From faa3cb6585ac61b574e10f43317095c57df6c2bd Mon Sep 17 00:00:00 2001 From: Paschalis Tsilias Date: Fri, 9 Feb 2024 17:32:35 +0200 Subject: [PATCH 01/14] Introduce remotecfg service (#6277) Signed-off-by: Paschalis Tsilias Co-authored-by: Mischa Thompson Co-authored-by: Clayton Cornell <131809008+clayton-cornell@users.noreply.github.com> --- CHANGELOG.md | 3 + cmd/internal/flowmode/cmd_run.go | 10 + .../flow/reference/config-blocks/remotecfg.md | 97 +++++ go.mod | 1 + go.sum | 2 + pkg/flow/flow_services.go | 38 ++ service/http/http_test.go | 2 + service/remotecfg/noop.go | 41 +++ service/remotecfg/remotecfg.go | 332 ++++++++++++++++++ service/remotecfg/remotecfg_test.go | 215 ++++++++++++ service/service.go | 11 + 11 files changed, 752 insertions(+) create mode 100644 docs/sources/flow/reference/config-blocks/remotecfg.md create mode 100644 service/remotecfg/noop.go create mode 100644 service/remotecfg/remotecfg.go create mode 100644 service/remotecfg/remotecfg_test.go diff --git a/CHANGELOG.md b/CHANGELOG.md index 28edf54749fb..89662ebf9695 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -27,6 +27,9 @@ Main (unreleased) - Expose track_timestamps_staleness on Prometheus scraping, to fix the issue where container metrics live for 5 minutes after the container disappears. (@ptodev) +- Introduce the `remotecfg` service that enables loading configuration from a + remote endpoint. (@tpaschalis) + ### Enhancements - Include line numbers in profiles produced by `pyrsocope.java` component. (@korniltsev) diff --git a/cmd/internal/flowmode/cmd_run.go b/cmd/internal/flowmode/cmd_run.go index 82fa10153035..2c143e3989b2 100644 --- a/cmd/internal/flowmode/cmd_run.go +++ b/cmd/internal/flowmode/cmd_run.go @@ -33,6 +33,7 @@ import ( httpservice "github.com/grafana/agent/service/http" "github.com/grafana/agent/service/labelstore" otel_service "github.com/grafana/agent/service/otel" + remotecfgservice "github.com/grafana/agent/service/remotecfg" uiservice "github.com/grafana/agent/service/ui" "github.com/grafana/ckit/advertise" "github.com/grafana/ckit/peer" @@ -243,6 +244,14 @@ func (fr *flowRun) Run(configPath string) error { EnablePProf: fr.enablePprof, }) + remoteCfgService, err := remotecfgservice.New(remotecfgservice.Options{ + Logger: log.With(l, "service", "remotecfg"), + StoragePath: fr.storagePath, + }) + if err != nil { + return fmt.Errorf("failed to create the remotecfg service: %w", err) + } + uiService := uiservice.New(uiservice.Options{ UIPrefix: fr.uiPrefix, Cluster: clusterService.Data().(cluster.Cluster), @@ -267,6 +276,7 @@ func (fr *flowRun) Run(configPath string) error { clusterService, otelService, labelService, + remoteCfgService, }, }) diff --git a/docs/sources/flow/reference/config-blocks/remotecfg.md b/docs/sources/flow/reference/config-blocks/remotecfg.md new file mode 100644 index 000000000000..209cb4648602 --- /dev/null +++ b/docs/sources/flow/reference/config-blocks/remotecfg.md @@ -0,0 +1,97 @@ +--- +aliases: +- /docs/grafana-cloud/agent/flow/reference/config-blocks/remotecfg/ +- /docs/grafana-cloud/monitor-infrastructure/agent/flow/reference/config-blocks/remotecfg/ +- /docs/grafana-cloud/monitor-infrastructure/integrations/agent/flow/reference/config-blocks/remotecfg/ +- /docs/grafana-cloud/send-data/agent/flow/reference/config-blocks/remotecfg/ +canonical: remotecfgs://grafana.com/docs/agent/latest/flow/reference/config-blocks/remotecfg/ +description: Learn about the remotecfg configuration block +menuTitle: remotecfg +title: remotecfg block +--- + +# remotecfg block + +`remotecfg` is an optional configuration block that enables {{< param "PRODUCT_NAME" >}} +to fetch and load the configuration from a remote endpoint. +`remotecfg` is specified without a label and can only be provided once per +configuration file. + +The [API definition][] for managing and fetching configuration that the +`remotecfg` block uses is available under the Apache 2.0 license. + +[API definition]: https://github.com/grafana/agent-remote-config + +## Example + +```river +remotecfg { + url = "SERVICE_URL" + basic_auth { + username = "USERNAME" + password_file = "PASSWORD_FILE" + } + + id = constants.hostname + metadata = {"cluster" = "dev", "namespace" = "otlp-dev"} + poll_frequency = "5m" +} +``` + +## Arguments + +The following arguments are supported: + +Name | Type | Description | Default | Required +-----------------|----------------------|---------------------------------------------------|-------------|--------- +`url` | `string` | The address of the API to poll for configuration. | `""` | no +`id` | `string` | A self-reported ID. | `see below` | no +`metadata` | `map(string)` | A set of self-reported metadata. | `{}` | no +`poll_frequency` | `duration` | How often to poll the API for new configuration. | `"1m"` | no + +If the `url` is not set, then the service block is a no-op. + +If not set, the self-reported `id` that the Agent uses is a randomly generated, +anonymous unique ID (UUID) that is stored as an `agent_seed.json` file in the +Agent's storage path so that it can persist across restarts. + +The `id` and `metadata` fields are used in the periodic request sent to the +remote endpoint so that the API can decide what configuration to serve. + +## Blocks + +The following blocks are supported inside the definition of `remotecfg`: + +Hierarchy | Block | Description | Required +--------- | ----- | ----------- | -------- +basic_auth | [basic_auth][] | Configure basic_auth for authenticating to the endpoint. | no +authorization | [authorization][] | Configure generic authorization to the endpoint. | no +oauth2 | [oauth2][] | Configure OAuth2 for authenticating to the endpoint. | no +oauth2 > tls_config | [tls_config][] | Configure TLS settings for connecting to the endpoint. | no +tls_config | [tls_config][] | Configure TLS settings for connecting to the endpoint. | no + +The `>` symbol indicates deeper levels of nesting. For example, +`oauth2 > tls_config` refers to a `tls_config` block defined inside +an `oauth2` block. + +[basic_auth]: #basic_auth-block +[authorization]: #authorization-block +[oauth2]: #oauth2-block +[tls_config]: #tls_config-block + +### basic_auth block + +{{< docs/shared lookup="flow/reference/components/basic-auth-block.md" source="agent" version="" >}} + +### authorization block + +{{< docs/shared lookup="flow/reference/components/authorization-block.md" source="agent" version="" >}} + +### oauth2 block + +{{< docs/shared lookup="flow/reference/components/oauth2-block.md" source="agent" version="" >}} + +### tls_config block + +{{< docs/shared lookup="flow/reference/components/tls-config-block.md" source="agent" version="" >}} + diff --git a/go.mod b/go.mod index c9800748482b..c0c9bbbbc498 100644 --- a/go.mod +++ b/go.mod @@ -608,6 +608,7 @@ require github.com/ianlancetaylor/demangle v0.0.0-20230524184225-eabc099b10ab require ( connectrpc.com/connect v1.14.0 github.com/githubexporter/github-exporter v0.0.0-20231025122338-656e7dc33fe7 + github.com/grafana/agent-remote-config v0.0.2 github.com/grafana/jfr-parser/pprof v0.0.0-20240126072739-986e71dc0361 github.com/natefinch/atomic v1.0.1 github.com/open-telemetry/opentelemetry-collector-contrib/exporter/prometheusremotewriteexporter v0.87.0 diff --git a/go.sum b/go.sum index 6710608f0f42..051dd158c864 100644 --- a/go.sum +++ b/go.sum @@ -1044,6 +1044,8 @@ github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/ad github.com/gosnmp/gosnmp v1.36.0 h1:1Si+MImHcKIqFc3/kJEs2LOULP1nlFKlzPFyrMOk5Qk= github.com/gosnmp/gosnmp v1.36.0/go.mod h1:iLcZxN2MxKhH0jPQDVMZaSNypw1ykqVi27O79koQj6w= github.com/gotestyourself/gotestyourself v2.2.0+incompatible/go.mod h1:zZKM6oeNM8k+FRljX1mnzVYeS8wiGgQyvST1/GafPbY= +github.com/grafana/agent-remote-config v0.0.2 h1:s3FKgVzfY5Ij+xG0wVKgVvtDrh/Bz0ZvB3D5MM7LJxU= +github.com/grafana/agent-remote-config v0.0.2/go.mod h1:amyG3pVNXKcMo+kNN46yhnAXAz/m/9Ew9MRf53n7XBg= github.com/grafana/cadvisor v0.0.0-20231110094609-5f7917925dea h1:Q5f5/nJJ0SbusZjA6F6XkJuHDbl2/PqdTGw6wHsuccA= github.com/grafana/cadvisor v0.0.0-20231110094609-5f7917925dea/go.mod h1:XjiOCFjmxXIWwauV5p39Mr2Yxlpyk72uKQH1UZvd4fQ= github.com/grafana/ckit v0.0.0-20230906125525-c046c99a5c04 h1:tG8Qxq4dN1WqakMmsPaxaH4+OQhYg5HVsarw5acLBX8= diff --git a/pkg/flow/flow_services.go b/pkg/flow/flow_services.go index 46a1c3526128..a1002d29a21a 100644 --- a/pkg/flow/flow_services.go +++ b/pkg/flow/flow_services.go @@ -1,8 +1,11 @@ package flow import ( + "context" + "github.com/grafana/agent/pkg/flow/internal/controller" "github.com/grafana/agent/pkg/flow/internal/dag" + "github.com/grafana/agent/pkg/flow/internal/worker" "github.com/grafana/agent/service" ) @@ -52,3 +55,38 @@ func serviceConsumersForGraph(graph *dag.Graph, serviceName string, includePeerS return consumers } + +// NewController returns a new, unstarted, isolated Flow controller so that +// services can instantiate their own components. +func (f *Flow) NewController(id string) service.Controller { + return serviceController{ + f: newController(controllerOptions{ + Options: Options{ + ControllerID: id, + Logger: f.opts.Logger, + Tracer: f.opts.Tracer, + DataPath: f.opts.DataPath, + Reg: f.opts.Reg, + Services: f.opts.Services, + OnExportsChange: nil, // NOTE(@tpaschalis, @wildum) The isolated controller shouldn't be able to export any values. + }, + IsModule: true, + ModuleRegistry: newModuleRegistry(), + WorkerPool: worker.NewDefaultWorkerPool(), + }), + } +} + +type serviceController struct { + f *Flow +} + +func (sc serviceController) Run(ctx context.Context) { sc.f.Run(ctx) } +func (sc serviceController) LoadSource(b []byte, args map[string]any) error { + source, err := ParseSource("", b) + if err != nil { + return err + } + return sc.f.LoadSource(source, args) +} +func (sc serviceController) Ready() bool { return sc.f.Ready() } diff --git a/service/http/http_test.go b/service/http/http_test.go index 660e0deee43a..649af93c05b6 100644 --- a/service/http/http_test.go +++ b/service/http/http_test.go @@ -215,3 +215,5 @@ func (fakeHost) ListComponents(moduleID string, opts component.InfoOptions) ([]* } func (fakeHost) GetServiceConsumers(serviceName string) []service.Consumer { return nil } + +func (fakeHost) NewController(id string) service.Controller { return nil } diff --git a/service/remotecfg/noop.go b/service/remotecfg/noop.go new file mode 100644 index 000000000000..493c3b69b762 --- /dev/null +++ b/service/remotecfg/noop.go @@ -0,0 +1,41 @@ +package remotecfg + +import ( + "context" + "errors" + + "connectrpc.com/connect" + agentv1 "github.com/grafana/agent-remote-config/api/gen/proto/go/agent/v1" +) + +type noopClient struct{} + +// GetConfig returns the agent's configuration. +func (c noopClient) GetConfig(context.Context, *connect.Request[agentv1.GetConfigRequest]) (*connect.Response[agentv1.GetConfigResponse], error) { + return nil, errors.New("noop client") +} + +// GetAgent returns information about the agent. +func (c noopClient) GetAgent(context.Context, *connect.Request[agentv1.GetAgentRequest]) (*connect.Response[agentv1.Agent], error) { + return nil, errors.New("noop client") +} + +// ListAgents returns information about all agents. +func (c noopClient) ListAgents(context.Context, *connect.Request[agentv1.ListAgentsRequest]) (*connect.Response[agentv1.Agents], error) { + return nil, errors.New("noop client") +} + +// CreateAgent registers a new agent. +func (c noopClient) CreateAgent(context.Context, *connect.Request[agentv1.CreateAgentRequest]) (*connect.Response[agentv1.Agent], error) { + return nil, errors.New("noop client") +} + +// UpdateAgent updates an existing agent. +func (c noopClient) UpdateAgent(context.Context, *connect.Request[agentv1.UpdateAgentRequest]) (*connect.Response[agentv1.Agent], error) { + return nil, errors.New("noop client") +} + +// DeleteAgent deletes an existing agent. +func (c noopClient) DeleteAgent(context.Context, *connect.Request[agentv1.DeleteAgentRequest]) (*connect.Response[agentv1.DeleteAgentResponse], error) { + return nil, errors.New("noop client") +} diff --git a/service/remotecfg/remotecfg.go b/service/remotecfg/remotecfg.go new file mode 100644 index 000000000000..528a229f7e3e --- /dev/null +++ b/service/remotecfg/remotecfg.go @@ -0,0 +1,332 @@ +package remotecfg + +import ( + "context" + "fmt" + "hash/fnv" + "math" + "os" + "path/filepath" + "reflect" + "sync" + "time" + + "connectrpc.com/connect" + "github.com/go-kit/log" + agentv1 "github.com/grafana/agent-remote-config/api/gen/proto/go/agent/v1" + "github.com/grafana/agent-remote-config/api/gen/proto/go/agent/v1/agentv1connect" + "github.com/grafana/agent/component/common/config" + "github.com/grafana/agent/internal/agentseed" + "github.com/grafana/agent/pkg/flow/logging/level" + "github.com/grafana/agent/service" + "github.com/grafana/river" + commonconfig "github.com/prometheus/common/config" +) + +func getHash(in []byte) string { + fnvHash := fnv.New32() + fnvHash.Write(in) + return fmt.Sprintf("%x", fnvHash.Sum(nil)) +} + +// Service implements a service for remote configuration. +// The default value of ch is nil; this means it will block forever if the +// remotecfg service is not configured. In addition, we're keeping track of +// the ticker so we can avoid leaking goroutines. +// The datapath field is where the service looks for the local cache location. +// It is defined as a hash of the Arguments field. +type Service struct { + opts Options + args Arguments + + ctrl service.Controller + + mut sync.RWMutex + asClient agentv1connect.AgentServiceClient + ch <-chan time.Time + ticker *time.Ticker + dataPath string + currentConfigHash string +} + +// ServiceName defines the name used for the remotecfg service. +const ServiceName = "remotecfg" + +// Options are used to configure the remotecfg service. Options are +// constant for the lifetime of the remotecfg service. +type Options struct { + Logger log.Logger // Where to send logs. + StoragePath string // Where to cache configuration on-disk. +} + +// Arguments holds runtime settings for the remotecfg service. +type Arguments struct { + URL string `river:"url,attr,optional"` + ID string `river:"id,attr,optional"` + Metadata map[string]string `river:"metadata,attr,optional"` + PollFrequency time.Duration `river:"poll_frequency,attr,optional"` + HTTPClientConfig *config.HTTPClientConfig `river:",squash"` +} + +// GetDefaultArguments populates the default values for the Arguments struct. +func GetDefaultArguments() Arguments { + return Arguments{ + ID: agentseed.Get().UID, + Metadata: make(map[string]string), + PollFrequency: 1 * time.Minute, + HTTPClientConfig: config.CloneDefaultHTTPClientConfig(), + } +} + +// SetToDefault implements river.Defaulter. +func (a *Arguments) SetToDefault() { + *a = GetDefaultArguments() +} + +// Validate implements river.Validator. +func (a *Arguments) Validate() error { + // We must explicitly Validate because HTTPClientConfig is squashed and it + // won't run otherwise + if a.HTTPClientConfig != nil { + return a.HTTPClientConfig.Validate() + } + + return nil +} + +// Hash marshals the Arguments and returns a hash representation. +func (a *Arguments) Hash() (string, error) { + b, err := river.Marshal(a) + if err != nil { + return "", fmt.Errorf("failed to marshal arguments: %w", err) + } + return getHash(b), nil +} + +// New returns a new instance of the remotecfg service. +func New(opts Options) (*Service, error) { + basePath := filepath.Join(opts.StoragePath, ServiceName) + err := os.MkdirAll(basePath, 0750) + if err != nil { + return nil, err + } + + return &Service{ + opts: opts, + ticker: time.NewTicker(math.MaxInt64), + }, nil +} + +// Data is a no-op for the remotecfg service. +func (s *Service) Data() any { + return nil +} + +// Definition returns the definition of the remotecfg service. +func (s *Service) Definition() service.Definition { + return service.Definition{ + Name: ServiceName, + ConfigType: Arguments{}, + DependsOn: nil, // remotecfg has no dependencies. + } +} + +var _ service.Service = (*Service)(nil) + +// Run implements [service.Service] and starts the remotecfg service. It will +// run until the provided context is canceled or there is a fatal error. +func (s *Service) Run(ctx context.Context, host service.Host) error { + s.ctrl = host.NewController(ServiceName) + + s.fetch() + + // Run the service's own controller. + go func() { + s.ctrl.Run(ctx) + }() + + for { + select { + case <-s.ch: + err := s.fetchRemote() + if err != nil { + level.Error(s.opts.Logger).Log("msg", "failed to fetch remote configuration from the API", "err", err) + } + case <-ctx.Done(): + s.ticker.Stop() + return nil + } + } +} + +// Update implements [service.Service] and applies settings. +func (s *Service) Update(newConfig any) error { + newArgs := newConfig.(Arguments) + + // We either never set the block on the first place, or recently removed + // it. Make sure we stop everything gracefully before returning. + if newArgs.URL == "" { + s.mut.Lock() + s.ch = nil + s.ticker.Reset(math.MaxInt64) + s.asClient = noopClient{} + s.args.HTTPClientConfig = config.CloneDefaultHTTPClientConfig() + s.mut.Unlock() + + s.setCfgHash("") + return nil + } + + s.mut.Lock() + hash, err := newArgs.Hash() + if err != nil { + return err + } + s.dataPath = filepath.Join(s.opts.StoragePath, ServiceName, hash) + s.ticker.Reset(newArgs.PollFrequency) + s.ch = s.ticker.C + // Update the HTTP client last since it might fail. + if !reflect.DeepEqual(s.args.HTTPClientConfig, newArgs.HTTPClientConfig) { + httpClient, err := commonconfig.NewClientFromConfig(*newArgs.HTTPClientConfig.Convert(), "remoteconfig") + if err != nil { + return err + } + s.asClient = agentv1connect.NewAgentServiceClient( + httpClient, + newArgs.URL, + ) + } + s.args = newArgs // Update the args as the last step to avoid polluting any comparisons + s.mut.Unlock() + + // If we've already called Run, then immediately trigger an API call with + // the updated Arguments, and/or fall back to the updated cache location. + if s.ctrl != nil && s.ctrl.Ready() { + s.fetch() + } + + return nil +} + +// fetch attempts to read configuration from the API and the local cache +// and then parse/load their contents in order of preference. +func (s *Service) fetch() { + if err := s.fetchRemote(); err != nil { + s.fetchLocal() + } +} +func (s *Service) fetchRemote() error { + if !s.isEnabled() { + return nil + } + + b, err := s.getAPIConfig() + if err != nil { + return err + } + + // API return the same configuration, no need to reload. + newConfigHash := getHash(b) + if s.getCfgHash() == newConfigHash { + level.Debug(s.opts.Logger).Log("msg", "skipping over API response since it contained the same hash") + return nil + } + + err = s.parseAndLoad(b) + if err != nil { + return err + } + + // If successful, flush to disk and keep a copy. + s.setCachedConfig(b) + s.setCfgHash(newConfigHash) + return nil +} + +func (s *Service) fetchLocal() { + b, err := s.getCachedConfig() + if err != nil { + level.Error(s.opts.Logger).Log("msg", "failed to read from cache", "err", err) + return + } + + err = s.parseAndLoad(b) + if err != nil { + level.Error(s.opts.Logger).Log("msg", "failed to load from cache", "err", err) + } +} + +func (s *Service) getAPIConfig() ([]byte, error) { + s.mut.RLock() + req := connect.NewRequest(&agentv1.GetConfigRequest{ + Id: s.args.ID, + Metadata: s.args.Metadata, + }) + client := s.asClient + s.mut.RUnlock() + + gcr, err := client.GetConfig(context.Background(), req) + if err != nil { + return nil, err + } + + return []byte(gcr.Msg.GetContent()), nil +} + +func (s *Service) getCachedConfig() ([]byte, error) { + s.mut.RLock() + p := s.dataPath + s.mut.RUnlock() + + return os.ReadFile(p) +} + +func (s *Service) setCachedConfig(b []byte) { + s.mut.RLock() + p := s.dataPath + s.mut.RUnlock() + + err := os.WriteFile(p, b, 0750) + if err != nil { + level.Error(s.opts.Logger).Log("msg", "failed to flush remote configuration contents the on-disk cache", "err", err) + } +} + +func (s *Service) parseAndLoad(b []byte) error { + s.mut.RLock() + ctrl := s.ctrl + s.mut.RUnlock() + + if len(b) == 0 { + return nil + } + + err := ctrl.LoadSource(b, nil) + if err != nil { + return err + } + + s.setCfgHash(getHash(b)) + return nil +} + +func (s *Service) getCfgHash() string { + s.mut.RLock() + defer s.mut.RUnlock() + + return s.currentConfigHash +} + +func (s *Service) setCfgHash(h string) { + s.mut.Lock() + defer s.mut.Unlock() + + s.currentConfigHash = h +} + +func (s *Service) isEnabled() bool { + s.mut.RLock() + defer s.mut.RUnlock() + + return s.args.URL != "" && s.asClient != nil +} diff --git a/service/remotecfg/remotecfg_test.go b/service/remotecfg/remotecfg_test.go new file mode 100644 index 000000000000..90313ee6866e --- /dev/null +++ b/service/remotecfg/remotecfg_test.go @@ -0,0 +1,215 @@ +package remotecfg + +import ( + "context" + "fmt" + "io" + "os" + "testing" + "time" + + "connectrpc.com/connect" + agentv1 "github.com/grafana/agent-remote-config/api/gen/proto/go/agent/v1" + "github.com/grafana/agent/component" + _ "github.com/grafana/agent/component/loki/process" + "github.com/grafana/agent/pkg/flow" + "github.com/grafana/agent/pkg/flow/componenttest" + "github.com/grafana/agent/pkg/flow/logging" + "github.com/grafana/agent/pkg/util" + "github.com/grafana/agent/service" + "github.com/grafana/river" + "github.com/prometheus/client_golang/prometheus" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestOnDiskCache(t *testing.T) { + ctx := componenttest.TestContext(t) + url := "https://example.com/" + + // The contents of the on-disk cache. + cacheContents := `loki.process "default" { forward_to = [] }` + cacheHash := getHash([]byte(cacheContents)) + + // Create a new service. + env := newTestEnvironment(t) + require.NoError(t, env.ApplyConfig(fmt.Sprintf(` + url = "%s" + `, url))) + + client := &agentClient{} + env.svc.asClient = client + + // Mock client to return an unparseable response. + client.getConfigFunc = buildGetConfigHandler("unparseable river config") + + // Write the cache contents, and run the service. + err := os.WriteFile(env.svc.dataPath, []byte(cacheContents), 0644) + require.NoError(t, err) + + go func() { + require.NoError(t, env.Run(ctx)) + }() + + // As the API response was unparseable, verify that the service has loaded + // the on-disk cache contents. + require.EventuallyWithT(t, func(c *assert.CollectT) { + assert.Equal(c, cacheHash, env.svc.getCfgHash()) + }, time.Second, 10*time.Millisecond) +} + +func TestAPIResponse(t *testing.T) { + ctx := componenttest.TestContext(t) + url := "https://example.com/" + cfg1 := `loki.process "default" { forward_to = [] }` + cfg2 := `loki.process "updated" { forward_to = [] }` + + // Create a new service. + env := newTestEnvironment(t) + require.NoError(t, env.ApplyConfig(fmt.Sprintf(` + url = "%s" + poll_frequency = "10ms" + `, url))) + + client := &agentClient{} + env.svc.asClient = client + + // Mock client to return a valid response. + client.getConfigFunc = buildGetConfigHandler(cfg1) + + // Run the service. + go func() { + require.NoError(t, env.Run(ctx)) + }() + + // As the API response was successful, verify that the service has loaded + // the valid response. + require.EventuallyWithT(t, func(c *assert.CollectT) { + assert.Equal(c, getHash([]byte(cfg1)), env.svc.getCfgHash()) + }, time.Second, 10*time.Millisecond) + + // Update the response returned by the API. + env.svc.mut.Lock() + client.getConfigFunc = buildGetConfigHandler(cfg2) + env.svc.mut.Unlock() + + // Verify that the service has loaded the updated response. + require.EventuallyWithT(t, func(c *assert.CollectT) { + assert.Equal(c, getHash([]byte(cfg2)), env.svc.getCfgHash()) + }, time.Second, 10*time.Millisecond) +} + +func buildGetConfigHandler(in string) func(context.Context, *connect.Request[agentv1.GetConfigRequest]) (*connect.Response[agentv1.GetConfigResponse], error) { + return func(context.Context, *connect.Request[agentv1.GetConfigRequest]) (*connect.Response[agentv1.GetConfigResponse], error) { + rsp := &connect.Response[agentv1.GetConfigResponse]{ + Msg: &agentv1.GetConfigResponse{ + Content: in, + }, + } + return rsp, nil + } +} + +type testEnvironment struct { + t *testing.T + svc *Service +} + +func newTestEnvironment(t *testing.T) *testEnvironment { + svc, err := New(Options{ + Logger: util.TestLogger(t), + StoragePath: t.TempDir(), + }) + svc.asClient = nil + require.NoError(t, err) + + return &testEnvironment{ + t: t, + svc: svc, + } +} + +func (env *testEnvironment) ApplyConfig(config string) error { + var args Arguments + if err := river.Unmarshal([]byte(config), &args); err != nil { + return err + } + return env.svc.Update(args) +} + +func (env *testEnvironment) Run(ctx context.Context) error { + return env.svc.Run(ctx, fakeHost{}) +} + +type fakeHost struct{} + +var _ service.Host = (fakeHost{}) + +func (fakeHost) GetComponent(id component.ID, opts component.InfoOptions) (*component.Info, error) { + return nil, fmt.Errorf("no such component %s", id) +} + +func (fakeHost) ListComponents(moduleID string, opts component.InfoOptions) ([]*component.Info, error) { + if moduleID == "" { + return nil, nil + } + return nil, fmt.Errorf("no such module %q", moduleID) +} + +func (fakeHost) GetServiceConsumers(serviceName string) []service.Consumer { return nil } + +func (f fakeHost) NewController(id string) service.Controller { + logger, _ := logging.New(io.Discard, logging.DefaultOptions) + ctrl := flow.New(flow.Options{ + ControllerID: ServiceName, + Logger: logger, + Tracer: nil, + DataPath: "", + Reg: prometheus.NewRegistry(), + OnExportsChange: func(map[string]interface{}) {}, + Services: []service.Service{}, + }) + + return serviceController{ctrl} +} + +type agentClient struct { + getConfigFunc func(context.Context, *connect.Request[agentv1.GetConfigRequest]) (*connect.Response[agentv1.GetConfigResponse], error) +} + +func (ag agentClient) GetConfig(ctx context.Context, req *connect.Request[agentv1.GetConfigRequest]) (*connect.Response[agentv1.GetConfigResponse], error) { + if ag.getConfigFunc != nil { + return ag.getConfigFunc(ctx, req) + } + + panic("getConfigFunc not set") +} +func (ag agentClient) GetAgent(context.Context, *connect.Request[agentv1.GetAgentRequest]) (*connect.Response[agentv1.Agent], error) { + return nil, nil +} +func (ag agentClient) CreateAgent(context.Context, *connect.Request[agentv1.CreateAgentRequest]) (*connect.Response[agentv1.Agent], error) { + return nil, nil +} +func (ag agentClient) UpdateAgent(context.Context, *connect.Request[agentv1.UpdateAgentRequest]) (*connect.Response[agentv1.Agent], error) { + return nil, nil +} +func (ag agentClient) DeleteAgent(context.Context, *connect.Request[agentv1.DeleteAgentRequest]) (*connect.Response[agentv1.DeleteAgentResponse], error) { + return nil, nil +} +func (ag agentClient) ListAgents(context.Context, *connect.Request[agentv1.ListAgentsRequest]) (*connect.Response[agentv1.Agents], error) { + return nil, nil +} + +type serviceController struct { + f *flow.Flow +} + +func (sc serviceController) Run(ctx context.Context) { sc.f.Run(ctx) } +func (sc serviceController) LoadSource(b []byte, args map[string]any) error { + source, err := flow.ParseSource("", b) + if err != nil { + return err + } + return sc.f.LoadSource(source, args) +} +func (sc serviceController) Ready() bool { return sc.f.Ready() } diff --git a/service/service.go b/service/service.go index 564bb23b86b9..abbb6e21ac40 100644 --- a/service/service.go +++ b/service/service.go @@ -54,6 +54,17 @@ type Host interface { // GetServiceConsumers gets the list of services which depend on a service by // name. GetServiceConsumers(serviceName string) []Consumer + + // NewController returns an unstarted, isolated Controller that a Service + // can use to instantiate its own components. + NewController(id string) Controller +} + +// Controller is implemented by flow.Flow. +type Controller interface { + Run(ctx context.Context) + LoadSource(source []byte, args map[string]any) error + Ready() bool } type Consumer struct { From 47ce94bf9bc460f4bf56db52a128462f5bc766ec Mon Sep 17 00:00:00 2001 From: Erik Baranowski <39704712+erikbaranowski@users.noreply.github.com> Date: