mirror of
https://github.com/prometheus/prometheus.git
synced 2024-12-25 13:44:05 -08:00
Update exporter-toolkit to 0.5.0
Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
This commit is contained in:
parent
fbe960f2c1
commit
ac2626757c
|
@ -46,8 +46,8 @@ import (
|
|||
"github.com/prometheus/common/promlog"
|
||||
promlogflag "github.com/prometheus/common/promlog/flag"
|
||||
"github.com/prometheus/common/version"
|
||||
"github.com/prometheus/exporter-toolkit/https"
|
||||
httpsflag "github.com/prometheus/exporter-toolkit/https/kingpinflag"
|
||||
toolkit_web "github.com/prometheus/exporter-toolkit/web"
|
||||
toolkit_webflag "github.com/prometheus/exporter-toolkit/web/kingpinflag"
|
||||
jcfg "github.com/uber/jaeger-client-go/config"
|
||||
jprom "github.com/uber/jaeger-lib/metrics/prometheus"
|
||||
"go.uber.org/atomic"
|
||||
|
@ -153,7 +153,7 @@ func main() {
|
|||
a.Flag("web.listen-address", "Address to listen on for UI, API, and telemetry.").
|
||||
Default("0.0.0.0:9090").StringVar(&cfg.web.ListenAddress)
|
||||
|
||||
httpsConfig := httpsflag.AddFlags(a)
|
||||
webConfig := toolkit_webflag.AddFlags(a)
|
||||
|
||||
a.Flag("web.read-timeout",
|
||||
"Maximum duration before timing out read of the request, and closing idle connections.").
|
||||
|
@ -568,7 +568,7 @@ func main() {
|
|||
os.Exit(1)
|
||||
}
|
||||
|
||||
err = https.Validate(*httpsConfig)
|
||||
err = toolkit_web.Validate(*webConfig)
|
||||
if err != nil {
|
||||
level.Error(logger).Log("msg", "Unable to validate web configuration file", "err", err)
|
||||
os.Exit(1)
|
||||
|
@ -788,7 +788,7 @@ func main() {
|
|||
// Web handler.
|
||||
g.Add(
|
||||
func() error {
|
||||
if err := webHandler.Run(ctxWeb, listener, *httpsConfig); err != nil {
|
||||
if err := webHandler.Run(ctxWeb, listener, *webConfig); err != nil {
|
||||
return errors.Wrapf(err, "error starting web server")
|
||||
}
|
||||
return nil
|
||||
|
|
|
@ -37,7 +37,7 @@ import (
|
|||
config_util "github.com/prometheus/common/config"
|
||||
"github.com/prometheus/common/model"
|
||||
"github.com/prometheus/common/version"
|
||||
"github.com/prometheus/exporter-toolkit/https"
|
||||
"github.com/prometheus/exporter-toolkit/web"
|
||||
"gopkg.in/alecthomas/kingpin.v2"
|
||||
|
||||
"github.com/prometheus/prometheus/config"
|
||||
|
@ -249,7 +249,7 @@ func CheckWebConfig(files ...string) int {
|
|||
failed := false
|
||||
|
||||
for _, f := range files {
|
||||
if err := https.Validate(f); err != nil {
|
||||
if err := web.Validate(f); err != nil {
|
||||
fmt.Fprintln(os.Stderr, f, "FAILED:", err)
|
||||
failed = true
|
||||
continue
|
||||
|
|
2
go.mod
2
go.mod
|
@ -52,7 +52,7 @@ require (
|
|||
github.com/prometheus/client_golang v1.9.0
|
||||
github.com/prometheus/client_model v0.2.0
|
||||
github.com/prometheus/common v0.15.0
|
||||
github.com/prometheus/exporter-toolkit v0.4.0
|
||||
github.com/prometheus/exporter-toolkit v0.5.0
|
||||
github.com/samuel/go-zookeeper v0.0.0-20201211165307-7117e9ea2414
|
||||
github.com/shurcooL/httpfs v0.0.0-20190707220628-8d4bc4ba7749
|
||||
github.com/shurcooL/vfsgen v0.0.0-20200824052919-0d455de96546
|
||||
|
|
4
go.sum
4
go.sum
|
@ -711,8 +711,8 @@ github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8b
|
|||
github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
|
||||
github.com/prometheus/common v0.15.0 h1:4fgOnadei3EZvgRwxJ7RMpG1k1pOZth5Pc13tyspaKM=
|
||||
github.com/prometheus/common v0.15.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
|
||||
github.com/prometheus/exporter-toolkit v0.4.0 h1:O7Bw+ZKEMzW7vD10IuVF70b8EE4JIG7BvHFj9UKz49g=
|
||||
github.com/prometheus/exporter-toolkit v0.4.0/go.mod h1:OCkM4805mmisBhLmVFw858QYi3v0wKdY6/UxrT0pZVg=
|
||||
github.com/prometheus/exporter-toolkit v0.5.0 h1:GwrxhCviqOl8Mm0vKqkh7Xy54m+FPlHEJacFs48M3gY=
|
||||
github.com/prometheus/exporter-toolkit v0.5.0/go.mod h1:OCkM4805mmisBhLmVFw858QYi3v0wKdY6/UxrT0pZVg=
|
||||
github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
|
||||
github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
|
||||
github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
|
||||
|
|
81
vendor/github.com/prometheus/exporter-toolkit/https/README.md
generated
vendored
81
vendor/github.com/prometheus/exporter-toolkit/https/README.md
generated
vendored
|
@ -1,81 +0,0 @@
|
|||
# HTTPS Package for Prometheus
|
||||
|
||||
The `https` directory contains a Go package and a sample configuration file for
|
||||
running `node_exporter` with HTTPS instead of HTTP. We currently support TLS 1.3
|
||||
and TLS 1.2.
