Add support for TLS

r0mdau · Nov 20, 2023 · efeedd1 · efeedd1
1 parent dee1d6a
commit efeedd1
Show file tree

Hide file tree

Showing 8 changed files with 55 additions and 4 deletions.
diff --git a/config.go b/config.go
@@ -9,15 +9,34 @@ import (
 	"time"
 
 	"go.opentelemetry.io/collector/component"
+	"go.opentelemetry.io/collector/config/configtls"
 	"go.opentelemetry.io/collector/exporter/exporterhelper"
 )
 
+// TLSClientSetting contains TLS configurations that are specific to client
+// connections in addition to the common configurations. This should be used by
+// components configuring TLS client connections.
+type TLSClientSetting struct {
+	// Enabled defines if TLS is enabled or not.
+	Enabled bool `mapstructure:"enabled"`
+	// squash ensures fields are correctly decoded in embedded struct.
+	configtls.TLSSetting `mapstructure:",squash"`
+
+	// These are config options specific to client connections.
+
+	// InsecureSkipVerify will enable TLS but not verify the certificate.
+	InsecureSkipVerify bool `mapstructure:"insecure_skip_verify"`
+}
+
 type TCPClientSettings struct {
 	// The target endpoint URI to send data to (e.g.: some.url:24224).
 	Endpoint string `mapstructure:"endpoint"`
 
 	// Connection Timeout parameter configures `net.Dialer`.
 	ConnectionTimeout time.Duration `mapstructure:"connection_timeout"`
+
+	// TLSSetting struct exposes TLS client configuration.
+	TLSSetting TLSClientSetting `mapstructure:"tls"`
 }
 
 // Config defines configuration for fluentforward exporter.

diff --git a/config_test.go b/config_test.go
@@ -35,6 +35,10 @@ func TestLoadConfigNewExporter(t *testing.T) {
 				TCPClientSettings: TCPClientSettings{
 					Endpoint:          validEndpoint,
 					ConnectionTimeout: time.Second * 30,
+					TLSSetting: TLSClientSetting{
+						Enabled:            true,
+						InsecureSkipVerify: true,
+					},
 				},
 				RequireAck:   true,
 				Tag:          "nginx",

diff --git a/exporter.go b/exporter.go
@@ -5,6 +5,7 @@ package fluentforwardexporter // import "github.com/r0mdau/fluentforwardexporter
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"sync"
 
@@ -32,11 +33,18 @@ func newExporter(config *Config, settings component.TelemetrySettings) *fluentfo
 }
 
 func (f *fluentforwardExporter) start(_ context.Context, host component.Host) error {
+	connFactory := &fclient.ConnFactory{
+		Address: f.config.Endpoint,
+		Timeout: f.config.ConnectionTimeout,
+	}
+	if f.config.TLSSetting.Enabled {
+		connFactory.TLSConfig = &tls.Config{
+			InsecureSkipVerify: f.config.TLSSetting.InsecureSkipVerify,
+		}
+	}
+
 	client := fclient.New(fclient.ConnectionOptions{
-		Factory: &fclient.ConnFactory{
-			Address: f.config.Endpoint,
-			Timeout: f.config.ConnectionTimeout,
-		},
+		Factory:    connFactory,
 		RequireAck: f.config.RequireAck,
 	})
 

diff --git a/factory.go b/factory.go
@@ -31,6 +31,10 @@ func createDefaultConfig() component.Config {
 		TCPClientSettings: TCPClientSettings{
 			Endpoint:          "localhost:24224",
 			ConnectionTimeout: time.Second * 30,
+			TLSSetting: TLSClientSetting{
+				Enabled:            false,
+				InsecureSkipVerify: false,
+			},
 		},
 		RequireAck:   false,
 		Tag:          "tag",

diff --git a/factory_test.go b/factory_test.go
@@ -43,6 +43,10 @@ func TestNewExporterFullConfig(t *testing.T) {
 			TCPClientSettings: TCPClientSettings{
 				Endpoint:          validEndpoint,
 				ConnectionTimeout: time.Second * 30,
+				TLSSetting: TLSClientSetting{
+					Enabled:            true,
+					InsecureSkipVerify: false,
+				},
 			},
 			RequireAck:   true,
 			Tag:          "tag",

diff --git a/go.mod b/go.mod
@@ -7,6 +7,7 @@ require (
 	github.com/cenkalti/backoff/v4 v4.2.1
 	github.com/stretchr/testify v1.8.4
 	go.opentelemetry.io/collector/component v0.89.0
+	go.opentelemetry.io/collector/config/configtls v0.89.0
 	go.opentelemetry.io/collector/confmap v0.89.0
 	go.opentelemetry.io/collector/exporter v0.89.0
 	go.opentelemetry.io/collector/pdata v1.0.0-rcv0018
@@ -15,6 +16,7 @@ require (
 
