From 8b4bc917674b1963767f4275dd4af3b923a37281 Mon Sep 17 00:00:00 2001 From: Duong Le Date: Mon, 18 Apr 2022 16:41:49 +0700 Subject: [PATCH 1/4] add env vars and env file path --- manifests/elasticsearch_exporter.pp | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/manifests/elasticsearch_exporter.pp b/manifests/elasticsearch_exporter.pp index 06d32265..35ce9437 100644 --- a/manifests/elasticsearch_exporter.pp +++ b/manifests/elasticsearch_exporter.pp @@ -55,6 +55,10 @@ # Optional proxy server, with port number if needed. ie: https://example.com:8080 # @param proxy_type # Optional proxy server type (none|http|https|ftp) +# @param env_vars +# hash with custom environment variables thats passed to the exporter via init script / unit file +# @param env_file_path +# The path to the file with the environmetn variable that is read from the init script/systemd unit class prometheus::elasticsearch_exporter ( String[1] $cnf_uri, String[1] $cnf_timeout, @@ -89,6 +93,8 @@ Optional[Hash] $scrape_job_labels = undef, Optional[String[1]] $proxy_server = undef, Optional[Enum['none', 'http', 'https', 'ftp']] $proxy_type = undef, + Hash[String[1], Scalar] $env_vars = {}, + Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, ) inherits prometheus { #Please provide the download_url for versions < 0.9.0 $real_download_url = pick($download_url,"${download_url_base}/download/v${version}/${package_name}-${version}.${os}-${arch}.${download_extension}") @@ -134,5 +140,7 @@ scrape_job_labels => $scrape_job_labels, proxy_server => $proxy_server, proxy_type => $proxy_type, + env_vars => $env_vars, + env_file_path => $env_file_path, } } From 1756162643ad440af94fda1d3e3473d16862717c Mon Sep 17 00:00:00 2001 From: duonghoangle <103929155+duonghoangle@users.noreply.github.com> Date: Tue, 19 Apr 2022 15:46:24 +0700 Subject: [PATCH 2/4] Update manifests/elasticsearch_exporter.pp Co-authored-by: Andrew Ernst --- manifests/elasticsearch_exporter.pp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/manifests/elasticsearch_exporter.pp b/manifests/elasticsearch_exporter.pp index 35ce9437..044a34be 100644 --- a/manifests/elasticsearch_exporter.pp +++ b/manifests/elasticsearch_exporter.pp @@ -56,9 +56,9 @@ # @param proxy_type # Optional proxy server type (none|http|https|ftp) # @param env_vars -# hash with custom environment variables thats passed to the exporter via init script / unit file +# hash with custom environment variables that's passed to the exporter via init script / unit file # @param env_file_path -# The path to the file with the environmetn variable that is read from the init script/systemd unit +# The path to the file with the environment variable that is read from the init script/systemd unit class prometheus::elasticsearch_exporter ( String[1] $cnf_uri, String[1] $cnf_timeout, From 784c78897e70a163060ff6c095c6f336fecd9ef1 Mon Sep 17 00:00:00 2001 From: Duong Le Date: Tue, 19 Apr 2022 18:06:52 +0700 Subject: [PATCH 3/4] add var to disable show_diff in env vars file --- manifests/daemon.pp | 12 +++++++----- manifests/elasticsearch_exporter.pp | 4 ++++ 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/manifests/daemon.pp b/manifests/daemon.pp index 0b0cedc5..9ec361ca 100644 --- a/manifests/daemon.pp +++ b/manifests/daemon.pp @@ -72,6 +72,7 @@ Stdlib::Ensure::Service $service_ensure = 'running', Boolean $service_enable = true, Boolean $manage_service = true, + Boolean $env_vars_sensitive = false, Hash[String[1], Scalar] $env_vars = {}, Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, Optional[String[1]] $extract_command = $prometheus::extract_command, @@ -248,16 +249,17 @@ # those files to be present, even if empty, so it's critical that # the file not get removed file { "${env_file_path}/${name}": - mode => '0644', - owner => 'root', - group => '0', # Darwin uses wheel - content => epp( + mode => '0644', + owner => 'root', + group => '0', # Darwin uses wheel + content => epp( 'prometheus/daemon.env.epp', { 'env_vars' => $env_vars_merged, } ), - notify => $notify_service, + notify => $notify_service, + show_diff => !