Fri, 9 Feb 2024 11:15:31 -0500 Subject: [PATCH 02/14] wire up all prometheus proxy config settings for flow and the converters (#6306) * wire up all prometheus proxy config settings for flow and the converters Signed-off-by: erikbaranowski <39704712+erikbaranowski@users.noreply.github.com> * document new proxy client configs and fix a few undocumented args Signed-off-by: erikbaranowski <39704712+erikbaranowski@users.noreply.github.com> * document places where http client config was used for args but undocumented. Signed-off-by: erikbaranowski <39704712+erikbaranowski@users.noreply.github.com> * wire in proxy config for oauth2 and document refactor http client config validation Signed-off-by: erikbaranowski <39704712+erikbaranowski@users.noreply.github.com> --------- Signed-off-by: erikbaranowski <39704712+erikbaranowski@users.noreply.github.com> --- CHANGELOG.md | 3 + component/common/config/types.go | 220 +++++++++++++----- component/common/config/types_test.go | 2 +- component/discovery/aws/ec2_test.go | 6 +- component/discovery/azure/azure.go | 17 +- component/discovery/azure/azure_test.go | 14 +- component/discovery/consul/consul_test.go | 9 +- .../discovery/digitalocean/digitalocean.go | 10 +- .../digitalocean/digitalocean_test.go | 8 +- component/discovery/docker/docker_test.go | 2 +- component/discovery/kubelet/kubelet_test.go | 2 +- .../discovery/kubernetes/kubernetes_test.go | 2 +- component/discovery/linode/linode_test.go | 10 + component/discovery/nomad/nomad_test.go | 2 +- component/discovery/scaleway/scaleway.go | 16 +- component/discovery/uyuni/uyuni.go | 32 +-- .../loki/source/kubernetes/kubernetes_test.go | 2 +- component/loki/source/podlogs/podlogs_test.go | 2 +- component/loki/write/write_test.go | 2 +- .../mimir/rules/kubernetes/rules_test.go | 2 +- .../prometheus/remotewrite/types_test.go | 2 +- component/prometheus/scrape/scrape_test.go | 2 +- component/pyroscope/scrape/scrape_test.go | 2 +- component/pyroscope/write/write_test.go | 2 +- .../internal/common/http_client_config.go | 54 ++++- converter/internal/common/river_utils.go | 9 + .../prometheusconvert/component/azure.go | 3 +- .../component/digitalocean.go | 3 +- .../prometheusconvert/component/scaleway.go | 3 +- .../testdata/digitalocean.diags | 4 +- .../testdata/digitalocean.river | 12 +- .../testdata/digitalocean.yaml | 3 + .../prometheusconvert/testdata/http.river | 19 +- .../prometheusconvert/testdata/http.yaml | 6 + .../testdata/unsupported.diags | 2 - .../testdata/unsupported.river | 1 - .../testdata/unsupported.yaml | 3 - .../promtailconvert/testdata/kubernetes.diags | 1 - .../promtailconvert/testdata/kubernetes.river | 1 + .../reference/components/discovery.azure.md | 23 +- .../reference/components/discovery.consul.md | 23 +- .../components/discovery.digitalocean.md | 23 +- .../reference/components/discovery.docker.md | 31 +-- .../components/discovery.dockerswarm.md | 34 ++- .../reference/components/discovery.ec2.md | 39 ++-- .../reference/components/discovery.eureka.md | 27 ++- .../reference/components/discovery.hetzner.md | 27 ++- .../reference/components/discovery.http.md | 27 ++- .../reference/components/discovery.ionos.md | 29 ++- .../reference/components/discovery.kubelet.md | 53 ++++- .../components/discovery.kubernetes.md | 29 ++- .../reference/components/discovery.kuma.md | 29 ++- .../components/discovery.lightsail.md | 58 ++++- .../reference/components/discovery.linode.md | 39 ++-- .../components/discovery.marathon.md | 32 ++- .../reference/components/discovery.nomad.md | 35 +-- .../components/discovery.puppetdb.md | 33 +-- .../components/discovery.scaleway.md | 7 +- .../reference/components/discovery.uyuni.md | 28 ++- .../components/loki.source.kubernetes.md | 27 ++- .../loki.source.kubernetes_events.md | 27 ++- .../components/loki.source.podlogs.md | 26 ++- .../flow/reference/components/loki.write.md | 45 ++-- .../components/mimir.rules.kubernetes.md | 35 +-- .../prometheus.operator.podmonitors.md | 26 ++- .../components/prometheus.operator.probes.md | 26 ++- .../prometheus.operator.servicemonitors.md | 26 ++- .../components/prometheus.remote_write.md | 19 +- .../reference/components/prometheus.scrape.md | 19 +- .../reference/components/pyroscope.scrape.md | 13 +- .../reference/components/pyroscope.write.md | 48 ++-- .../components/remote.kubernetes.configmap.md | 22 +- .../components/remote.kubernetes.secret.md | 22 +- .../components/http-client-config-block.md | 19 +- .../http-client-proxy-config-description.md | 23 ++ .../flow/reference/components/oauth2-block.md | 23 +- 76 files changed, 1036 insertions(+), 531 deletions(-) delete mode 100644 converter/internal/promtailconvert/testdata/kubernetes.diags create mode 100644 docs/sources/shared/flow/reference/components/http-client-proxy-config-description.md diff --git a/CHANGELOG.md b/CHANGELOG.md index 89662ebf9695..d4bd1a066fd2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -58,6 +58,9 @@ Main (unreleased) - Mutex and block pprofs are now available via the pprof endpoint. (@mattdurham) +- Added additional http client proxy configurations to components for + `no_proxy`, `proxy_from_environment`, and `proxy_connect_header`. (@erikbaranowski) + ### Bugfixes - Fix an issue in `remote.s3` where the exported content of an object would be an empty string if `remote.s3` failed to fully retrieve diff --git a/component/common/config/types.go b/component/common/config/types.go index 0062f6a63ac1..5ed0d2e8ae13 100644 --- a/component/common/config/types.go +++ b/component/common/config/types.go @@ -20,7 +20,7 @@ type HTTPClientConfig struct { OAuth2 *OAuth2Config `river:"oauth2,block,optional"` BearerToken rivertypes.Secret `river:"bearer_token,attr,optional"` BearerTokenFile string `river:"bearer_token_file,attr,optional"` - ProxyURL URL `river:"proxy_url,attr,optional"` + ProxyConfig *ProxyConfig `river:",squash"` TLSConfig TLSConfig `river:"tls_config,block,optional"` FollowRedirects bool `river:"follow_redirects,attr,optional"` EnableHTTP2 bool `river:"enable_http2,attr,optional"` @@ -33,63 +33,46 @@ func (h *HTTPClientConfig) SetToDefault() { // Validate returns an error if h is invalid. func (h *HTTPClientConfig) Validate() error { - // Backwards compatibility with the bearer_token field. - if len(h.BearerToken) > 0 && len(h.BearerTokenFile) > 0 { - return fmt.Errorf("at most one of bearer_token & bearer_token_file must be configured") - } - if (h.BasicAuth != nil || h.OAuth2 != nil) && (len(h.BearerToken) > 0 || len(h.BearerTokenFile) > 0) { - return fmt.Errorf("at most one of basic_auth, oauth2, bearer_token & bearer_token_file must be configured") + if h == nil { + return nil } - if h.BasicAuth != nil && (string(h.BasicAuth.Password) != "" && h.BasicAuth.PasswordFile != "") { - return fmt.Errorf("at most one of basic_auth password & password_file must be configured") + + authCount := 0 + if h.BasicAuth != nil { + authCount++ } if h.Authorization != nil { - if len(h.BearerToken) > 0 || len(h.BearerTokenFile) > 0 { - return fmt.Errorf("authorization is not compatible with bearer_token & bearer_token_file") - } - if string(h.Authorization.Credentials) != "" && h.Authorization.CredentialsFile != "" { - return fmt.Errorf("at most one of authorization credentials & credentials_file must be configured") - } - h.Authorization.Type = strings.TrimSpace(h.Authorization.Type) - if len(h.Authorization.Type) == 0 { - h.Authorization.Type = bearerAuth - } - if strings.ToLower(h.Authorization.Type) == "basic" { - return fmt.Errorf(`authorization type cannot be set to "basic", use "basic_auth" instead`) - } - if h.BasicAuth != nil || h.OAuth2 != nil { - return fmt.Errorf("at most one of basic_auth, oauth2 & authorization must be configured") - } - } else { - if len(h.BearerToken) > 0 { - h.Authorization = &Authorization{Credentials: h.BearerToken} - h.Authorization.Type = bearerAuth - h.BearerToken = "" - } - if len(h.BearerTokenFile) > 0 { - h.Authorization = &Authorization{CredentialsFile: h.BearerTokenFile} - h.Authorization.Type = bearerAuth - h.BearerTokenFile = "" - } + authCount++ } if h.OAuth2 != nil { - if h.BasicAuth != nil { - return fmt.Errorf("at most one of basic_auth, oauth2 & authorization must be configured") - } - if len(h.OAuth2.ClientID) == 0 { - return fmt.Errorf("oauth2 client_id must be configured") - } - if len(h.OAuth2.ClientSecret) == 0 && len(h.OAuth2.ClientSecretFile) == 0 { - return fmt.Errorf("either oauth2 client_secret or client_secret_file must be configured") - } - if len(h.OAuth2.TokenURL) == 0 { - return fmt.Errorf("oauth2 token_url must be configured") - } - if len(h.OAuth2.ClientSecret) > 0 && len(h.OAuth2.ClientSecretFile) > 0 { - return fmt.Errorf("at most one of oauth2 client_secret & client_secret_file must be configured") - } + authCount++ } - return nil + if len(h.BearerToken) > 0 { + authCount++ + } + if len(h.BearerTokenFile) > 0 { + authCount++ + } + + if authCount > 1 { + return fmt.Errorf("at most one of basic_auth, authorization, oauth2, bearer_token & bearer_token_file must be configured") + } + + // TODO: Validate should not be modifying the object + if len(h.BearerToken) > 0 { + h.Authorization = &Authorization{Credentials: h.BearerToken} + h.Authorization.Type = bearerAuth + h.BearerToken = "" + } + + // TODO: Validate should not be modifying the object + if len(h.BearerTokenFile) > 0 { + h.Authorization = &Authorization{CredentialsFile: h.BearerTokenFile} + h.Authorization.Type = bearerAuth + h.BearerTokenFile = "" + } + + return h.ProxyConfig.Validate() } // Convert converts HTTPClientConfig to the native Prometheus type. If h is @@ -108,9 +91,7 @@ func (h *HTTPClientConfig) Convert() *config.HTTPClientConfig { TLSConfig: *h.TLSConfig.Convert(), FollowRedirects: h.FollowRedirects, EnableHTTP2: h.EnableHTTP2, - ProxyConfig: config.ProxyConfig{ - ProxyURL: h.ProxyURL.Convert(), - }, + ProxyConfig: h.ProxyConfig.Convert(), } } @@ -145,6 +126,59 @@ func (b *BasicAuth) Convert() *config.BasicAuth { } } +func (b *BasicAuth) Validate() error { + if b == nil { + return nil + } + + if string(b.Password) != "" && b.PasswordFile != "" { + return fmt.Errorf("at most one of basic_auth password & password_file must be configured") + } + + return nil +} + +type ProxyConfig struct { + ProxyURL URL `river:"proxy_url,attr,optional"` + NoProxy string `river:"no_proxy,attr,optional"` + ProxyFromEnvironment bool `river:"proxy_from_environment,attr,optional"` + ProxyConnectHeader Header `river:",squash"` +} + +func (p *ProxyConfig) Convert() config.ProxyConfig { + if p == nil { + return config.ProxyConfig{} + } + + return config.ProxyConfig{ + ProxyURL: p.ProxyURL.Convert(), + NoProxy: p.NoProxy, + ProxyFromEnvironment: p.ProxyFromEnvironment, + ProxyConnectHeader: p.ProxyConnectHeader.Convert(), + } +} + +func (p *ProxyConfig) Validate() error { + if p == nil { + return nil + } + + if len(p.ProxyConnectHeader.Header) > 0 && (!p.ProxyFromEnvironment && (p.ProxyURL.URL == nil || p.ProxyURL.String() == "")) { + return fmt.Errorf("if proxy_connect_header is configured, proxy_url or proxy_from_environment must also be configured") + } + if p.ProxyFromEnvironment && p.ProxyURL.URL != nil && p.ProxyURL.String() != "" { + return fmt.Errorf("if proxy_from_environment is configured, proxy_url must not be configured") + } + if p.ProxyFromEnvironment && p.NoProxy != "" { + return fmt.Errorf("if proxy_from_environment is configured, no_proxy must not be configured") + } + if p.ProxyURL.URL == nil && p.NoProxy != "" { + return fmt.Errorf("if no_proxy is configured, proxy_url must also be configured") + } + + return nil +} + // URL mirrors config.URL type URL struct { *url.URL @@ -173,10 +207,35 @@ func (u *URL) UnmarshalText(text []byte) error { } // Convert converts our type to the native prometheus type -func (u URL) Convert() config.URL { +func (u *URL) Convert() config.URL { + if u == nil { + return config.URL{URL: nil} + } return config.URL{URL: u.URL} } +type Header struct { + Header map[string][]rivertypes.Secret `river:"proxy_connect_header,attr,optional"` +} + +func (h *Header) Convert() config.Header { + if h == nil { + return nil + } + header := make(config.Header) + for name, values := range h.Header { + var s []config.Secret + if values != nil { + s = make([]config.Secret, 0, len(values)) + for _, value := range values { + s = append(s, config.Secret(value)) + } + } + header[name] = s + } + return header +} + // Authorization sets up HTTP authorization credentials. type Authorization struct { Type string `river:"type,attr,optional"` @@ -196,6 +255,28 @@ func (a *Authorization) Convert() *config.Authorization { } } +func (a *Authorization) Validate() error { + if a == nil { + return nil + } + + if string(a.Credentials) != "" && a.CredentialsFile != "" { + return fmt.Errorf("at most one of authorization credentials & credentials_file must be configured") + } + + // TODO: Validate should not be modifying the object + a.Type = strings.TrimSpace(a.Type) + if len(a.Type) == 0 { + a.Type = bearerAuth + } + + if strings.ToLower(a.Type) == "basic" { + return fmt.Errorf(`authorization type cannot be set to "basic", use "basic_auth" block instead`) + } + + return nil +} + // TLSVersion mirrors config.TLSVersion type TLSVersion uint16 @@ -283,7 +364,7 @@ type OAuth2Config struct { Scopes []string `river:"scopes,attr,optional"` TokenURL string `river:"token_url,attr,optional"` EndpointParams map[string]string `river:"endpoint_params,attr,optional"` - ProxyURL URL `river:"proxy_url,attr,optional"` + ProxyConfig *ProxyConfig `river:",squash"` TLSConfig *TLSConfig `river:"tls_config,block,optional"` } @@ -299,12 +380,31 @@ func (o *OAuth2Config) Convert() *config.OAuth2 { Scopes: o.Scopes, TokenURL: o.TokenURL, EndpointParams: o.EndpointParams, - ProxyConfig: config.ProxyConfig{ - ProxyURL: o.ProxyURL.Convert(), - }, + ProxyConfig: o.ProxyConfig.Convert(), } if o.TLSConfig != nil { oa.TLSConfig = *o.TLSConfig.Convert() } return oa } + +func (o *OAuth2Config) Validate() error { + if o == nil { + return nil + } + + if len(o.ClientID) == 0 { + return