From 0acd264fc29dda2d19f1c5ec9cb7d70bdc93d569 Mon Sep 17 00:00:00 2001 From: Elfranne Date: Tue, 6 Feb 2024 15:47:13 +0100 Subject: [PATCH 1/2] use cert for authentication --- .github/workflows/lint.yml | 20 +++++++++++++++++++ .github/workflows/release.yml | 8 ++++---- .github/workflows/test.yml | 11 ++++++----- go.mod | 22 ++++++++++++--------- go.sum | 7 +++++++ main.go | 37 ++++++++++++++++++++++++++++++++--- main_test.go | 2 +- 7 files changed, 85 insertions(+), 22 deletions(-) create mode 100644 .github/workflows/lint.yml diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 0000000..afdbdb5 --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,20 @@ +name: Go Lint + +on: [push] + +jobs: + test: + name: Lint + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest] + steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: Set up Go + uses: actions/setup-go@v4 + with: + go-version-file: 'go.mod' + - name: Run golangci-lint + uses: golangci/golangci-lint-action@v3 \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f6545bd..84943f9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,15 +10,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Unshallow run: git fetch --prune --unshallow - name: Set up Go - uses: actions/setup-go@v1 + uses: actions/setup-go@v4 with: - go-version: 1.13.x + go-version-file: 'go.mod' - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v1 + uses: goreleaser/goreleaser-action@v4 with: version: latest args: release --rm-dist diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index ef978f6..2d176a3 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -11,11 +11,12 @@ jobs: os: [macos-latest, windows-latest, ubuntu-latest] steps: - name: Checkout code - uses: actions/checkout@v2 - - name: Set up Go 1.13 - uses: actions/setup-go@v1 + uses: actions/checkout@v3 + - name: Unshallow + run: git fetch --prune --unshallow + - name: Set up Go + uses: actions/setup-go@v4 with: - go-version: 1.13 - id: go + go-version-file: 'go.mod' - name: Test run: go test -v ./... \ No newline at end of file diff --git a/go.mod b/go.mod index cc968ff..3da501e 100644 --- a/go.mod +++ b/go.mod @@ -1,18 +1,22 @@ module github.com/sensu/sensu-prometheus-collector -go 1.13 +go 1.21 require ( - github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 - github.com/davecgh/go-spew v1.1.1 - github.com/golang/protobuf v1.2.0 github.com/kelseyhightower/envconfig v1.3.0 - github.com/matttproud/golang_protobuf_extensions v1.0.1 - github.com/pmezard/go-difflib v1.0.0 github.com/prometheus/client_golang v0.8.0 - github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910 github.com/prometheus/common v0.0.0-20181126121408-4724e9255275 - github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a github.com/stretchr/testify v1.2.2 - golang.org/x/net v0.0.0-20181207154023-610586996380 +) + +require ( + github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/golang/protobuf v1.2.0 // indirect + github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910 // indirect + github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a // indirect + golang.org/x/net v0.0.0-20181207154023-610586996380 // indirect + golang.org/x/sync v0.6.0 // indirect ) diff --git a/go.sum b/go.sum index 50051c3..dd2810f 100644 --- a/go.sum +++ b/go.sum @@ -1,4 +1,6 @@ +github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 h1:xJ4a3vCFaGF/jqvzLMYoU8P317H5OQ+Via4RmuPwCS0= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -6,6 +8,7 @@ github.com/kelseyhightower/envconfig v1.3.0 h1:IvRS4f2VcIQy6j4ORGIf9145T/AsUB+oY github.com/kelseyhightower/envconfig v1.3.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_golang v0.8.0 h1:1921Yw9Gc3iSc4VQh3PIoOqgPCZS7G/4xQNVUp8Mda8= github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= @@ -13,7 +16,11 @@ github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910 h1:idejC8f github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/common v0.0.0-20181126121408-4724e9255275 h1:PnBWHBf+6L0jOqq0gIVUe6Yk0/QMZ640k6NvkxcBf+8= github.com/prometheus/common v0.0.0-20181126121408-4724e9255275/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= +github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a