discovery/azure: Fail hard when Azure authentication parameters are missing (#4907)

* discovery/azure: fail hard when client_id/client_secret is empty Signed-off-by: mengnan <supernan1994@gmail.com> * discovery/azure: fail hard when authentication parameters are missing Signed-off-by: mengnan <supernan1994@gmail.com> * add unit test Signed-off-by: mengnan <supernan1994@gmail.com> * add unit test Signed-off-by: mengnan <supernan1994@gmail.com> * format code Signed-off-by: mengnan <supernan1994@gmail.com>
2024-11-09 23:24:05 -08:00 · 2018-11-29 23:47:59 +08:00 · 2018-11-29 23:47:59 +08:00 · a5d39361ab
parent 0754e5334b
commit a5d39361ab
6 changed files with 62 additions and 2 deletions
--- a/config/config_test.go
+++ b/config/config_test.go
@ -751,6 +751,22 @@ var expectedErrors = []struct {
 		filename: "section_key_dup.bad.yml",
 		errMsg:   "field scrape_configs already set in type config.plain",
 	},
+	{
+		filename: "azure_client_id_missing.bad.yml",
+		errMsg:   "Azure SD configuration requires a client_id",
+	},
+	{
+		filename: "azure_client_secret_missing.bad.yml",
+		errMsg:   "Azure SD configuration requires a client_secret",
+	},
+	{
+		filename: "azure_subscription_id_missing.bad.yml",
+		errMsg:   "Azure SD configuration requires a subscription_id",
+	},
+	{
+		filename: "azure_tenant_id_missing.bad.yml",
+		errMsg:   "Azure SD configuration requires a tenant_id",
+	},
 }

 func TestBadConfigs(t *testing.T) {
--- a/config/testdata/azure_client_id_missing.bad.yml
+++ b/config/testdata/azure_client_id_missing.bad.yml
@ -0,0 +1,7 @@
+scrape_configs:
+  - job_name: azure
+    azure_sd_configs:
+      - subscription_id: 11AAAA11-A11A-111A-A111-1111A1111A11
+        tenant_id: BBBB222B-B2B2-2B22-B222-2BB2222BB2B2
+        client_id:
+        client_secret: mysecret
--- a/config/testdata/azure_client_secret_missing.bad.yml
+++ b/config/testdata/azure_client_secret_missing.bad.yml
@ -0,0 +1,7 @@
+scrape_configs:
+  - job_name: azure
+    azure_sd_configs:
+      - subscription_id: 11AAAA11-A11A-111A-A111-1111A1111A11
+        tenant_id: BBBB222B-B2B2-2B22-B222-2BB2222BB2B2
+        client_id: 333333CC-3C33-3333-CCC3-33C3CCCCC33C
+        client_secret:
--- a/config/testdata/azure_subscription_id_missing.bad.yml
+++ b/config/testdata/azure_subscription_id_missing.bad.yml
@ -0,0 +1,7 @@
+scrape_configs:
+  - job_name: azure
+    azure_sd_configs:
+      - subscription_id:
+        tenant_id: BBBB222B-B2B2-2B22-B222-2BB2222BB2B2
+        client_id: 333333CC-3C33-3333-CCC3-33C3CCCCC33C
+        client_secret: mysecret
--- a/config/testdata/azure_tenant_id_missing.bad.yml
+++ b/config/testdata/azure_tenant_id_missing.bad.yml
@ -0,0 +1,7 @@
+scrape_configs:
+  - job_name: azure
+    azure_sd_configs:
+      - subscription_id: 11AAAA11-A11A-111A-A111-1111A1111A11
+        tenant_id:
+        client_id: 333333CC-3C33-3333-CCC3-33C3CCCCC33C
+        client_secret: mysecret
--- a/discovery/azure/azure.go
+++ b/discovery/azure/azure.go
@ -80,6 +80,13 @@ type SDConfig struct {
 	RefreshInterval model.Duration     `yaml:"refresh_interval,omitempty"`
 }

+func validateAuthParam(param, name string) error {
+	if len(param) == 0 {
+		return fmt.Errorf("Azure SD configuration requires a %s", name)
+	}
+	return nil
+}
+
 // UnmarshalYAML implements the yaml.Unmarshaler interface.
 func (c *SDConfig) UnmarshalYAML(unmarshal func(interface{}) error) error {
 	*c = DefaultSDConfig
@ -88,8 +95,17 @@ func (c *SDConfig) UnmarshalYAML(unmarshal func(interface{}) error) error {
 	if err != nil {
 		return err
 	}
-	if c.SubscriptionID == "" {
-		return fmt.Errorf("Azure SD configuration requires a subscription_id")
+	if err = validateAuthParam(c.SubscriptionID, "subscription_id"); err != nil {
+		return err
+	}
+	if err = validateAuthParam(c.TenantID, "tenant_id"); err != nil {
+		return err
+	}
+	if err = validateAuthParam(c.ClientID, "client_id"); err != nil {
+		return err
+	}
+	if err = validateAuthParam(string(c.ClientSecret), "client_secret"); err != nil {
+		return err
 	}
 	return nil
 }