fmt.Errorf("oauth2 client_id must be configured") + } + if len(o.ClientSecret) == 0 && len(o.ClientSecretFile) == 0 { + return fmt.Errorf("either oauth2 client_secret or client_secret_file must be configured") + } + if len(o.TokenURL) == 0 { + return fmt.Errorf("oauth2 token_url must be configured") + } + if len(o.ClientSecret) > 0 && len(o.ClientSecretFile) > 0 { + return fmt.Errorf("at most one of oauth2 client_secret & client_secret_file must be configured") + } + + return o.ProxyConfig.Validate() +} diff --git a/component/common/config/types_test.go b/component/common/config/types_test.go index 0291d44aaa98..dbdbed6c284c 100644 --- a/component/common/config/types_test.go +++ b/component/common/config/types_test.go @@ -228,5 +228,5 @@ func TestHTTPClientBadConfig(t *testing.T) { var httpClientConfig HTTPClientConfig err := river.Unmarshal([]byte(exampleRiverConfig), &httpClientConfig) - require.ErrorContains(t, err, "at most one of bearer_token & bearer_token_file must be configured") + require.ErrorContains(t, err, "at most one of basic_auth password & password_file must be configured") } diff --git a/component/discovery/aws/ec2_test.go b/component/discovery/aws/ec2_test.go index 7696d750a4ff..a927716afba7 100644 --- a/component/discovery/aws/ec2_test.go +++ b/component/discovery/aws/ec2_test.go @@ -14,7 +14,11 @@ func TestConvert(t *testing.T) { u, err := url.Parse("http://example:8080") require.NoError(t, err) httpClientConfig := config.DefaultHTTPClientConfig - httpClientConfig.ProxyURL = config.URL{URL: u} + httpClientConfig.ProxyConfig = &config.ProxyConfig{ + ProxyURL: config.URL{ + URL: u, + }, + } // example configuration riverArgs := EC2Arguments{ diff --git a/component/discovery/azure/azure.go b/component/discovery/azure/azure.go index 9ed1363f5250..0b22c15528e1 100644 --- a/component/discovery/azure/azure.go +++ b/component/discovery/azure/azure.go @@ -35,10 +35,10 @@ type Arguments struct { RefreshInterval time.Duration `river:"refresh_interval,attr,optional"` ResourceGroup string `river:"resource_group,attr,optional"` - ProxyURL config.URL `river:"proxy_url,attr,optional"` - FollowRedirects bool `river:"follow_redirects,attr,optional"` - EnableHTTP2 bool `river:"enable_http2,attr,optional"` - TLSConfig config.TLSConfig `river:"tls_config,block,optional"` + ProxyConfig *config.ProxyConfig `river:",squash"` + FollowRedirects bool `river:"follow_redirects,attr,optional"` + EnableHTTP2 bool `river:"enable_http2,attr,optional"` + TLSConfig config.TLSConfig `river:"tls_config,block,optional"` } type OAuth struct { @@ -69,7 +69,12 @@ func (a *Arguments) Validate() error { if a.OAuth == nil && a.ManagedIdentity == nil || a.OAuth != nil && a.ManagedIdentity != nil { return fmt.Errorf("exactly one of oauth or managed_identity must be specified") } - return a.TLSConfig.Validate() + + if err := a.TLSConfig.Validate(); err != nil { + return err + } + + return a.ProxyConfig.Validate() } func (a *Arguments) Convert() *prom_discovery.SDConfig { @@ -90,10 +95,10 @@ func (a *Arguments) Convert() *prom_discovery.SDConfig { } httpClientConfig := config.DefaultHTTPClientConfig - httpClientConfig.ProxyURL = a.ProxyURL httpClientConfig.FollowRedirects = a.FollowRedirects httpClientConfig.EnableHTTP2 = a.EnableHTTP2 httpClientConfig.TLSConfig = a.TLSConfig + httpClientConfig.ProxyConfig = a.ProxyConfig return &prom_discovery.SDConfig{ Environment: a.Environment, diff --git a/component/discovery/azure/azure_test.go b/component/discovery/azure/azure_test.go index d3b98a903241..bf350c0bab84 100644 --- a/component/discovery/azure/azure_test.go +++ b/component/discovery/azure/azure_test.go @@ -42,7 +42,7 @@ func TestRiverUnmarshal(t *testing.T) { assert.Equal(t, "clientsecret", string(args.OAuth.ClientSecret)) assert.Equal(t, true, args.EnableHTTP2) assert.Equal(t, false, args.FollowRedirects) - assert.Equal(t, "http://example:8080", args.ProxyURL.String()) + assert.Equal(t, "http://example:8080", args.ProxyConfig.ProxyURL.String()) } func TestRiverUnmarshal_OAuthRequiredFields(t *testing.T) { @@ -123,8 +123,10 @@ func TestConvert(t *testing.T) { }, FollowRedirects: false, EnableHTTP2: false, - ProxyURL: config.URL{ - URL: proxyUrl, + ProxyConfig: &config.ProxyConfig{ + ProxyURL: config.URL{ + URL: proxyUrl, + }, }, } @@ -152,8 +154,10 @@ func TestConvert(t *testing.T) { }, FollowRedirects: true, EnableHTTP2: true, - ProxyURL: config.URL{ - URL: proxyUrl, + ProxyConfig: &config.ProxyConfig{ + ProxyURL: config.URL{ + URL: proxyUrl, + }, }, } diff --git a/component/discovery/consul/consul_test.go b/component/discovery/consul/consul_test.go index 70ed9604d033..98e72666cc89 100644 --- a/component/discovery/consul/consul_test.go +++ b/component/discovery/consul/consul_test.go @@ -25,12 +25,15 @@ func TestBadRiverConfig(t *testing.T) { var exampleRiverConfig = ` server = "consul.example.com:8500" services = ["my-service"] - bearer_token = "token" - bearer_token_file = "/path/to/file.token" + basic_auth { + username = "user" + password = "pass" + password_file = "/somewhere.txt" + } ` // Make sure the squashed HTTPClientConfig Validate function is being utilized correctly var args Arguments err := river.Unmarshal([]byte(exampleRiverConfig), &args) - require.ErrorContains(t, err, "at most one of bearer_token & bearer_token_file must be configured") + require.ErrorContains(t, err, "at most one of basic_auth password & password_file must be configured") } diff --git a/component/discovery/digitalocean/digitalocean.go b/component/discovery/digitalocean/digitalocean.go index bde15337da88..3f2c735c6f44 100644 --- a/component/discovery/digitalocean/digitalocean.go +++ b/component/discovery/digitalocean/digitalocean.go @@ -31,9 +31,9 @@ type Arguments struct { BearerToken rivertypes.Secret `river:"bearer_token,attr,optional"` BearerTokenFile string `river:"bearer_token_file,attr,optional"` - ProxyURL config.URL `river:"proxy_url,attr,optional"` - FollowRedirects bool `river:"follow_redirects,attr,optional"` - EnableHTTP2 bool `river:"enable_http2,attr,optional"` + ProxyConfig *config.ProxyConfig `river:",squash"` + FollowRedirects bool `river:"follow_redirects,attr,optional"` + EnableHTTP2 bool `river:"enable_http2,attr,optional"` } var DefaultArguments = Arguments{ @@ -60,16 +60,16 @@ func (a *Arguments) Validate() error { return fmt.Errorf("exactly one of bearer_token or bearer_token_file must be specified") } - return nil + return a.ProxyConfig.Validate() } func (a *Arguments) Convert() *prom_discovery.SDConfig { httpClientConfig := config.DefaultHTTPClientConfig httpClientConfig.BearerToken = a.BearerToken httpClientConfig.BearerTokenFile = a.BearerTokenFile - httpClientConfig.ProxyURL = a.ProxyURL httpClientConfig.FollowRedirects = a.FollowRedirects httpClientConfig.EnableHTTP2 = a.EnableHTTP2 + httpClientConfig.ProxyConfig = a.ProxyConfig return &prom_discovery.SDConfig{ RefreshInterval: model.Duration(a.RefreshInterval), diff --git a/component/discovery/digitalocean/digitalocean_test.go b/component/discovery/digitalocean/digitalocean_test.go index fe677105da65..ade941f53be5 100644 --- a/component/discovery/digitalocean/digitalocean_test.go +++ b/component/discovery/digitalocean/digitalocean_test.go @@ -40,7 +40,7 @@ func TestRiverUnmarshal(t *testing.T) { require.NoError(t, err) assert.Equal(t, 3*time.Minute, args.RefreshInterval) assert.Equal(t, 9119, args.Port) - assert.Equal(t, "http://proxy:8080", args.ProxyURL.String()) + assert.Equal(t, "http://proxy:8080", args.ProxyConfig.ProxyURL.String()) assert.Equal(t, true, args.FollowRedirects) assert.Equal(t, false, args.EnableHTTP2) } @@ -72,8 +72,10 @@ func TestConvert(t *testing.T) { RefreshInterval: 5 * time.Minute, Port: 8181, BearerToken: "token", - ProxyURL: config.URL{ - URL: proxyUrl, + ProxyConfig: &config.ProxyConfig{ + ProxyURL: config.URL{ + URL: proxyUrl, + }, }, FollowRedirects: false, EnableHTTP2: false, diff --git a/component/discovery/docker/docker_test.go b/component/discovery/docker/docker_test.go index 7589eb9df58f..f86903080f16 100644 --- a/component/discovery/docker/docker_test.go +++ b/component/discovery/docker/docker_test.go @@ -27,5 +27,5 @@ func TestBadRiverConfig(t *testing.T) { // Make sure the squashed HTTPClientConfig Validate function is being utilized correctly var args Arguments err := river.Unmarshal([]byte(exampleRiverConfig), &args) - require.ErrorContains(t, err, "at most one of bearer_token & bearer_token_file must be configured") + require.ErrorContains(t, err, "at most one of basic_auth, authorization, oauth2, bearer_token & bearer_token_file must be configured") } diff --git a/component/discovery/kubelet/kubelet_test.go b/component/discovery/kubelet/kubelet_test.go index 183f789aef70..abde26630764 100644 --- a/component/discovery/kubelet/kubelet_test.go +++ b/component/discovery/kubelet/kubelet_test.go @@ -32,7 +32,7 @@ func TestBadRiverConfig(t *testing.T) { // Make sure the squashed HTTPClientConfig Validate function is being utilized correctly var args Arguments err := river.Unmarshal([]byte(exampleRiverConfig), &args) - require.ErrorContains(t, err, "at most one of bearer_token & bearer_token_file must be configured") + require.ErrorContains(t, err, "at most one of basic_auth, authorization, oauth2, bearer_token & bearer_token_file must be configured") // Make sure that URL defaults to https://localhost:10250 var args2 Arguments diff --git a/component/discovery/kubernetes/kubernetes_test.go b/component/discovery/kubernetes/kubernetes_test.go index b4fd44e33895..ad6308f7c645 100644 --- a/component/discovery/kubernetes/kubernetes_test.go +++ b/component/discovery/kubernetes/kubernetes_test.go @@ -31,7 +31,7 @@ func TestBadRiverConfig(t *testing.T) { // Make sure the squashed HTTPClientConfig Validate function is being utilized correctly var args Arguments err := river.Unmarshal([]byte(exampleRiverConfig), &args) - require.ErrorContains(t, err, "at most one of bearer_token & bearer_token_file must be configured") + require.ErrorContains(t, err, "at most one of basic_auth, authorization, oauth2, bearer_token & bearer_token_file must be configured") } func TestAttachMetadata(t *testing.T) { diff --git a/component/discovery/linode/linode_test.go b/component/discovery/linode/linode_test.go index 9c344d6e2629..b8effb7eae95 100644 --- a/component/discovery/linode/linode_test.go +++ b/component/discovery/linode/linode_test.go @@ -16,6 +16,10 @@ func TestRiverConfig(t *testing.T) { refresh_interval = "10s" port = 8080 tag_separator = ";" + basic_auth { + username = "test" + password = "pass" + } ` var args Arguments err := river.Unmarshal([]byte(exampleRiverConfig), &args) @@ -29,6 +33,10 @@ func TestConvert(t *testing.T) { TagSeparator: ";", HTTPClientConfig: config.HTTPClientConfig{ BearerToken: "FOO", + BasicAuth: &config.BasicAuth{ + Username: "test", + Password: "pass", + }, }, } @@ -37,6 +45,8 @@ func TestConvert(t *testing.T) { require.Equal(t, model.Duration(15*time.Second), promArgs.RefreshInterval) require.Equal(t, ";", promArgs.TagSeparator) require.Equal(t, promconfig.Secret("FOO"), promArgs.HTTPClientConfig.BearerToken) + require.Equal(t, "test", promArgs.HTTPClientConfig.BasicAuth.Username) + require.Equal(t, "pass", string(promArgs.HTTPClientConfig.BasicAuth.Password)) } func TestValidate(t *testing.T) { diff --git a/component/discovery/nomad/nomad_test.go b/component/discovery/nomad/nomad_test.go index 70455bb19194..587a47c55cdd 100644 --- a/component/discovery/nomad/nomad_test.go +++ b/component/discovery/nomad/nomad_test.go @@ -34,7 +34,7 @@ func TestRiverUnmarshal(t *testing.T) { assert.Equal(t, ";", args.TagSeparator) assert.Equal(t, true, args.HTTPClientConfig.EnableHTTP2) assert.Equal(t, false, args.HTTPClientConfig.FollowRedirects) - assert.Equal(t, "http://example:8080", args.HTTPClientConfig.ProxyURL.String()) + assert.Equal(t, "http://example:8080", args.HTTPClientConfig.ProxyConfig.ProxyURL.String()) } func TestConvert(t *testing.T) { diff --git a/component/discovery/scaleway/scaleway.go b/component/discovery/scaleway/scaleway.go index 0353993fc95e..25990105b389 100644 --- a/component/discovery/scaleway/scaleway.go +++ b/component/discovery/scaleway/scaleway.go @@ -42,10 +42,10 @@ type Arguments struct { RefreshInterval time.Duration `river:"refresh_interval,attr,optional"` Port int `river:"port,attr,optional"` - ProxyURL config.URL `river:"proxy_url,attr,optional"` - TLSConfig config.TLSConfig `river:"tls_config,block,optional"` - FollowRedirects bool `river:"follow_redirects,attr,optional"` - EnableHTTP2 bool `river:"enable_http2,attr,optional"` + ProxyConfig *config.ProxyConfig `river:",squash"` + TLSConfig config.TLSConfig `river:"tls_config,block,optional"` + FollowRedirects bool `river:"follow_redirects,attr,optional"` + EnableHTTP2 bool `river:"enable_http2,attr,optional"` } var DefaultArguments = Arguments{ @@ -79,6 +79,10 @@ func (args *Arguments) Validate() error { return fmt.Errorf("access_key must not be empty") } + if err := args.ProxyConfig.Validate(); err != nil { + return err + } + // Test UnmarshalYAML against the upstream type which has custom validations. // // TODO(rfratto): decouple upstream validation into a separate method so this @@ -113,9 +117,7 @@ func (args *Arguments) Convert() *prom_discovery.SDConfig { TagsFilter: args.TagsFilter, HTTPClientConfig: prom_config.HTTPClientConfig{ - ProxyConfig: prom_config.ProxyConfig{ - ProxyURL: args.ProxyURL.Convert(), - }, + ProxyConfig: args.ProxyConfig.Convert(), TLSConfig: *args.TLSConfig.Convert(), FollowRedirects: args.FollowRedirects, EnableHTTP2: args.EnableHTTP2, diff --git a/component/discovery/uyuni/uyuni.go b/component/discovery/uyuni/uyuni.go index 4e2947b8802e..709c9e9c696b 100644 --- a/component/discovery/uyuni/uyuni.go +++ b/component/discovery/uyuni/uyuni.go @@ -27,17 +27,16 @@ func init() { } type Arguments struct { - Server string `river:"server,attr"` - Username string `river:"username,attr"` - Password rivertypes.Secret `river:"password,attr"` - Entitlement string `river:"entitlement,attr,optional"` - Separator string `river:"separator,attr,optional"` - RefreshInterval