$env_vars_sensitive, } } diff --git a/manifests/elasticsearch_exporter.pp b/manifests/elasticsearch_exporter.pp index 044a34be..9b0fdc08 100644 --- a/manifests/elasticsearch_exporter.pp +++ b/manifests/elasticsearch_exporter.pp @@ -55,6 +55,8 @@ # Optional proxy server, with port number if needed. ie: https://example.com:8080 # @param proxy_type # Optional proxy server type (none|http|https|ftp) +# @param env_vars_sensitive +# Do not show diff in case environment variables are sensitive # @param env_vars # hash with custom environment variables that's passed to the exporter via init script / unit file # @param env_file_path @@ -93,6 +95,7 @@ Optional[Hash] $scrape_job_labels = undef, Optional[String[1]] $proxy_server = undef, Optional[Enum['none', 'http', 'https', 'ftp']] $proxy_type = undef, + Boolean $env_vars_sensitive = false, Hash[String[1], Scalar] $env_vars = {}, Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, ) inherits prometheus { @@ -140,6 +143,7 @@ scrape_job_labels => $scrape_job_labels, proxy_server => $proxy_server, proxy_type => $proxy_type, + env_vars_sensitive => $env_vars_sensitive, env_vars => $env_vars, env_file_path => $env_file_path, } From cbc0fa9077157bd0f0ee5b9764be74424a96a010 Mon Sep 17 00:00:00 2001 From: Duong Le Date: Wed, 20 Apr 2022 00:06:49 +0700 Subject: [PATCH 4/4] add env_vars_sensitive to all exporters using env_vars --- manifests/bind_exporter.pp | 10 ++++++++++ manifests/bird_exporter.pp | 8 ++++++-- manifests/daemon.pp | 6 ++++++ manifests/elasticsearch_exporter.pp | 2 +- manifests/nginx_prometheus_exporter.pp | 8 ++++++++ manifests/node_exporter.pp | 8 ++++++-- manifests/openldap_exporter.pp | 8 ++++++++ manifests/php_fpm_exporter.pp | 8 ++++++++ manifests/postgres_exporter.pp | 8 ++++++++ manifests/pushprox_client.pp | 10 +++++++++- manifests/rabbitmq_exporter.pp | 8 ++++++++ manifests/unbound_exporter.pp | 10 ++++++++++ 12 files changed, 88 insertions(+), 6 deletions(-) diff --git a/manifests/bind_exporter.pp b/manifests/bind_exporter.pp index 5ce53d36..6d2cbf6e 100644 --- a/manifests/bind_exporter.pp +++ b/manifests/bind_exporter.pp @@ -94,6 +94,12 @@ # Optional proxy server, with port number if needed. ie: https://example.com:8080 # @param proxy_type # Optional proxy server type (none|http|https|ftp) +# @param env_vars_sensitive +# Do not show diff in case environment variables are sensitive +# @param env_vars +# Hash with custom environment variables that's passed to the exporter via init script / unit file +# @param env_file_path +# The path to the file with the environment variable that is read from the init script/systemd unit class prometheus::bind_exporter ( Optional[Stdlib::HTTPSUrl] $download_url = undef, Array[String[1]] $extra_groups = [], @@ -114,7 +120,9 @@ Boolean $manage_user = true, String[1] $os = $prometheus::os, Optional[String[1]] $extra_options = undef, + Boolean $env_vars_sensitive = false, Hash[String, Scalar] $env_vars = {}, + Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, String $download_extension = 'tar.gz', Stdlib::HTTPSUrl $download_url_base = 'https://github.com/prometheus-community/bind_exporter/releases', String[1] $config_mode = $prometheus::config_mode, @@ -152,7 +160,9 @@ manage_group => $manage_group, purge => $purge_config_dir, options => $extra_options, + env_vars_sensitive => $env_vars_sensitive, env_vars => $env_vars, + env_file_path => $env_file_path, init_style => $init_style, service_ensure => $service_ensure, service_enable => $service_enable, diff --git a/manifests/bird_exporter.pp b/manifests/bird_exporter.pp index e397b490..ef947097 100644 --- a/manifests/bird_exporter.pp +++ b/manifests/bird_exporter.pp @@ -47,10 +47,12 @@ # User which runs the service # @param version # The binary release version +# @param env_vars_sensitive +# Do not show diff in case environment variables are sensitive # @param env_vars -# hash with custom environment variables thats passed to the exporter via init script / unit file +# Hash with custom environment variables that's passed to the exporter via init script / unit file # @param env_file_path -# The path to the file with the environmetn variable that is read from the init script/systemd unit +# The path to the file with the environment variable that is read from the init script/systemd unit # @param proxy_server # Optional proxy server, with port number if needed. ie: https://example.com:8080 # @param proxy_type @@ -96,6 +98,7 @@ String[1] $scrape_job_name = 'bird', Optional[Hash] $scrape_job_labels = undef, Optional[String[1]] $bin_name = undef, + Boolean $env_vars_sensitive = false, Hash[String[1], Scalar] $env_vars = {}, Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, Optional[String[1]] $proxy_server = undef, @@ -136,6 +139,7 @@ scrape_job_name => $scrape_job_name, scrape_job_labels => $scrape_job_labels, bin_name => $bin_name, + env_vars_sensitive => $env_vars_sensitive, env_vars => $env_vars, env_file_path => $env_file_path, proxy_server => $proxy_server, diff --git a/manifests/daemon.pp b/manifests/daemon.pp index 9ec361ca..b73b4ef8 100644 --- a/manifests/daemon.pp +++ b/manifests/daemon.pp @@ -49,6 +49,12 @@ # Optional proxy server, with port number if needed. ie: https://example.com:8080 # @param proxy_type # Optional proxy server type (none|http|https|ftp) +# @param env_vars_sensitive +# Do not show diff in case environment variables are sensitive +# @param env_vars +# Hash with custom environment variables that's passed to the exporter via init script / unit file +# @param env_file_path +# The path to the file with the environment variable that is read from the init script/systemd unit define prometheus::daemon ( String[1] $version, Prometheus::Uri $real_download_url, diff --git a/manifests/elasticsearch_exporter.pp b/manifests/elasticsearch_exporter.pp index 9b0fdc08..71086b4d 100644 --- a/manifests/elasticsearch_exporter.pp +++ b/manifests/elasticsearch_exporter.pp @@ -58,7 +58,7 @@ # @param env_vars_sensitive # Do not show diff in case environment variables are sensitive # @param env_vars -# hash with custom environment variables that's passed to the exporter via init script / unit file +# Hash with custom environment variables that's passed to the exporter via init script / unit file # @param env_file_path # The path to the file with the environment variable that is read from the init script/systemd unit class prometheus::elasticsearch_exporter ( diff --git a/manifests/nginx_prometheus_exporter.pp b/manifests/nginx_prometheus_exporter.pp index 9d993c02..ec29215c 100644 --- a/manifests/nginx_prometheus_exporter.pp +++ b/manifests/nginx_prometheus_exporter.pp @@ -53,6 +53,12 @@ # Optional proxy server, with port number if needed. ie: https://example.com:8080 # @param proxy_type # Optional proxy server type (none|http|https|ftp) +# @param env_vars_sensitive +# Do not show diff in case environment variables are sensitive +# @param env_vars +# Hash with custom environment variables that's passed to the exporter via init script / unit file +# @param env_file_path +# The path to the file with the environment variable that is read from the init script/systemd unit class prometheus::nginx_prometheus_exporter ( String[1] $scrape_uri = 'http://localhost:8080/stub_status', String $download_extension = 'tar.gz', @@ -85,6 +91,7 @@ String[1] $scrape_job_name = 'nginx', Optional[Hash] $scrape_job_labels = undef, String[1] $bin_name = 'nginx-prometheus-exporter', + Boolean $env_vars_sensitive = false, Hash[String[1], Scalar] $env_vars = {}, Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, Optional[String[1]] $proxy_server = undef, @@ -158,6 +165,7 @@ scrape_job_name => $scrape_job_name, scrape_job_labels => $scrape_job_labels, bin_name => $bin_name, + env_vars_sensitive => $env_vars_sensitive, env_vars => $env_vars, env_file_path => $env_file_path, proxy_server => $proxy_server, diff --git a/manifests/node_exporter.pp b/manifests/node_exporter.pp index 6fbb4fcb..4491444d 100644 --- a/manifests/node_exporter.pp +++ b/manifests/node_exporter.pp @@ -54,10 +54,12 @@ # User which runs the service # @param version # The binary release version +# @param env_vars_sensitive +# Do not show diff in case environment variables are sensitive # @param env_vars -# hash with custom environment variables thats passed to the exporter via init script / unit file +# Hash with custom environment variables that's passed to the exporter via init script / unit file # @param env_file_path -# The path to the file with the environmetn variable that is read from the init script/systemd unit +# The path to the file with the environment variable that is read from the init script/systemd unit # @param proxy_server # Optional proxy server, with port number if needed. ie: https://example.com:8080 # @param proxy_type @@ -95,6 +97,7 @@ String[1] $scrape_job_name = 'node', Optional[Hash] $scrape_job_labels = undef, Optional[String[1]] $bin_name = undef, + Boolean $env_vars_sensitive = false, Hash[String[1], Scalar] $env_vars = {}, Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, Optional[String[1]] $proxy_server = undef, @@ -157,6 +160,7 @@ scrape_job_name => $scrape_job_name, scrape_job_labels => $scrape_job_labels, bin_name => $bin_name, + env_vars_sensitive => $env_vars_sensitive, env_vars => $env_vars, env_file_path => $env_file_path, proxy_server => $proxy_server, diff --git a/manifests/openldap_exporter.pp b/manifests/openldap_exporter.pp index 72babfad..37c7aa62 100644 --- a/manifests/openldap_exporter.pp +++ b/manifests/openldap_exporter.pp @@ -50,6 +50,10 @@ # Optional proxy server, with port number if needed. ie: https://example.com:8080 # @param proxy_type # Optional proxy server type (none|http|https|ftp) +# @param env_vars_sensitive +# Do not show diff in case environment variables are sensitive +# @param env_file_path +# The path to the file with the environment variable that is read from the init script/systemd unit class prometheus::openldap_exporter ( String $download_extension = '', Array[String] $extra_groups = [], @@ -81,6 +85,8 @@ Optional[String[1]] $ldap_password = undef, Optional[String[1]] $proxy_server = undef, Optional[Enum['none', 'http', 'https', 'ftp']] $proxy_type = undef, + Boolean $env_vars_sensitive = false, + Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, ) inherits prometheus { $release = "v${version}" $real_download_url = pick($download_url,"${download_url_base}/download/${release}/${package_name}-${os}") @@ -117,7 +123,9 @@ service_ensure => $service_ensure, service_enable => $service_enable, manage_service => $manage_service, + env_vars_sensitive => $env_vars_sensitive, env_vars => $env_vars, + env_file_path => $env_file_path, export_scrape_job => $export_scrape_job, scrape_host => $scrape_host, scrape_port => $scrape_port, diff --git a/manifests/php_fpm_exporter.pp b/manifests/php_fpm_exporter.pp index f395aead..9867500c 100644 --- a/manifests/php_fpm_exporter.pp +++ b/manifests/php_fpm_exporter.pp @@ -53,6 +53,12 @@ # Optional proxy server, with port number if needed. ie: https://example.com:8080 # @param proxy_type # Optional proxy server type (none|http|https|ftp) +# @param env_vars_sensitive +# Do not show diff in case environment variables are sensitive +# @param env_vars +# Hash with custom environment variables that's passed to the exporter via init script / unit file +# @param env_file_path +# The path to the file with the environment variable that is read from the init script/systemd unit class prometheus::php_fpm_exporter ( String[1] $scrape_uri = 'tcp://127.0.0.1:9000/status', String $download_extension = 'tar.gz', @@ -85,6 +91,7 @@ String[1] $scrape_job_name = 'php-fpm', Optional[Hash] $scrape_job_labels = undef, String[1] $bin_name = 'php-fpm_exporter', + Boolean $env_vars_sensitive = false, Hash[String[1], Scalar] $env_vars = {}, Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, Optional[String[1]] $proxy_server = undef, @@ -159,6 +166,7 @@ scrape_job_name => $scrape_job_name, scrape_job_labels => $scrape_job_labels, bin_name => $bin_name, + env_vars_sensitive => $env_vars_sensitive, env_vars => $env_vars, env_file_path => $env_file_path, proxy_server => $proxy_server, diff --git a/manifests/postgres_exporter.pp b/manifests/postgres_exporter.pp index 333874b9..4223593e 100644 --- a/manifests/postgres_exporter.pp +++ b/manifests/postgres_exporter.pp @@ -59,6 +59,10 @@ # Optional proxy server, with port number if needed. ie: https://example.com:8080 # @param proxy_type # Optional proxy server type (none|http|https|ftp) +# @param env_vars_sensitive +# Do not show diff in case environment variables are sensitive +# @param env_file_path +# The path to the file with the environment variable that is read from the init script/systemd unit class prometheus::postgres_exporter ( String $download_extension, Prometheus::Uri $download_url_base, @@ -95,6 +99,8 @@ Optional[Hash] $scrape_job_labels = undef, Optional[String[1]] $proxy_server = undef, Optional[Enum['none', 'http', 'https', 'ftp']] $proxy_type = undef, + Boolean $env_vars_sensitive = false, + Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, ) inherits prometheus { $release = "v${version}" @@ -169,7 +175,9 @@ install_method => $exporter_install_method, version => $version, download_extension => $download_extension, + env_vars_sensitive => $env_vars_sensitive, env_vars => $env_vars, + env_file_path => $env_file_path, os => $os, arch => $arch, bin_dir => $bin_dir, diff --git a/manifests/pushprox_client.pp b/manifests/pushprox_client.pp index 