|
||||
|
||||
To run a server with TLS, use the flag `--web.config`.
|
||||
|
||||
e.g. `./node_exporter --web.config="web-config.yml"`
|
||||
If the config is kept within the https directory.
|
||||
|
||||
The config file should be written in YAML format, and is reloaded on each connection to check for new certificates and/or authentication policy.
|
||||
|
||||
## Sample Config
|
||||
|
||||
```
|
||||
tls_server_config:
|
||||
# Certificate and key files for server to use to authenticate to client.
|
||||
cert_file: <filename>
|
||||
key_file: <filename>
|
||||
|
||||
# Server policy for client authentication. Maps to ClientAuth Policies.
|
||||
# For more detail on clientAuth options: [ClientAuthType](https://golang.org/pkg/crypto/tls/#ClientAuthType)
|
||||
[ client_auth_type: <string> | default = "NoClientCert" ]
|
||||
|
||||
# CA certificate for client certificate authentication to the server.
|
||||
[ client_ca_file: <filename> ]
|
||||
|
||||
# Minimum TLS version that is acceptable.
|
||||
[ min_version: <string> | default = "TLS12" ]
|
||||
|
||||
# Maximum TLS version that is acceptable.
|
||||
[ max_version: <string> | default = "TLS13" ]
|
||||
|
||||
# List of supported cipher suites for TLS versions up to TLS 1.2. If empty,
|
||||
# Go default cipher suites are used. Available cipher suites are documented
|
||||
# in the go documentation:
|
||||
# https://golang.org/pkg/crypto/tls/#pkg-constants
|
||||
[ cipher_suites:
|
||||
[ - <string> ] ]
|
||||
|
||||
# prefer_server_cipher_suites controls whether the server selects the
|
||||
# client's most preferred ciphersuite, or the server's most preferred
|
||||
# ciphersuite. If true then the server's preference, as expressed in
|
||||
# the order of elements in cipher_suites, is used.
|
||||
[ prefer_server_cipher_suites: <bool> | default = true ]
|
||||
|
||||
# Elliptic curves that will be used in an ECDHE handshake, in preference
|
||||
# order. Available curves are documented in the go documentation:
|
||||
# https://golang.org/pkg/crypto/tls/#CurveID
|
||||
[ curve_preferences:
|
||||
[ - <string> ] ]
|
||||
|
||||
http_server_config:
|
||||
# Enable HTTP/2 support. Note that HTTP/2 is only supported with TLS.
|
||||
# This can not be changed on the fly.
|
||||
[ http2: <bool> | default = true ]
|
||||
|
||||
# Usernames and hashed passwords that have full access to the web
|
||||
# server via basic authentication. If empty, no basic authentication is
|
||||
# required. Passwords are hashed with bcrypt.
|
||||
basic_auth_users:
|
||||
[ <string>: <secret> ... ]
|
||||
```
|
||||
|
||||
## About bcrypt
|
||||
|
||||
There are several tools out there to generate bcrypt passwords, e.g.
|
||||
[htpasswd](https://httpd.apache.org/docs/2.4/programs/htpasswd.html):
|
||||
|
||||
`htpasswd -nBC 10 "" | tr -d ':\n'`
|
||||
|
||||
That command will prompt you for a password and output the hashed password,
|
||||
which will look something like:
|
||||
`$2y$10$X0h1gDsPszWURQaxFh.zoubFi6DXncSjhoQNJgRrnGs7EsimhC7zG`
|
||||
|
||||
The cost (10 in the example) influences the time it takes for computing the
|
||||
hash. A higher cost will en up slowing down the authentication process.
|
||||
Depending on the machine, a cost of 10 will take about ~70ms where a cost of
|
||||
18 can take up to a few seconds. That hash will be computed on every
|
||||
password-protected request.
