mirror of
https://github.com/prometheus-community/elasticsearch_exporter.git
synced 2026-02-06 10:58:13 +00:00
ca4c3133e5
* Add multi-target support Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Update example-prometheus.yml Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Make `es.uri` optional by setting default to empty string check if it's empty and if so, don't parse it Signed-off-by: pincher95 <yuri.tsuprun@logz.io> Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Update README.md Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add sanity target scheme validation Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Change yaml package to go.yaml.in/yaml/v3 Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Update yaml package to go.yaml.in/yaml/v3 Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Update CHANGELOG.md Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Remove whitespaces from README.md Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add testing for apikey authentication module Update examples/auth_modules.yml Fix main.go to apply userpass credentials only if the module type is explicitly set to userpass. Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add Load-time validation for the auth module config file during startup Keep light-weight validation for the probe params during runtime Add AWS SigV4 authentication module support Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Expose error in the logger Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add TLS config per target support Add TLS config validation Update config test to include TLS config Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Indices and Shards collectors now fetch cluster_name once from GET / when no clusterinfo retriever is attached, avoiding the previous "unknown_cluster" label. Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Removed the special-case logic that redirected /metrics?target= requests to /probe. Updated auth_modules.yml to include AWS SigV4 signing and mTLS support. Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add license headers to all new files Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Fixes for relative paths in multi-target mode Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Bump github.com/prometheus/client_golang from 1.22.0 to 1.23.0 (#1065) Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.22.0 to 1.23.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.22.0...v1.23.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-version: 1.23.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add target schema validation, http/https only Add tls auth type support in multi-target mode Update README.md, examples/auth_modules.yml, tests Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Cleanup Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Fix tls auth type validation Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Remove aws.region validation Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add temp file cleanup in config_test.go Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add copyright header to config_test.go Signed-off-by: pincher95 <yuri.tsuprun@logz.io> * Add version metric to the per-probe registry Update roundtripper.go to use region from config or environment resolver if not provided in config file (AWS_REGION) Update probe.go to accept module even if region omitted; environment resolver can provide it Update config.go to use region as optional field Update main.go to use region from config or environment resolver if not provided in config file (AWS_REGION) and update roundtripper.go to use region from config or environment resolver if not provided in config file (AWS_REGION) Signed-off-by: pincher95 <yuri.tsuprun@logz.io> --------- Signed-off-by: pincher95 <yuri.tsuprun@logz.io> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Yuri Tsuprun <51751791+pincher95@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
127 lines
3.9 KiB
Go
127 lines
3.9 KiB
Go
// Copyright The Prometheus Authors
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package main
|
|
|
|
import (
|
|
"net/url"
|
|
"testing"
|
|
|
|
"github.com/prometheus-community/elasticsearch_exporter/config"
|
|
)
|
|
|
|
func TestValidateProbeParams(t *testing.T) {
|
|
cfg := &config.Config{AuthModules: map[string]config.AuthModule{}}
|
|
// missing target
|
|
_, _, err := validateProbeParams(cfg, url.Values{})
|
|
if err != errMissingTarget {
|
|
t.Fatalf("expected missing target error, got %v", err)
|
|
}
|
|
|
|
// invalid target
|
|
vals := url.Values{}
|
|
vals.Set("target", "http://[::1")
|
|
_, _, err = validateProbeParams(cfg, vals)
|
|
if err == nil {
|
|
t.Fatalf("expected invalid target error")
|
|
}
|
|
|
|
// invalid scheme
|
|
vals = url.Values{}
|
|
vals.Set("target", "ftp://example.com")
|
|
_, _, err = validateProbeParams(cfg, vals)
|
|
if err == nil {
|
|
t.Fatalf("expected invalid target error for unsupported scheme")
|
|
}
|
|
|
|
// unknown module
|
|
vals = url.Values{}
|
|
vals.Set("target", "http://localhost:9200")
|
|
vals.Set("auth_module", "foo")
|
|
_, _, err = validateProbeParams(cfg, vals)
|
|
if err != errModuleNotFound {
|
|
t.Fatalf("expected module not found error, got %v", err)
|
|
}
|
|
|
|
// good path (userpass)
|
|
cfg.AuthModules["foo"] = config.AuthModule{Type: "userpass", UserPass: &config.UserPassConfig{Username: "u", Password: "p"}}
|
|
vals = url.Values{}
|
|
vals.Set("target", "http://localhost:9200")
|
|
vals.Set("auth_module", "foo")
|
|
tgt, am, err := validateProbeParams(cfg, vals)
|
|
if err != nil || am == nil || tgt == "" {
|
|
t.Fatalf("expected success, got err=%v", err)
|
|
}
|
|
|
|
// good path (apikey) with both userpass and apikey set - apikey should be accepted
|
|
cfg.AuthModules["api"] = config.AuthModule{
|
|
Type: "apikey",
|
|
APIKey: "mysecret",
|
|
UserPass: &config.UserPassConfig{Username: "u", Password: "p"},
|
|
}
|
|
vals = url.Values{}
|
|
vals.Set("target", "http://localhost:9200")
|
|
vals.Set("auth_module", "api")
|
|
_, am, err = validateProbeParams(cfg, vals)
|
|
if err != nil {
|
|
t.Fatalf("expected success for apikey module, got err=%v", err)
|
|
}
|
|
if am == nil || am.Type != "apikey" {
|
|
t.Fatalf("expected apikey module, got %+v", am)
|
|
}
|
|
if am.APIKey != "mysecret" {
|
|
t.Fatalf("unexpected apikey value: %s", am.APIKey)
|
|
}
|
|
|
|
// good path (aws)
|
|
cfg.AuthModules["awsmod"] = config.AuthModule{
|
|
Type: "aws",
|
|
AWS: &config.AWSConfig{
|
|
Region: "us-east-1",
|
|
RoleARN: "arn:aws:iam::123456789012:role/metrics",
|
|
},
|
|
}
|
|
vals = url.Values{}
|
|
vals.Set("target", "http://localhost:9200")
|
|
vals.Set("auth_module", "awsmod")
|
|
_, am, err = validateProbeParams(cfg, vals)
|
|
if err != nil {
|
|
t.Fatalf("expected success for aws module, got err=%v", err)
|
|
}
|
|
if am == nil || am.Type != "aws" {
|
|
t.Fatalf("expected aws module, got %+v", am)
|
|
}
|
|
if am.AWS == nil || am.AWS.Region != "us-east-1" {
|
|
t.Fatalf("unexpected aws config: %+v", am.AWS)
|
|
}
|
|
|
|
// invalid path (aws with empty region - rejected at config load; simulate here by passing nil cfg lookup)
|
|
// No additional test needed as config.LoadConfig enforces region.
|
|
|
|
// good path (tls)
|
|
cfg.AuthModules["mtls"] = config.AuthModule{
|
|
Type: "tls",
|
|
TLS: &config.TLSConfig{CAFile: "/dev/null", CertFile: "/dev/null", KeyFile: "/dev/null"},
|
|
}
|
|
vals = url.Values{}
|
|
vals.Set("target", "http://localhost:9200")
|
|
vals.Set("auth_module", "mtls")
|
|
_, am, err = validateProbeParams(cfg, vals)
|
|
if err != nil {
|
|
t.Fatalf("expected success for tls module, got err=%v", err)
|
|
}
|
|
if am == nil || am.Type != "tls" {
|
|
t.Fatalf("expected tls module, got %+v", am)
|
|
}
|
|
}
|