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/google/uuid v1.3.1 // indirect
@@ -34,6 +36,7 @@ require (
 	github.com/tinylib/msgp v1.1.6 // indirect
 	go.opencensus.io v0.24.0 // indirect
 	go.opentelemetry.io/collector v0.89.0 // indirect
+	go.opentelemetry.io/collector/config/configopaque v0.89.0 // indirect
 	go.opentelemetry.io/collector/config/configtelemetry v0.89.0 // indirect
 	go.opentelemetry.io/collector/consumer v0.89.0 // indirect
 	go.opentelemetry.io/collector/extension v0.89.0 // indirect

diff --git a/go.sum b/go.sum
@@ -17,6 +17,8 @@ github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymF
 github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
+github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
+github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
 github.com/go-kit/log v0.2.1 h1:MRVx0/zhvdseW+Gza6N9rVzU/IVzaeE1SFI4raAhmBU=
 github.com/go-logfmt/logfmt v0.5.1 h1:otpy5pqBCBZ1ng9RQ0dPu4PN7ba75Y/aA+UpowDyNVA=
 github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY=
@@ -111,8 +113,12 @@ go.opentelemetry.io/collector v0.89.0 h1:lzpfD9NTHh+1M+qzcoYUH+i2rOgFSox3bGQFUI5
 go.opentelemetry.io/collector v0.89.0/go.mod h1:UZUtmQ3kai0CLPWvPmHKpmwqqEoo50n1bwzYYhXX0eA=
 go.opentelemetry.io/collector/component v0.89.0 h1:PoQJX86BpaSZhzx0deQXHh3QMuW6XKVmolSdTKE506c=
 go.opentelemetry.io/collector/component v0.89.0/go.mod h1:ZZncnMVaNs++JIbAMiemUIWLZrZ3PMEzI3S3K8pnkws=
+go.opentelemetry.io/collector/config/configopaque v0.89.0 h1:Ad6yGcGBHs+J9SNjkedY68JsLZ1vBn4kKzdqKuTCRsE=
+go.opentelemetry.io/collector/config/configopaque v0.89.0/go.mod h1:TPCHaU+QXiEV+JXbgyr6mSErTI9chwQyasDVMdJr3eY=
 go.opentelemetry.io/collector/config/configtelemetry v0.89.0 h1:NtRknYDfMgP1r8mnByo6qQQK8IBw/lF9Qke5f7VhGZ0=
 go.opentelemetry.io/collector/config/configtelemetry v0.89.0/go.mod h1:+LAXM5WFMW/UbTlAuSs6L/W72WC+q8TBJt/6z39FPOU=
+go.opentelemetry.io/collector/config/configtls v0.89.0 h1:XDeUaTU7LYwnEXz/CSdjbCStJa7n0YR1q0QpK0Vtw9w=
+go.opentelemetry.io/collector/config/configtls v0.89.0/go.mod h1:NlE4elqXoyFfzQvYfzgH6uOU1zNVa+5tt6EIq52TJ9Y=
 go.opentelemetry.io/collector/confmap v0.89.0 h1:N5Vg1+FXEFBHHlGIPg4OSlM9uTHjCI7RlWWrKjtOzWQ=
 go.opentelemetry.io/collector/confmap v0.89.0/go.mod h1:D8FMPvuihtVxwXaz/qp5q9X2lq9l97QyjfsdZD1spmc=
 go.opentelemetry.io/collector/consumer v0.89.0 h1:MteKhkudX2L1ylbtdpSazO8SwyHSxl6fUEElc0rRLDQ=

diff --git a/testdata/config.yaml b/testdata/config.yaml
@@ -3,6 +3,9 @@ fluentforward:
 fluentforward/allsettings:
   endpoint: "localhost:24224"
   connection_timeout: 30s
+  tls:
+    enabled: true
+    insecure_skip_verify: true
   require_ack: true
   tag: nginx
   compress_gzip: true