695671d8..c5dd8238 100644 --- a/manifests/pushprox_client.pp +++ b/manifests/pushprox_client.pp @@ -47,8 +47,12 @@ # User which runs the service # @param version # The binary release version +# @param env_vars_sensitive +# Do not show diff in case environment variables are sensitive # @param env_vars -# The environment variable to pass to the daemon +# Hash with custom environment variables that's passed to the exporter via init script / unit file +# @param env_file_path +# The path to the file with the environment variable that is read from the init script/systemd unit # @param proxy_server # Optional proxy server, with port number if needed. ie: https://example.com:8080 # @param proxy_type @@ -79,7 +83,9 @@ String[1] $config_mode = $prometheus::config_mode, String[1] $arch = $prometheus::real_arch, Stdlib::Absolutepath $bin_dir = $prometheus::bin_dir, + Boolean $env_vars_sensitive = false, Hash[String, Scalar] $env_vars = {}, + Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, Optional[String[1]] $proxy_server = undef, Optional[Enum['none', 'http', 'https', 'ftp']] $proxy_type = undef, ) inherits prometheus { @@ -115,7 +121,9 @@ service_ensure => $service_ensure, service_enable => $service_enable, manage_service => $manage_service, + env_vars_sensitive => $env_vars_sensitive, env_vars => $env_vars, + env_file_path => $env_file_path, proxy_server => $proxy_server, proxy_type => $proxy_type, } diff --git a/manifests/rabbitmq_exporter.pp b/manifests/rabbitmq_exporter.pp index b279decb..26298be7 100644 --- a/manifests/rabbitmq_exporter.pp +++ b/manifests/rabbitmq_exporter.pp @@ -61,9 +61,13 @@ # @param rabbit_exporters # Which exporter modules should be loaded by default # (default 'exchange,node,overview,queue') +# @param env_vars_sensitive +# Do not show diff in case environment variables are sensitive # @param extra_env_vars # Additional environment variables that should be supplied to the exporter, as a hash of key:value # (default {}) +# @param env_file_path +# The path to the file with the environment variable that is read from the init script/systemd unit # @param proxy_server # Optional proxy server, with port number if needed. ie: https://example.com:8080 # @param proxy_type @@ -99,7 +103,9 @@ Boolean $restart_on_change = true, Boolean $service_enable = true, Stdlib::Ensure::Service $service_ensure = 'running', + Boolean $env_vars_sensitive = false, Hash[String,String] $extra_env_vars = {}, + Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, Boolean $export_scrape_job = false, Optional[Stdlib::Host] $scrape_host = undef, Stdlib::Port $scrape_port = 9090, @@ -148,7 +154,9 @@ service_ensure => $service_ensure, service_enable => $service_enable, manage_service => $manage_service, + env_vars_sensitive => $env_vars_sensitive, env_vars => $real_env_vars, + env_file_path => $env_file_path, export_scrape_job => $export_scrape_job, scrape_host => $scrape_host, scrape_port => $scrape_port, diff --git a/manifests/unbound_exporter.pp b/manifests/unbound_exporter.pp index 4091afd5..e0d2d33e 100644 --- a/manifests/unbound_exporter.pp +++ b/manifests/unbound_exporter.pp @@ -51,6 +51,12 @@ # Optional proxy server, with port number if needed. ie: https://example.com:8080 # @param proxy_type # Optional proxy server type (none|http|https|ftp) +# @param env_vars_sensitive +# Do not show diff in case environment variables are sensitive +# @param env_vars +# Hash with custom environment variables that's passed to the exporter via init script / unit file +# @param env_file_path +# The path to the file with the environment variable that is read from the init script/systemd unit # # @see https://github.com/kumina/unbound_exporter # @@ -85,7 +91,9 @@ String[1] $scrape_job_name = 'unbound', Optional[Hash] $scrape_job_labels = undef, Optional[String[1]] $bin_name = undef, + Boolean $env_vars_sensitive = false, Hash $env_vars = { 'GODEBUG' => 'x509ignoreCN=0' }, + Stdlib::Absolutepath $env_file_path = $prometheus::env_file_path, Optional[String[1]] $proxy_server = undef, Optional[Enum['none', 'http', 'https', 'ftp']] $proxy_type = undef, ) inherits prometheus { @@ -123,7 +131,9 @@ scrape_job_name => $scrape_job_name, scrape_job_labels => $scrape_job_labels, bin_name => $bin_name, + env_vars_sensitive => $env_vars_sensitive, env_vars => $env_vars, + env_file_path => $env_file_path, proxy_server => $proxy_server, proxy_type => $proxy_type, }