|
10
vendor/github.com/prometheus/exporter-toolkit/web/README.md
generated
vendored
Normal file
10
vendor/github.com/prometheus/exporter-toolkit/web/README.md
generated
vendored
Normal file
|
@ -0,0 +1,10 @@
|
|||
# web package
|
||||
|
||||
This package can be used by Prometheus exporters to enable TLS and
|
||||
authentication.
|
||||
|
||||
We actively encourage the community to use this repository, to provide a
|
||||
consistent experience across the ecosystem.
|
||||
|
||||
Developers documentation can be found on
|
||||
[pkg.go.dev](https://pkg.go.dev/github.com/prometheus/exporter-toolkit/).
|
|
@ -11,8 +11,7 @@
|
|||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
// Package https allows the implementation of TLS.
|
||||
package https
|
||||
package web
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
|
@ -174,9 +173,9 @@ func ConfigToTLSConfig(c *TLSStruct) (*tls.Config, error) {
|
|||
return cfg, nil
|
||||
}
|
||||
|
||||
// Listen starts the server on the given address. Based on the file
|
||||
// ListenAndServe starts the server on the given address. Based on the file
|
||||
// tlsConfigPath, TLS or basic auth could be enabled.
|
||||
func Listen(server *http.Server, tlsConfigPath string, logger log.Logger) error {
|
||||
func ListenAndServe(server *http.Server, tlsConfigPath string, logger log.Logger) error {
|
||||
listener, err := net.Listen("tcp", server.Addr)
|
||||
if err != nil {
|
||||
return err
|
||||
|
@ -341,3 +340,11 @@ func (tv *tlsVersion) MarshalYAML() (interface{}, error) {
|
|||
}
|
||||
return fmt.Sprintf("%v", tv), nil
|
||||
}
|
||||
|
||||
// Listen starts the server on the given address. Based on the file
|
||||
// tlsConfigPath, TLS or basic auth could be enabled.
|
||||
//
|
||||
// Deprecated: Use ListenAndServe instead.
|
||||
func Listen(server *http.Server, tlsConfigPath string, logger log.Logger) error {
|
||||
return ListenAndServe(server, tlsConfigPath, logger)
|
||||
}
|
|
@ -11,7 +11,7 @@
|
|||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package https
|
||||
package web
|
||||
|
||||
import (
|
||||
"net/http"
|
6
vendor/modules.txt
vendored
6
vendor/modules.txt
vendored
|
@ -395,10 +395,10 @@ github.com/prometheus/common/promlog/flag
|
|||
github.com/prometheus/common/route
|
||||
github.com/prometheus/common/server
|
||||
github.com/prometheus/common/version
|
||||
# github.com/prometheus/exporter-toolkit v0.4.0
|
||||
# github.com/prometheus/exporter-toolkit v0.5.0
|
||||
## explicit
|
||||
github.com/prometheus/exporter-toolkit/https
|
||||
github.com/prometheus/exporter-toolkit/https/kingpinflag
|
||||
github.com/prometheus/exporter-toolkit/web
|
||||
github.com/prometheus/exporter-toolkit/web/kingpinflag
|
||||
# github.com/prometheus/procfs v0.2.0
|
||||
github.com/prometheus/procfs
|
||||
github.com/prometheus/procfs/internal/fs
|
||||
|
|
|
@ -50,7 +50,7 @@ import (
|
|||
"github.com/prometheus/common/model"
|
||||
"github.com/prometheus/common/route"
|
||||
"github.com/prometheus/common/server"
|
||||
"github.com/prometheus/exporter-toolkit/https"
|
||||
toolkit_web "github.com/prometheus/exporter-toolkit/web"
|
||||
"go.uber.org/atomic"
|
||||
"golang.org/x/net/netutil"
|
||||
|
||||
|
@ -544,7 +544,7 @@ func (h *Handler) Listener() (net.Listener, error) {
|
|||
}
|
||||
|
||||
// Run serves the HTTP endpoints.
|
||||
func (h *Handler) Run(ctx context.Context, listener net.Listener, httpsConfig string) error {
|
||||
func (h *Handler) Run(ctx context.Context, listener net.Listener, webConfig string) error {
|
||||
if listener == nil {
|
||||
var err error
|
||||
listener, err = h.Listener()
|
||||
|
@ -580,7 +580,7 @@ func (h *Handler) Run(ctx context.Context, listener net.Listener, httpsConfig st
|
|||
|
||||
errCh := make(chan error)
|
||||
go func() {
|
||||
errCh <- https.Serve(listener, httpSrv, httpsConfig, h.logger)
|
||||
errCh <- toolkit_web.Serve(listener, httpSrv, webConfig, h.logger)
|
||||
}()
|
||||
|
||||
select {
|
||||
|
|
Loading…
Reference in a new issue