file during startup Keep light-weight validation for the probe params during runtime Add AWS SigV4 authentication module support Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Expose error in the logger Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add TLS config per target support Add TLS config validation Update config test to include TLS config Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Indices and Shards collectors now fetch cluster_name once from GET / when no clusterinfo retriever is attached, avoiding the previous "unknown_cluster" label. Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Removed the special-case logic that redirected /metrics?target= requests to /probe. Updated auth_modules.yml to include AWS SigV4 signing and mTLS support. Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add license headers to all new files Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Fixes for relative paths in multi-target mode Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Bump github.com/prometheus/client_golang from 1.22.0 to 1.23.0 (#1065) Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.22.0 to 1.23.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.22.0...v1.23.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-version: 1.23.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add target schema validation, http/https only Add tls auth type support in multi-target mode Update README.md, examples/auth_modules.yml, tests Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Cleanup Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Fix tls auth type validation Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Remove aws.region validation Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add temp file cleanup in config_test.go Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add copyright header to config_test.go Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add version metric to the per-probe registry Update roundtripper.go to use region from config or environment resolver if not provided in config file (AWS_REGION) Update probe.go to accept module even if region omitted; environment resolver can provide it Update config.go to use region as optional field Update main.go to use region from config or environment resolver if not provided in config file (AWS_REGION) and update roundtripper.go to use region from config or environment resolver if not provided in config file (AWS_REGION) Signed-off-by: pincher95 <yuri.tsuprun@logz.io> --------- Signed-off-by: pincher95 <yuri.tsuprun@logz.io> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Yuri Tsuprun <51751791+pincher95@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
79 lines
2.3 KiB
Go
79 lines
2.3 KiB
Go
// Copyright The Prometheus Authors
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package main
|
|
|
|
import (
|
|
"errors"
|
|
"net/url"
|
|
"strings"
|
|
|
|
"github.com/prometheus-community/elasticsearch_exporter/config"
|
|
)
|
|
|
|
var (
|
|
errMissingTarget = errors.New("missing target parameter")
|
|
errInvalidTarget = errors.New("invalid target parameter")
|
|
errModuleNotFound = errors.New("auth_module not found")
|
|
errUnsupportedModule = errors.New("unsupported auth_module type")
|
|
)
|
|
|
|
// validateProbeParams performs upfront validation of the query parameters.
|
|
// It returns the target string (as given), the resolved AuthModule (optional), or an error.
|
|
func validateProbeParams(cfg *config.Config, q url.Values) (string, *config.AuthModule, error) {
|
|
target := q.Get("target")
|
|
if target == "" {
|
|
return "", nil, errMissingTarget
|
|
}
|
|
|
|
// If the target does not contain an URL scheme, default to http.
|
|
// This allows users to pass "host:port" without the "http://" prefix.
|
|
if !strings.Contains(target, "://") {
|
|
target = "http://" + target
|
|
}
|
|
|
|
u, err := url.Parse(target)
|
|
if err != nil {
|
|
return "", nil, errInvalidTarget
|
|
}
|
|
if u.Scheme != "http" && u.Scheme != "https" {
|
|
return "", nil, errInvalidTarget
|
|
}
|
|
|
|
modu := q.Get("auth_module")
|
|
if modu == "" {
|
|
return target, nil, nil // no auth module requested
|
|
}
|
|
if cfg == nil {
|
|
return "", nil, errModuleNotFound
|
|
}
|
|
am, ok := cfg.AuthModules[modu]
|
|
if !ok {
|
|
return "", nil, errModuleNotFound
|
|
}
|
|
switch strings.ToLower(am.Type) {
|
|
case "userpass":
|
|
return target, &am, nil
|
|
case "apikey":
|
|
return target, &am, nil
|
|
case "aws":
|
|
// Accept module even if region omitted; environment resolver can provide it.
|
|
return target, &am, nil
|
|
case "tls":
|
|
// TLS auth type is valid; detailed TLS validation is performed during config load.
|
|
return target, &am, nil
|
|
default:
|
|
return "", nil, errUnsupportedModule
|
|
}
|
|
}
|