h1:9a8MnZMP0X2nLJdBg+pBmGgkJlSaKC2KaQmTCk1XDtE= github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= golang.org/x/net v0.0.0-20181207154023-610586996380 h1:zPQexyRtNYBc7bcHmehl1dH6TB3qn8zytv8cBGLDNY0= golang.org/x/net v0.0.0-20181207154023-610586996380/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= +golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= diff --git a/main.go b/main.go index 1c6e076..f6da3b1 100644 --- a/main.go +++ b/main.go @@ -3,6 +3,7 @@ package main import ( "context" "crypto/tls" + "crypto/x509" "encoding/json" "errors" "flag" @@ -160,9 +161,36 @@ func QueryPrometheus(promURL string, queryString string) (model.Vector, error) { return nil, errors.New("unexpected response type") } -func QueryExporter(exporterURL string, auth ExporterAuth, insecureSkipVerify bool) (model.Vector, error) { +func QueryExporter(exporterURL string, auth ExporterAuth, insecureSkipVerify bool, cert string, key string, cacert string) (model.Vector, error) { + + tlsconfig := &tls.Config{} + + if insecureSkipVerify == true { + tlsconfig = &tls.Config{InsecureSkipVerify: true} + } + + if len(cert) > 0 || len(key) > 0 || len(cacert) > 0 { + certpair, err := tls.LoadX509KeyPair(cert, key) + if err != nil { + fmt.Printf("could not load certificate(%s) or key(%s): %v", cert, key, err) + os.Exit(3) + } + + cacertfile, err := os.ReadFile(cacert) + if err != nil { + fmt.Printf("could not load CA(%s): %v", cacert, err) + os.Exit(3) + } + rootca := x509.NewCertPool() + rootca.AppendCertsFromPEM(cacertfile) + tlsconfig = &tls.Config{ + Certificates: []tls.Certificate{certpair}, + RootCAs: rootca, + } + } + tr := &http.Transport{ - TLSClientConfig: &tls.Config{InsecureSkipVerify: insecureSkipVerify}, + TLSClientConfig: tlsconfig, } client := &http.Client{Transport: tr} req, err := http.NewRequest("GET", exporterURL, nil) @@ -241,6 +269,9 @@ func main() { outputFormat := flag.String("output-format", "influx", "The check output format to use for metrics {influx|graphite|json}.") metricPrefix := flag.String("metric-prefix", "", "Metric name prefix, only supported by line protocol output formats.") insecureSkipVerify := flag.Bool("insecure-skip-verify", false, "Skip TLS peer verification.") + cert := flag.String("cert", "", "Certificate to use for authentication") + key := flag.String("key", "", "Key to use for authentication") + cacert := flag.String("cacert", "", "CA to use for authentication") flag.Parse() var samples model.Vector @@ -254,7 +285,7 @@ func main() { os.Exit(2) } - samples, err = QueryExporter(*exporterURL, auth, *insecureSkipVerify) + samples, err = QueryExporter(*exporterURL, auth, *insecureSkipVerify, *cert, *key, *cacert) if err != nil { log.Fatal(err) diff --git a/main_test.go b/main_test.go index e54ceb3..bd606ef 100644 --- a/main_test.go +++ b/main_test.go @@ -17,7 +17,7 @@ func TestQueryExporter(t *testing.T) { time.Sleep(2 * time.Second) - samples, err := QueryExporter("http://localhost:7777/metrics", ExporterAuth{User: "", Password: "", Header: ""}, false) + samples, err := QueryExporter("http://localhost:7777/metrics", ExporterAuth{User: "", Password: "", Header: ""}, false, "", "", "") assert.NoError(t, err) assert.NotNil(t, samples) From c338045cb3d9215da8595bd3aae246d3fa48bcb8 Mon Sep 17 00:00:00 2001 From: Elfranne Date: Tue, 6 Feb 2024 15:55:39 +0100 Subject: [PATCH 2/2] fix test for CI --- main.go | 2 +- main_test.go | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/main.go b/main.go index f6da3b1..00aa8d4 100644 --- a/main.go +++ b/main.go @@ -165,7 +165,7 @@ func QueryExporter(exporterURL string, auth ExporterAuth, insecureSkipVerify boo tlsconfig := &tls.Config{} - if insecureSkipVerify == true { + if insecureSkipVerify { tlsconfig = &tls.Config{InsecureSkipVerify: true} } diff --git a/main_test.go b/main_test.go index bd606ef..d9ce60f 100644 --- a/main_test.go +++ b/main_test.go @@ -1,7 +1,9 @@ package main import ( + "fmt" "net/http" + "os" "testing" "time" @@ -12,7 +14,11 @@ import ( func TestQueryExporter(t *testing.T) { go func() { http.Handle("/metrics", promhttp.Handler()) - http.ListenAndServe(":7777", nil) + err := http.ListenAndServe(":7777", nil) + if err != nil { + fmt.Printf("failed to create a test webserver: %s", err) + os.Exit(3) + } }() time.Sleep(2 * time.Second)