time.Duration `river:"refresh_interval,attr,optional"` - - ProxyURL config.URL `river:"proxy_url,attr,optional"` - TLSConfig config.TLSConfig `river:"tls_config,block,optional"` - FollowRedirects bool `river:"follow_redirects,attr,optional"` - EnableHTTP2 bool `river:"enable_http2,attr,optional"` + Server string `river:"server,attr"` + Username string `river:"username,attr"` + Password rivertypes.Secret `river:"password,attr"` + Entitlement string `river:"entitlement,attr,optional"` + Separator string `river:"separator,attr,optional"` + RefreshInterval time.Duration `river:"refresh_interval,attr,optional"` + ProxyConfig *config.ProxyConfig `river:",squash"` + TLSConfig config.TLSConfig `river:"tls_config,block,optional"` + FollowRedirects bool `river:"follow_redirects,attr,optional"` + EnableHTTP2 bool `river:"enable_http2,attr,optional"` } var DefaultArguments = Arguments{ @@ -60,7 +59,12 @@ func (a *Arguments) Validate() error { if err != nil { return fmt.Errorf("invalid server URL: %w", err) } - return a.TLSConfig.Validate() + + if err = a.TLSConfig.Validate(); err != nil { + return err + } + + return a.ProxyConfig.Validate() } func (a *Arguments) Convert() *prom_discovery.SDConfig { @@ -73,9 +77,7 @@ func (a *Arguments) Convert() *prom_discovery.SDConfig { RefreshInterval: model.Duration(a.RefreshInterval), HTTPClientConfig: promcfg.HTTPClientConfig{ - ProxyConfig: promcfg.ProxyConfig{ - ProxyURL: a.ProxyURL.Convert(), - }, + ProxyConfig: a.ProxyConfig.Convert(), TLSConfig: *a.TLSConfig.Convert(), FollowRedirects: a.FollowRedirects, EnableHTTP2: a.EnableHTTP2, diff --git a/component/loki/source/kubernetes/kubernetes_test.go b/component/loki/source/kubernetes/kubernetes_test.go index c01195752180..ad1fc5872e4f 100644 --- a/component/loki/source/kubernetes/kubernetes_test.go +++ b/component/loki/source/kubernetes/kubernetes_test.go @@ -41,5 +41,5 @@ func TestBadRiverConfig(t *testing.T) { // Make sure the squashed HTTPClientConfig Validate function is being utilized correctly var args Arguments err := river.Unmarshal([]byte(exampleRiverConfig), &args) - require.ErrorContains(t, err, "at most one of bearer_token & bearer_token_file must be configured") + require.ErrorContains(t, err, "at most one of basic_auth, authorization, oauth2, bearer_token & bearer_token_file must be configured") } diff --git a/component/loki/source/podlogs/podlogs_test.go b/component/loki/source/podlogs/podlogs_test.go index 243e5177a103..ffb0e2fa1d1f 100644 --- a/component/loki/source/podlogs/podlogs_test.go +++ b/component/loki/source/podlogs/podlogs_test.go @@ -33,5 +33,5 @@ func TestBadRiverConfig(t *testing.T) { // Make sure the squashed HTTPClientConfig Validate function is being utilized correctly var args Arguments err := river.Unmarshal([]byte(exampleRiverConfig), &args) - require.ErrorContains(t, err, "at most one of bearer_token & bearer_token_file must be configured") + require.ErrorContains(t, err, "at most one of basic_auth, authorization, oauth2, bearer_token & bearer_token_file must be configured") } diff --git a/component/loki/write/write_test.go b/component/loki/write/write_test.go index d77bebe21c0f..87e09a5a35e5 100644 --- a/component/loki/write/write_test.go +++ b/component/loki/write/write_test.go @@ -53,7 +53,7 @@ func TestBadRiverConfig(t *testing.T) { // Make sure the squashed HTTPClientConfig Validate function is being utilized correctly var args Arguments err := river.Unmarshal([]byte(exampleRiverConfig), &args) - require.ErrorContains(t, err, "at most one of bearer_token & bearer_token_file must be configured") + require.ErrorContains(t, err, "at most one of basic_auth, authorization, oauth2, bearer_token & bearer_token_file must be configured") } func TestUnmarshallWalAttrributes(t *testing.T) { diff --git a/component/mimir/rules/kubernetes/rules_test.go b/component/mimir/rules/kubernetes/rules_test.go index d37538b38940..332c8942febe 100644 --- a/component/mimir/rules/kubernetes/rules_test.go +++ b/component/mimir/rules/kubernetes/rules_test.go @@ -38,5 +38,5 @@ func TestBadRiverConfig(t *testing.T) { // Make sure the squashed HTTPClientConfig Validate function is being utilized correctly var args Arguments err := river.Unmarshal([]byte(exampleRiverConfig), &args) - require.ErrorContains(t, err, "at most one of bearer_token & bearer_token_file must be configured") + require.ErrorContains(t, err, "at most one of basic_auth, authorization, oauth2, bearer_token & bearer_token_file must be configured") } diff --git a/component/prometheus/remotewrite/types_test.go b/component/prometheus/remotewrite/types_test.go index b9dc4970b990..2c013c4c06a5 100644 --- a/component/prometheus/remotewrite/types_test.go +++ b/component/prometheus/remotewrite/types_test.go @@ -256,7 +256,7 @@ func TestRiverConfig(t *testing.T) { batch_send_deadline = "100ms" } }`, - errorMsg: "at most one of bearer_token & bearer_token_file must be configured", + errorMsg: "at most one of basic_auth, authorization, oauth2, bearer_token & bearer_token_file must be configured", }, } diff --git a/component/prometheus/scrape/scrape_test.go b/component/prometheus/scrape/scrape_test.go index bb7cef641f41..afc6c7ebd53c 100644 --- a/component/prometheus/scrape/scrape_test.go +++ b/component/prometheus/scrape/scrape_test.go @@ -68,7 +68,7 @@ func TestBadRiverConfig(t *testing.T) { // Make sure the squashed HTTPClientConfig Validate function is being utilized correctly var args Arguments err := river.Unmarshal([]byte(exampleRiverConfig), &args) - require.ErrorContains(t, err, "at most one of bearer_token & bearer_token_file must be configured") + require.ErrorContains(t, err, "at most one of basic_auth, authorization, oauth2, bearer_token & bearer_token_file must be configured") } func TestForwardingToAppendable(t *testing.T) { diff --git a/component/pyroscope/scrape/scrape_test.go b/component/pyroscope/scrape/scrape_test.go index 29c5b72b71d2..1ba6a1515e44 100644 --- a/component/pyroscope/scrape/scrape_test.go +++ b/component/pyroscope/scrape/scrape_test.go @@ -169,7 +169,7 @@ func TestUnmarshalConfig(t *testing.T) { bearer_token = "token" bearer_token_file = "/path/to/file.token" `, - expectedErr: "at most one of bearer_token & bearer_token_file must be configured", + expectedErr: "at most one of basic_auth, authorization, oauth2, bearer_token & bearer_token_file must be configured", }, } { tt := tt diff --git a/component/pyroscope/write/write_test.go b/component/pyroscope/write/write_test.go index d0c91d50e3f6..10032ac138d3 100644 --- a/component/pyroscope/write/write_test.go +++ b/component/pyroscope/write/write_test.go @@ -251,5 +251,5 @@ func TestBadRiverConfig(t *testing.T) { // Make sure the squashed HTTPClientConfig Validate function is being utilized correctly var args Arguments err := river.Unmarshal([]byte(exampleRiverConfig), &args) - require.ErrorContains(t, err, "at most one of bearer_token & bearer_token_file must be configured") + require.ErrorContains(t, err, "at most one of basic_auth, authorization, oauth2, bearer_token & bearer_token_file must be configured") } diff --git a/converter/internal/common/http_client_config.go b/converter/internal/common/http_client_config.go index 55b880903621..08b5f974e12e 100644 --- a/converter/internal/common/http_client_config.go +++ b/converter/internal/common/http_client_config.go @@ -1,6 +1,8 @@ package common import ( + "reflect" + "github.com/grafana/agent/component/common/config" "github.com/grafana/agent/converter/diag" "github.com/grafana/river/rivertypes" @@ -18,7 +20,7 @@ func ToHttpClientConfig(httpClientConfig *prom_config.HTTPClientConfig) *config. OAuth2: toOAuth2(httpClientConfig.OAuth2), BearerToken: rivertypes.Secret(httpClientConfig.BearerToken), BearerTokenFile: httpClientConfig.BearerTokenFile, - ProxyURL: config.URL(httpClientConfig.ProxyURL), + ProxyConfig: ToProxyConfig(httpClientConfig.ProxyConfig), TLSConfig: *ToTLSConfig(&httpClientConfig.TLSConfig), FollowRedirects: httpClientConfig.FollowRedirects, EnableHTTP2: httpClientConfig.EnableHTTP2, @@ -30,9 +32,6 @@ func ToHttpClientConfig(httpClientConfig *prom_config.HTTPClientConfig) *config. func ValidateHttpClientConfig(httpClientConfig *prom_config.HTTPClientConfig) diag.Diagnostics { var diags diag.Diagnostics - diags.AddAll(ValidateSupported(NotEquals, httpClientConfig.NoProxy, "", "HTTP Client no_proxy", "")) - diags.AddAll(ValidateSupported(Equals, httpClientConfig.ProxyFromEnvironment, true, "HTTP Client proxy_from_environment", "")) - diags.AddAll(ValidateSupported(Equals, len(httpClientConfig.ProxyConnectHeader) > 0, true, "HTTP Client proxy_connect_header", "")) diags.AddAll(ValidateSupported(NotEquals, httpClientConfig.TLSConfig.MaxVersion, prom_config.TLSVersion(0), "HTTP Client max_version", "")) return diags @@ -74,11 +73,56 @@ func toOAuth2(oAuth2 *prom_config.OAuth2) *config.OAuth2Config { Scopes: oAuth2.Scopes, TokenURL: oAuth2.TokenURL, EndpointParams: oAuth2.EndpointParams, - ProxyURL: config.URL(oAuth2.ProxyURL), + ProxyConfig: ToProxyConfig(oAuth2.ProxyConfig), TLSConfig: ToTLSConfig(&oAuth2.TLSConfig), } } +func ToProxyConfig(proxyConfig prom_config.ProxyConfig) *config.ProxyConfig { + // Prometheus proxy config is not a pointer so treat the default struct as nil + if reflect.DeepEqual(proxyConfig, prom_config.ProxyConfig{}) { + return nil + } + + return &config.ProxyConfig{ + ProxyURL: toProxyURL(proxyConfig.ProxyURL), + NoProxy: proxyConfig.NoProxy, + ProxyFromEnvironment: proxyConfig.ProxyFromEnvironment, + ProxyConnectHeader: toProxyConnectHeader(proxyConfig.ProxyConnectHeader), + } +} + +func toProxyURL(proxyURL prom_config.URL) config.URL { + if proxyURL.URL == nil { + return config.URL{} + } + + return config.URL{ + URL: proxyURL.URL, + } +} + +func toProxyConnectHeader(proxyConnectHeader prom_config.Header) config.Header { + if proxyConnectHeader == nil { + return config.Header{} + } + + header := config.Header{ + Header: make(map[string][]rivertypes.Secret), + } + for name, values := range proxyConnectHeader { + var s []rivertypes.Secret + if values != nil { + s = make([]rivertypes.Secret, 0, len(values)) + for _, value := range values { + s = append(s, rivertypes.Secret(value)) + } + } + header.Header[name] = s + } + return header +} + func ToTLSConfig(tlsConfig *prom_config.TLSConfig) *config.TLSConfig { if tlsConfig == nil { return nil diff --git a/converter/internal/common/river_utils.go b/converter/internal/common/river_utils.go index ba169bc830c7..d8cb98a93e01 100644 --- a/converter/internal/common/river_utils.go +++ b/converter/internal/common/river_utils.go @@ -45,6 +45,15 @@ func getValueOverrideHook() builder.ValueOverrideHook { secrets = append(secrets, string(secret)) } return secrets + case map[string][]rivertypes.Secret: + secrets := make(map[string][]string, len(value)) + for k, v := range value { + secrets[k] = make([]string, 0, len(v)) + for _, secret := range v { + secrets[k] = append(secrets[k], string(secret)) + } + } + return secrets case flow_relabel.Regexp: return value.String() case []discovery.Target: diff --git a/converter/internal/prometheusconvert/component/azure.go b/converter/internal/prometheusconvert/component/azure.go index 754c9765f32c..7f868fe54b06 100644 --- a/converter/internal/prometheusconvert/component/azure.go +++ b/converter/internal/prometheusconvert/component/azure.go @@ -3,7 +3,6 @@ package component import ( "time" - "github.com/grafana/agent/component/common/config" "github.com/grafana/agent/component/discovery" "github.com/grafana/agent/component/discovery/azure" "github.com/grafana/agent/converter/diag" @@ -34,7 +33,7 @@ func toDiscoveryAzure(sdConfig *prom_azure.SDConfig) *azure.Arguments { ManagedIdentity: toManagedIdentity(sdConfig), RefreshInterval: time.Duration(sdConfig.RefreshInterval), ResourceGroup: sdConfig.ResourceGroup, - ProxyURL: config.URL(sdConfig.HTTPClientConfig.ProxyURL), + ProxyConfig: common.ToProxyConfig(sdConfig.HTTPClientConfig.ProxyConfig), FollowRedirects: sdConfig.HTTPClientConfig.FollowRedirects, EnableHTTP2: sdConfig.HTTPClientConfig.EnableHTTP2, TLSConfig: *common.ToTLSConfig(&sdConfig.HTTPClientConfig.TLSConfig), diff --git a/converter/internal/prometheusconvert/component/digitalocean.go b/converter/internal/prometheusconvert/component/digitalocean.go index 1b8be57618b6..6cbdae5a95f6 100644 --- a/converter/internal/prometheusconvert/component/digitalocean.go +++ b/converter/internal/prometheusconvert/component/digitalocean.go @@ -3,7 +3,6 @@ package component import ( "time" - "github.com/grafana/agent/component/common/config" "github.com/grafana/agent/component/discovery" "github.com/grafana/agent/component/discovery/digitalocean" "github.com/grafana/agent/converter/diag" @@ -49,7 +48,7 @@ func toDiscoveryDigitalOcean(sdConfig *prom_digitalocean.SDConfig) *digitalocean Port: sdConfig.Port, BearerToken: rivertypes.Secret(sdConfig.HTTPClientConfig.BearerToken), BearerTokenFile: sdConfig.HTTPClientConfig.BearerTokenFile, - ProxyURL: config.URL(sdConfig.HTTPClientConfig.ProxyURL), + ProxyConfig: common.ToProxyConfig(sdConfig.HTTPClientConfig.ProxyConfig), FollowRedirects: sdConfig.HTTPClientConfig.FollowRedirects, EnableHTTP2: sdConfig.HTTPClientConfig.EnableHTTP2, } diff --git a/converter/internal/prometheusconvert/component/scaleway.go b/converter/internal/prometheusconvert/component/scaleway.go index 8cc25b7470c0..79b5aa152272 100644 --- a/converter/internal/prometheusconvert/component/scaleway.go +++ b/converter/internal/prometheusconvert/component/scaleway.go @@ -3,7 +3,6 @@ package component import ( "time" - "github.com/grafana/agent/component/common/config" "github.com/grafana/agent/component/discovery" "github.com/grafana/agent/component/discovery/scaleway" "github.com/grafana/agent/converter/diag" @@ -42,7 +41,7 @@ func toDiscoveryScaleway(sdConfig *prom_scaleway.SDConfig) *scaleway.Arguments { TagsFilter: sdConfig.TagsFilter, RefreshInterval: time.Duration(sdConfig.RefreshInterval), Port: sdConfig.Port, - ProxyURL: config.URL(sdConfig.HTTPClientConfig.ProxyURL), + ProxyConfig: common.ToProxyConfig(sdConfig.HTTPClientConfig.ProxyConfig), TLSConfig: *common.ToTLSConfig(&sdConfig.HTTPClientConfig.TLSConfig), FollowRedirects: sdConfig.HTTPClientConfig.FollowRedirects, EnableHTTP2: sdConfig.HTTPClientConfig.EnableHTTP2, diff --git a/converter/internal/prometheusconvert/testdata/digitalocean.diags b/converter/internal/prometheusconvert/testdata/digitalocean.diags index 192d5c8d858e..4657e3155cdf 100644 --- a/converter/internal/prometheusconvert/testdata/digitalocean.diags +++ b/converter/internal/prometheusconvert/testdata/digitalocean.diags @@ -1,3 +1 @@ -(Error) The converter does not support converting the provided digitalocean_sd_configs basic_auth config. -(Error) The converter does not support converting the provided HTTP Client proxy_from_environment config. -(Error) The converter does not support converting the provided HTTP Client proxy_from_environment config. \ No newline at end of file +(Error) The converter does not support converting the provided digitalocean_sd_configs basic_auth config. \ No newline at end of file diff --git a/converter/internal/prometheusconvert/testdata/digitalocean.river b/converter/internal/prometheusconvert/testdata/digitalocean.river index 27b0629afc15..106d206fdd05 100644 --- a/converter/internal/prometheusconvert/testdata/digitalocean.river +++ b/converter/internal/prometheusconvert/testdata/digitalocean.river @@ -1,6 +1,14 @@ -discovery.digitalocean "prometheus1" { } +discovery.digitalocean "prometheus1" { + proxy_from_environment = true + proxy_connect_header = { + Authorization = ["something", "something else"], + Host = ["localhost"], + } +} -discovery.digitalocean "prometheus2" { } +discovery.digitalocean "prometheus2" { + proxy_from_environment = true +} prometheus.scrape "prometheus1" { targets = concat( diff --git a/converter/internal/prometheusconvert/testdata/digitalocean.yaml b/converter/internal/prometheusconvert/testdata/digitalocean.yaml index 8122cefe580a..7bf1b724b7b3 100644 --- a/converter/internal/prometheusconvert/testdata/digitalocean.yaml +++ b/converter/internal/prometheusconvert/testdata/digitalocean.yaml @@ -4,6 +4,9 @@ scrape_configs: - targets: ["localhost:9090"] digitalocean_sd_configs: - proxy_from_environment: true + proxy_connect_header: + Authorization: ["something", "something else"] + Host: ["localhost"] basic_auth: username: 'user' password: 'pass' diff --git a/converter/internal/prometheusconvert/testdata/http.river b/converter/internal/prometheusconvert/testdata/http.river index 3184bf527e0d..0b3f85909b18 100644 --- a/converter/internal/prometheusconvert/testdata/http.river +++ b/converter/internal/prometheusconvert/testdata/http.river @@ -54,16 +54,23 @@ discovery.relabel "netbox_snmp" { } prometheus.scrape "netbox_snmp" { - targets = discovery.relabel.netbox_snmp.output - forward_to = [prometheus.remote_write.default.receiver] - job_name = "netbox_snmp" - metrics_path = "/snmp" + targets = discovery.relabel.netbox_snmp.output + forward_to = [prometheus.remote_write.default.receiver] + job_name = "netbox_snmp" + metrics_path = "/snmp" + proxy_url = "localhost:1000" + no_proxy = "localhost:1001" + proxy_connect_header = { + Authorization = ["something", "something else"], + Host = ["localhost"], + } } prometheus.remote_write "default" { endpoint { - name = "remote1" - url = "http://remote-write-url1" + name = "remote1" + url = "http://remote-write-url1" + proxy_from_environment = true queue_config { } diff --git a/converter/internal/prometheusconvert/testdata/http.yaml b/converter/internal/prometheusconvert/testdata/http.yaml index ca9e954db1b7..8c65dcb8bc95 100644 --- a/converter/internal/prometheusconvert/testdata/http.yaml +++ b/converter/internal/prometheusconvert/testdata/http.yaml @@ -4,6 +4,11 @@ global: scrape_configs: - job_name: netbox_snmp metrics_path: /snmp + proxy_url: "localhost:1000" + no_proxy: "localhost:1001" + proxy_connect_header: + Authorization: ["something", "something else"] + Host: ["localhost"] http_sd_configs: - url: http://netbox:8080/api/plugins/prometheus-sd/devices?status=active&cf_prometheus_job=netbox_snmp refresh_interval: 15s @@ -31,4 +36,5 @@ scrape_configs: remote_write: - name: "remote1" + proxy_from_environment: true url: "http://remote-write-url1" \ No newline at end of file diff --git a/converter/internal/prometheusconvert/testdata/unsupported.diags b/converter/internal/prometheusconvert/testdata/unsupported.diags index 966bd0d1e5bf..287971312628 100644 --- a/converter/internal/prometheusconvert/testdata/unsupported.diags +++ b/converter/internal/prometheusconvert/testdata/unsupported.diags @@ -2,12 +2,10 @@ (Error) The converter does not support converting the provided global query_log_file config. (Error) The converter does not support converting the provided alerting config. (Error) The converter does not support converting the provided rule_files config. -(Error) The converter does not support converting the provided HTTP Client no_proxy config. (Error) The converter does not support converting the provided nomad service discovery. (Error) The converter does not support converting the provided scrape_configs native_histogram_bucket_limit config. (Error) The converter does not support converting the provided scrape_configs keep_dropped_targets config. (Error) The converter does not support converting the provided storage config. (Error) The converter does not support converting the provided tracing config. -(Error) The converter does not support converting the provided HTTP Client proxy_from_environment config. (Error) The converter does not support converting the provided HTTP Client max_version config. (Error) The converter does not support converting the provided remote_read config. \ No newline at end of file diff --git a/converter/internal/prometheusconvert/testdata/unsupported.river b/converter/internal/prometheusconvert/testdata/unsupported.river index a1882ff1eb5a..afa35ea2ea91 100644 --- a/converter/internal/prometheusconvert/testdata/unsupported.river +++ b/converter/internal/prometheusconvert/testdata/unsupported.river @@ -12,7 +12,6 @@ prometheus.scrape "prometheus1" { username = "user" password = "pass" } - proxy_url = "localhost:1000" } prometheus.scrape "prometheus2" { diff --git a/converter/internal/prometheusconvert/testdata/unsupported.yaml b/converter/internal/prometheusconvert/testdata/unsupported.yaml index 5d174c36cb8e..855b241654bf 100644 --- a/converter/internal/prometheusconvert/testdata/unsupported.yaml +++ b/converter/internal/prometheusconvert/testdata/unsupported.yaml @@ -32,8 +32,6 @@ scrape_configs: scrape_timeout: 5s static_configs: - targets: ["localhost:9090"] - proxy_url: "localhost:1000" - no_proxy: "localhost:1001" basic_auth: username: 'user' password: 'pass' @@ -49,7 +47,6 @@ scrape_configs: remote_write: - name: "remote1" url: "http://remote-write-url1" - proxy_from_environment: true tls_config: max_version: TLS13 - name: "remote2" diff --git a/converter/internal/promtailconvert/testdata/kubernetes.diags b/converter/internal/promtailconvert/testdata/kubernetes.diags deleted file mode 100644 index 33784fc0f6a3..000000000000 --- a/converter/internal/promtailconvert/testdata/kubernetes.diags +++ /dev/null @@ -1 +0,0 @@ -(Error) The converter does not support converting the provided HTTP Client proxy_from_environment config. \ No newline at end of file diff --git a/converter/internal/promtailconvert/testdata/kubernetes.river b/converter/internal/promtailconvert/testdata/kubernetes.river index d5444d1716d4..a343f038ab2e 100644 --- a/converter/internal/promtailconvert/testdata/kubernetes.river +++ b/converter/internal/promtailconvert/testdata/kubernetes.river @@ -58,6 +58,7 @@ discovery.kubernetes "fun_5" { tls_config { } } + proxy_from_environment = true } local.file_match "fun" { diff --git a/docs/sources/flow/reference/components/discovery.azure.md b/docs/sources/flow/reference/components/discovery.azure.md index 94b38bbec2a0..4ce108bffae2 100644 --- a/docs/sources/flow/reference/components/discovery.azure.md +++ b/docs/sources/flow/reference/components/discovery.azure.md @@ -26,15 +26,20 @@ discovery.azure "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required -------------------- | ---------- | ---------------------------------------------------------------------- | -------------------- | -------- -`environment` | `string` | Azure environment. | `"AzurePublicCloud"` | no -`port` | `number` | Port to be appended to the `__address__` label for each target. | `80` | no -`subscription_id` | `string` | Azure subscription ID. | | no -`refresh_interval` | `duration` | Interval at which to refresh the list of targets. | `5m` | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +Name | Type | Description | Default | Required +------------------------ | ---------- | ---------------------------------------------------------------------- | -------------------- | -------- +`environment` | `string` | Azure environment. | `"AzurePublicCloud"` | no +`port` | `number` | Port to be appended to the `__address__` label for each target. | `80` | no +`subscription_id` | `string` | Azure subscription ID. | | no +`refresh_interval` | `duration` | Interval at which to refresh the list of targets. | `5m` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no + +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} ## Blocks The following blocks are supported inside the definition of diff --git a/docs/sources/flow/reference/components/discovery.consul.md b/docs/sources/flow/reference/components/discovery.consul.md index e45e6a3ec040..918d74878831 100644 --- a/docs/sources/flow/reference/components/discovery.consul.md +++ b/docs/sources/flow/reference/components/discovery.consul.md @@ -27,8 +27,8 @@ discovery.consul "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- `server` | `string` | Host and port of the Consul API. | `localhost:8500` | no `token` | `secret` | Secret token used to access the Consul API. | | no `datacenter` | `string` | Datacenter to query. If not provided, the default is used. | | no @@ -43,19 +43,24 @@ Name | Type | Description | Default | Required `tags` | `list(string)` | An optional list of tags used to filter nodes for a given service. Services must contain all tags in the list. | | no `node_meta` | `map(string)` | Node metadata key/value pairs to filter nodes for a given service. | | no `refresh_interval` | `duration` | Frequency to refresh list of containers. | `"30s"` | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - At most one of the following can be provided: +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + [consistency documentation]: https://www.consul.io/api/features/consistency.html [arguments]: #arguments diff --git a/docs/sources/flow/reference/components/discovery.digitalocean.md b/docs/sources/flow/reference/components/discovery.digitalocean.md index a24eabaa0803..945cfdf41089 100644 --- a/docs/sources/flow/reference/components/discovery.digitalocean.md +++ b/docs/sources/flow/reference/components/discovery.digitalocean.md @@ -29,15 +29,18 @@ discovery.digitalocean "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required -------------------- | ---------- | ---------------------------------------------------------------------- | ------- | -------- -`port` | `number` | Port to be appended to the `__address__` label for each Droplet. | `80` | no -`refresh_interval` | `duration` | Frequency to refresh list of Droplets. | `"1m"` | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`port` | `number` | Port to be appended to the `__address__` label for each Droplet. | `80` | no +`refresh_interval` | `duration` | Frequency to refresh list of Droplets. | `"1m"` | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no The DigitalOcean API uses bearer tokens for authentication, see more about it in the [DigitalOcean API documentation](https://docs.digitalocean.com/reference/api/api-reference/#section/Authentication). @@ -45,6 +48,8 @@ Exactly one of the [`bearer_token`](#arguments) and [`bearer_token_file`](#argum [arguments]: #arguments +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ## Blocks The `discovery.digitalocean` component does not support any blocks, and is configured fully through arguments. diff --git a/docs/sources/flow/reference/components/discovery.docker.md b/docs/sources/flow/reference/components/discovery.docker.md index 5a8518f22873..74cf12895a6d 100644 --- a/docs/sources/flow/reference/components/discovery.docker.md +++ b/docs/sources/flow/reference/components/discovery.docker.md @@ -27,19 +27,22 @@ discovery.docker "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`host` | `string` | Address of the Docker Daemon to connect to. | | yes -`port` | `number` | Port to use for collecting metrics when containers don't have any port mappings. | `80` | no -`host_networking_host` | `string` | Host to use if the container is in host networking mode. | `"localhost"` | no -`refresh_interval` | `duration` | Frequency to refresh list of containers. | `"1m"` | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - At most one of the following can be provided: +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`host` | `string` | Address of the Docker Daemon to connect to. | | yes +`port` | `number` | Port to use for collecting metrics when containers don't have any port mappings. | `80` | no +`host_networking_host` | `string` | Host to use if the container is in host networking mode. | `"localhost"` | no +`refresh_interval` | `duration` | Frequency to refresh list of containers. | `"1m"` | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. @@ -48,6 +51,8 @@ Name | Type | Description | Default | Required [arguments]: #arguments +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ## Blocks The following blocks are supported inside the definition of diff --git a/docs/sources/flow/reference/components/discovery.dockerswarm.md b/docs/sources/flow/reference/components/discovery.dockerswarm.md index c1a7f8616cee..612480acd333 100644 --- a/docs/sources/flow/reference/components/discovery.dockerswarm.md +++ b/docs/sources/flow/reference/components/discovery.dockerswarm.md @@ -26,15 +26,31 @@ discovery.dockerswarm "LABEL" { The following arguments are supported: -| Name | Type | Description | Default | Required | -| ------------------ | -------------- | ----------------------------------------------------------------------------------------------------------------------------- | ------- | -------- | -| `host` | `string` | Address of the Docker daemon. | | yes | -| `role` | `string` | Role of the targets to retrieve. Must be `services`, `tasks`, or `nodes`. | | yes | -| `port` | `number` | The port to scrape metrics from, when `role` is nodes, and for discovered tasks and services that don't have published ports. | `80` | no | -| `refresh_interval` | `duration` | Interval at which to refresh the list of targets. | `"60s"` | no | -| `proxy_url` | `string` | HTTP proxy to proxy requests through. | | no | -| `follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no | -| `enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no | +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`host` | `string` | Address of the Docker daemon. | | yes +`role` | `string` | Role of the targets to retrieve. Must be `services`, `tasks`, or `nodes`. | | yes +`port` | `number` | The port to scrape metrics from, when `role` is nodes, and for discovered tasks and services that don't have published ports. | `80` | no +`refresh_interval` | `duration` | Interval at which to refresh the list of targets. | `"60s"` | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: + - [`bearer_token` argument](#arguments). + - [`bearer_token_file` argument](#arguments). + - [`basic_auth` block][basic_auth]. + - [`authorization` block][authorization]. + - [`oauth2` block][oauth2]. + +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + +[arguments]: #arguments ## Blocks diff --git a/docs/sources/flow/reference/components/discovery.ec2.md b/docs/sources/flow/reference/components/discovery.ec2.md index cc7f49259594..5b1f02856618 100644 --- a/docs/sources/flow/reference/components/discovery.ec2.md +++ b/docs/sources/flow/reference/components/discovery.ec2.md @@ -26,29 +26,34 @@ discovery.ec2 "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`endpoint` | `string` | Custom endpoint to be used.| | no -`region` | `string` | The AWS region. If blank, the region from the instance metadata is used. | | no -`access_key` | `string` | The AWS API key ID. If blank, the environment variable `AWS_ACCESS_KEY_ID` is used. | | no -`secret_key` | `string` | The AWS API key secret. If blank, the environment variable `AWS_SECRET_ACCESS_KEY` is used. | | no -`profile` | `string` | Named AWS profile used to connect to the API. | | no -`role_arn` | `string` | AWS Role Amazon Resource Name (ARN), an alternative to using AWS API keys. | | no -`refresh_interval` | `string` | Refresh interval to re-read the instance list. | 60s | no -`port` | `int` | The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. | 80 | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no - - At most one of the following can be provided: +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`endpoint` | `string` | Custom endpoint to be used. | | no +`region` | `string` | The AWS region. If blank, the region from the instance metadata is used. | | no +`access_key` | `string` | The AWS API key ID. If blank, the environment variable `AWS_ACCESS_KEY_ID` is used. | | no +`secret_key` | `string` | The AWS API key secret. If blank, the environment variable `AWS_SECRET_ACCESS_KEY` is used. | | no +`profile` | `string` | Named AWS profile used to connect to the API. | | no +`role_arn` | `string` | AWS Role Amazon Resource Name (ARN), an alternative to using AWS API keys. | | no +`refresh_interval` | `string` | Refresh interval to re-read the instance list. | 60s | no +`port` | `int` | The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. | 80 | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. + {{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ## Blocks The following blocks are supported inside the definition of diff --git a/docs/sources/flow/reference/components/discovery.eureka.md b/docs/sources/flow/reference/components/discovery.eureka.md index 93c76d9d09f8..3ce338012670 100644 --- a/docs/sources/flow/reference/components/discovery.eureka.md +++ b/docs/sources/flow/reference/components/discovery.eureka.md @@ -27,17 +27,20 @@ discovery.eureka "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required -------------------- | ---------- | ---------------------------------------------------------------------- | -------------------- | -------- -`server` | `string` | Eureka server URL. | | yes -`refresh_interval` | `duration` | Interval at which to refresh the list of targets. | `30s` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no - - At most one of the following can be provided: +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`server` | `string` | Eureka server URL. | | yes +`refresh_interval` | `duration` | Interval at which to refresh the list of targets. | `30s` | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. @@ -46,6 +49,8 @@ Name | Type | Description [arguments]: #arguments +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ## Blocks The following blocks are supported inside the definition of `discovery.eureka`: diff --git a/docs/sources/flow/reference/components/discovery.hetzner.md b/docs/sources/flow/reference/components/discovery.hetzner.md index f917f8417a84..4441f674863f 100644 --- a/docs/sources/flow/reference/components/discovery.hetzner.md +++ b/docs/sources/flow/reference/components/discovery.hetzner.md @@ -29,20 +29,23 @@ discovery.hetzner "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`role` | `string` | Hetzner role of entities that should be discovered. | | yes -`port` | `int` | The port to scrape metrics from. | `80` | no -`refresh_interval` | `duration` | The time after which the servers are refreshed. | `"60s"` | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`role` | `string` | Hetzner role of entities that should be discovered. | | yes +`port` | `int` | The port to scrape metrics from. | `80` | no +`refresh_interval` | `duration` | The time after which the servers are refreshed. | `"60s"` | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no `role` must be one of `robot` or `hcloud`. - You can provide one of the following arguments for authentication: + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. @@ -51,6 +54,8 @@ Name | Type | Description | Default | Required [arguments]: #arguments +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ## Blocks The following blocks are supported inside the definition of diff --git a/docs/sources/flow/reference/components/discovery.http.md b/docs/sources/flow/reference/components/discovery.http.md index 80639fe7077f..29cc18b13251 100644 --- a/docs/sources/flow/reference/components/discovery.http.md +++ b/docs/sources/flow/reference/components/discovery.http.md @@ -90,17 +90,20 @@ discovery.http "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required ---------------- | ------------------- | ------------------------------------------------------------------------------------------ |---------| -------- -`url` | string | URL to scrape | | yes -`refresh_interval` | `duration` | How often to refresh targets. | `"60s"` | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - At most one of the following can be provided: +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`url` | `string` | URL to scrape. | | yes +`refresh_interval` | `duration` | How often to refresh targets. | `"60s"` | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. @@ -109,6 +112,8 @@ Name | Type | Description [arguments]: #arguments +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ## Blocks The following blocks are supported inside the definition of diff --git a/docs/sources/flow/reference/components/discovery.ionos.md b/docs/sources/flow/reference/components/discovery.ionos.md index 378556ad7886..cb9629e1d4d4 100644 --- a/docs/sources/flow/reference/components/discovery.ionos.md +++ b/docs/sources/flow/reference/components/discovery.ionos.md @@ -27,18 +27,21 @@ discovery.ionos "LABEL" { The following arguments are supported: -| Name | Type | Description | Default | Required | -| ------------------ | ---------- | ------------------------------------------------------------ | ------- | -------- | -| `datacenter_id` | `string` | The unique ID of the data center. | | yes | -| `refresh_interval` | `duration` | The time after which the servers are refreshed. | `60s` | no | -| `port` | `int` | The port to scrape metrics from. | 80 | no | -| `bearer_token` | `secret` | Bearer token to authenticate with. | | no | -| `bearer_token_file`| `string` | File containing a bearer token to authenticate with. | | no | -| `proxy_url` | `string` | HTTP proxy to proxy requests through. | | no | -| `enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no | -| `follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no | - - At most one of the following can be provided: +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`datacenter_id` | `string` | The unique ID of the data center. | | yes +`refresh_interval` | `duration` | The time after which the servers are refreshed. | `60s` | no +`port` | `int` | The port to scrape metrics from. | 80 | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. @@ -47,6 +50,8 @@ The following arguments are supported: [arguments]: #arguments +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ## Blocks The following blocks are supported inside the definition of diff --git a/docs/sources/flow/reference/components/discovery.kubelet.md b/docs/sources/flow/reference/components/discovery.kubelet.md index bf0e1085dcde..860c672cfde0 100644 --- a/docs/sources/flow/reference/components/discovery.kubelet.md +++ b/docs/sources/flow/reference/components/discovery.kubelet.md @@ -33,18 +33,19 @@ discovery.kubelet "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`url` | `string` | URL of the Kubelet server. | "https://localhost:10250" | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`refresh_interval` | `duration` | How often the Kubelet should be polled for scrape targets | `5s` | no -`namespaces` | `list(string)` | A list of namespaces to extract target pods from | | no - -One of the following authentication methods must be provided if kubelet authentication is enabled - - [`bearer_token` argument](#arguments). - - [`bearer_token_file` argument](#arguments). - - [`authorization` block][authorization]. +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`url` | `string` | URL of the Kubelet server. | "https://localhost:10250" | no +`refresh_interval` | `duration` | How often the Kubelet should be polled for scrape targets | `5s` | no +`namespaces` | `list(string)` | A list of namespaces to extract target pods from | | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no The `namespaces` list limits the namespaces to discover resources in. If omitted, all namespaces are searched. @@ -53,6 +54,17 @@ omitted, all namespaces are searched. You can have additional paths in the `url`. For example, if `url` is `https://kubernetes.default.svc.cluster.local:443/api/v1/nodes/cluster-node-1/proxy`, then `discovery.kubelet` sends a request on `https://kubernetes.default.svc.cluster.local:443/api/v1/nodes/cluster-node-1/proxy/pods` + At most, one of the following can be provided: + - [`bearer_token` argument](#arguments). + - [`bearer_token_file` argument](#arguments). + - [`basic_auth` block][basic_auth]. + - [`authorization` block][authorization]. + - [`oauth2` block][oauth2]. + + [arguments]: #arguments + +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ## Blocks The following blocks are supported inside the definition of @@ -60,16 +72,33 @@ The following blocks are supported inside the definition of Hierarchy | Block | Description | Required --------- | ----- | ----------- | -------- +basic_auth | [basic_auth][] | Configure basic_auth for authenticating to the endpoint. | no authorization | [authorization][] | Configure generic authorization to the endpoint. | no +oauth2 | [oauth2][] | Configure OAuth2 for authenticating to the endpoint. | no +oauth2 > tls_config | [tls_config][] | Configure TLS settings for connecting to the endpoint. | no tls_config | [tls_config][] | Configure TLS settings for connecting to the endpoint. | no +The `>` symbol indicates deeper levels of nesting. For example, +`oauth2 > tls_config` refers to a `tls_config` block defined inside +an `oauth2` block. + +[basic_auth]: #basic_auth-block [authorization]: #authorization-block +[oauth2]: #oauth2-block [tls_config]: #tls_config-block +### basic_auth block + +{{< docs/shared lookup="flow/reference/components/basic-auth-block.md" source="agent" version="" >}} + ### authorization block {{< docs/shared lookup="flow/reference/components/authorization-block.md" source="agent" version="" >}} +### oauth2 block + +{{< docs/shared lookup="flow/reference/components/oauth2-block.md" source="agent" version="" >}} + ### tls_config block {{< docs/shared lookup="flow/reference/components/tls-config-block.md" source="agent" version="" >}} diff --git a/docs/sources/flow/reference/components/discovery.kubernetes.md b/docs/sources/flow/reference/components/discovery.kubernetes.md index 8745ff5ddd7a..65248ab90cdd 100644 --- a/docs/sources/flow/reference/components/discovery.kubernetes.md +++ b/docs/sources/flow/reference/components/discovery.kubernetes.md @@ -31,18 +31,21 @@ discovery.kubernetes "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`api_server` | `string` | URL of Kubernetes API server. | | no -`role` | `string` | Type of Kubernetes resource to query. | | yes -`kubeconfig_file` | `string` | Path of kubeconfig file to use for connecting to Kubernetes. | | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - At most one of the following can be provided: +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`api_server` | `string` | URL of Kubernetes API server. | | no +`role` | `string` | Type of Kubernetes resource to query. | | yes +`kubeconfig_file` | `string` | Path of kubeconfig file to use for connecting to Kubernetes. | | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. @@ -51,6 +54,8 @@ Name | Type | Description | Default | Required [arguments]: #arguments +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + The `role` argument is required to specify what type of targets to discover. `role` must be one of `node`, `pod`, `service`, `endpoints`, `endpointslice`, or `ingress`. diff --git a/docs/sources/flow/reference/components/discovery.kuma.md b/docs/sources/flow/reference/components/discovery.kuma.md index 8763bc2eb357..42aacb07dc25 100644 --- a/docs/sources/flow/reference/components/discovery.kuma.md +++ b/docs/sources/flow/reference/components/discovery.kuma.md @@ -27,24 +27,29 @@ discovery.kuma "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required ------------------- | -------------- | -------------------------------------------------------------- | ------------- | -------- -`server` | `string` | Address of the Kuma Control Plane's MADS xDS server. | | yes -`refresh_interval` | `duration` | The time to wait between polling update requests. | `"30s"` | no -`fetch_timeout` | `duration` | The time after which the monitoring assignments are refreshed. | `"2m"` | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - You can provide one of the following arguments for authentication: +Name | Type | Description | Default | Required +------------------------ | ------------------- | -------------------------------------------------------------- | ------- | -------- +`server` | `string` | Address of the Kuma Control Plane's MADS xDS server. | | yes +`refresh_interval` | `duration` | The time to wait between polling update requests. | `"30s"` | no +`fetch_timeout` | `duration` | The time after which the monitoring assignments are refreshed. | `"2m"` | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + The following blocks are supported inside the definition of `discovery.kuma`: diff --git a/docs/sources/flow/reference/components/discovery.lightsail.md b/docs/sources/flow/reference/components/discovery.lightsail.md index 22868c58faeb..3c9f22f26aef 100644 --- a/docs/sources/flow/reference/components/discovery.lightsail.md +++ b/docs/sources/flow/reference/components/discovery.lightsail.md @@ -34,6 +34,63 @@ Name | Type | Description | Default | Required `role_arn` | `string` | AWS Role ARN, an alternative to using AWS API keys. | | no `refresh_interval` | `string` | Refresh interval to re-read the instance list. | 60s | no `port` | `int` | The port to scrape metrics from. If using the public IP address, this must instead be specified in the relabeling rule. | 80 | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + +At most, one of the following can be provided: + - [`bearer_token` argument](#arguments). + - [`bearer_token_file` argument](#arguments). + - [`basic_auth` block][basic_auth]. + - [`authorization` block][authorization]. + - [`oauth2` block][oauth2]. + + [arguments]: #arguments + +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + +## Blocks + +The following blocks are supported inside the definition of +`discovery.lightsail`: + +Hierarchy | Block | Description | Required +--------- | ----- | ----------- | -------- +basic_auth | [basic_auth][] | Configure basic_auth for authenticating to the endpoint. | no +authorization | [authorization][] | Configure generic authorization to the endpoint. | no +oauth2 | [oauth2][] | Configure OAuth2 for authenticating to the endpoint. | no +oauth2 > tls_config | [tls_config][] | Configure TLS settings for connecting to the endpoint. | no +tls_config | [tls_config][] | Configure TLS settings for connecting to the endpoint. | no + +The `>` symbol indicates deeper levels of nesting. For example, +`oauth2 > tls_config` refers to a `tls_config` block defined inside +an `oauth2` block. + +[basic_auth]: #basic_auth-block +[authorization]: #authorization-block +[oauth2]: #oauth2-block +[tls_config]: #tls_config-block + +### basic_auth block + +{{< docs/shared lookup="flow/reference/components/basic-auth-block.md" source="agent" version="" >}} + +### authorization block + +{{< docs/shared lookup="flow/reference/components/authorization-block.md" source="agent" version="" >}} + +### oauth2 block + +{{< docs/shared lookup="flow/reference/components/oauth2-block.md" source="agent" version="" >}} + +### tls_config block + +{{< docs/shared lookup="flow/reference/components/tls-config-block.md" source="agent" version="" >}} ## Exported fields @@ -57,7 +114,6 @@ Each target includes the following labels: * `__meta_lightsail_region`: The region of the instance. * `__meta_lightsail_tag_`: Each tag value of the instance. - ## Component health `discovery.lightsail` is only reported as unhealthy when given an invalid diff --git a/docs/sources/flow/reference/components/discovery.linode.md b/docs/sources/flow/reference/components/discovery.linode.md index 6a5733c9e6cc..a5b2284943f4 100644 --- a/docs/sources/flow/reference/components/discovery.linode.md +++ b/docs/sources/flow/reference/components/discovery.linode.md @@ -28,29 +28,37 @@ The linode APIv4 Token must be created with the scopes: `linodes:read_only`, `ip The following arguments are supported: -Name | Type | Description | Default | Required ------------------- | -------------- | -------------------------------------------------------------- | ------------- | -------- -`refresh_interval` | `duration` | The time to wait between polling update requests. | `"60s"` | no -`port` | `int` | Port that metrics are scraped from. | `80` | no -`tag_separator` | `string` | The string by which Linode Instance tags are joined into the tag label. | `,` | no - -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - You can provide one of the following arguments for authentication: +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`refresh_interval` | `duration` | The time to wait between polling update requests. | `"60s"` | no +`port` | `int` | Port that metrics are scraped from. | `80` | no +`tag_separator` | `string` | The string by which Linode Instance tags are joined into the tag label. | `,` | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). + - [`basic_auth` block][basic_auth]. - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + +## Blocks + The following blocks are supported inside the definition of `discovery.linode`: Hierarchy | Block | Description | Required --------- | ----- | ----------- | -------- +basic_auth | [basic_auth][] | Configure basic_auth for authenticating to the endpoint. | no authorization | [authorization][] | Configure generic authorization to the endpoint. | no oauth2 | [oauth2][] | Configure OAuth2 for authenticating to the endpoint. | no oauth2 > tls_config | [tls_config][] | Configure TLS settings for connecting to the endpoint. | no @@ -60,10 +68,15 @@ The `>` symbol indicates deeper levels of nesting. For example, `oauth2 > tls_config` refers to a `tls_config` block defined inside an `oauth2` block. +[basic_auth]: #basic_auth-block [authorization]: #authorization-block [oauth2]: #oauth2-block [tls_config]: #tls_config-block +### basic_auth block + +{{< docs/shared lookup="flow/reference/components/basic-auth-block.md" source="agent" version="" >}} + ### authorization block {{< docs/shared lookup="flow/reference/components/authorization-block.md" source="agent" version="" >}} diff --git a/docs/sources/flow/reference/components/discovery.marathon.md b/docs/sources/flow/reference/components/discovery.marathon.md index 43c50ab468de..18c397139f1b 100644 --- a/docs/sources/flow/reference/components/discovery.marathon.md +++ b/docs/sources/flow/reference/components/discovery.marathon.md @@ -25,26 +25,34 @@ discovery.marathon "LABEL" { The following arguments are supported: -| Name | Type | Description | Default | Required | -| ------------------ | -------------- | ------------------------------------------------------------ | ------- | -------- | -| `servers` | `list(string)` | List of Marathon servers. | | yes | -| `refresh_interval` | `duration` | Interval at which to refresh the list of targets. | `"30s"` | no | -| `auth_token` | `secret` | Auth token to authenticate with. | | no | -| `auth_token_file` | `string` | File containing an auth token to authenticate with. | | no | -| `proxy_url` | `string` | HTTP proxy to proxy requests through. | | no | -| `follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no | -| `enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no | - -You can provide one of the following arguments for authentication: - +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`servers` | `list(string)` | List of Marathon servers. | | yes +`refresh_interval` | `duration` | Interval at which to refresh the list of targets. | `"30s"` | no +`auth_token` | `secret` | Auth token to authenticate with. | | no +`auth_token_file` | `string` | File containing an auth token to authenticate with. | | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`auth_token` argument](#arguments). - [`auth_token_file` argument](#arguments). +- [`bearer_token_file` argument](#arguments). +- [`bearer_token` argument](#arguments). - [`basic_auth` block][basic_auth]. - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. [arguments]: #arguments +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ## Blocks The following blocks are supported inside the definition of diff --git a/docs/sources/flow/reference/components/discovery.nomad.md b/docs/sources/flow/reference/components/discovery.nomad.md index 14c51bb6c72f..6bfe87300304 100644 --- a/docs/sources/flow/reference/components/discovery.nomad.md +++ b/docs/sources/flow/reference/components/discovery.nomad.md @@ -24,21 +24,24 @@ discovery.nomad "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`server` | `string` | Address of nomad server. | `http://localhost:4646` | no -`namespace` | `string` | Nomad namespace to use. | `default` | no -`region` | `string` | Nomad region to use. | `global` | no -`allow_stale` | `bool` | Allow reading from non-leader nomad instances. | `true` | no -`tag_separator` | `string` | Seperator to join nomad tags into Prometheus labels. | `,` | no -`refresh_interval` | `duration` | Frequency to refresh list of containers. | `"30s"` | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - You can provide one of the following arguments for authentication: +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ----------------------- | -------- +`server` | `string` | Address of nomad server. | `http://localhost:4646` | no +`namespace` | `string` | Nomad namespace to use. | `default` | no +`region` | `string` | Nomad region to use. | `global` | no +`allow_stale` | `bool` | Allow reading from non-leader nomad instances. | `true` | no +`tag_separator` | `string` | Seperator to join nomad tags into Prometheus labels. | `,` | no +`refresh_interval` | `duration` | Frequency to refresh list of containers. | `"30s"` | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. @@ -47,6 +50,8 @@ Name | Type | Description | Default | Required [arguments]: #arguments +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ## Blocks The following blocks are supported inside the definition of diff --git a/docs/sources/flow/reference/components/discovery.puppetdb.md b/docs/sources/flow/reference/components/discovery.puppetdb.md index c4e984bcd440..89b842da8387 100644 --- a/docs/sources/flow/reference/components/discovery.puppetdb.md +++ b/docs/sources/flow/reference/components/discovery.puppetdb.md @@ -31,20 +31,23 @@ discovery.puppetdb "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`url` | `string` | The URL of the PuppetDB root query endpoint. | | yes -`query` | `string` | Puppet Query Language (PQL) query. Only resources are supported. | | yes -`include_parameters` | `bool` | Whether to include the parameters as meta labels. Due to the differences between parameter types and Prometheus labels, some parameters might not be rendered. The format of the parameters might also change in future releases. Make sure that you don't have secrets exposed as parameters if you enable this. | `false` | no -`port` | `int` | The port to scrape metrics from.. | `80` | no -`refresh_interval` | `duration` | Frequency to refresh targets. | `"30s"` | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - You can provide one of the following arguments for authentication: +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`url` | `string` | The URL of the PuppetDB root query endpoint. | | yes +`query` | `string` | Puppet Query Language (PQL) query. Only resources are supported. | | yes +`include_parameters` | `bool` | Whether to include the parameters as meta labels. Due to the differences between parameter types and Prometheus labels, some parameters might not be rendered. The format of the parameters might also change in future releases. Make sure that you don't have secrets exposed as parameters if you enable this. | `false` | no +`port` | `int` | The port to scrape metrics from. | `80` | no +`refresh_interval` | `duration` | Frequency to refresh targets. | `"30s"` | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. @@ -53,6 +56,8 @@ Name | Type | Description | Default | Required [arguments]: #arguments +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ## Blocks The following blocks are supported inside the definition of diff --git a/docs/sources/flow/reference/components/discovery.scaleway.md b/docs/sources/flow/reference/components/discovery.scaleway.md index f65aa6941346..debf8f2941c5 100644 --- a/docs/sources/flow/reference/components/discovery.scaleway.md +++ b/docs/sources/flow/reference/components/discovery.scaleway.md @@ -43,7 +43,10 @@ Name | Type | Description | Default | Required `tags_filter` | `list(string)` | List of tags to search for. | | no `refresh_interval` | `duration` | Frequency to rediscover targets. | `"60s"` | no `port` | `number` | Default port on servers to associate with generated targets. | `80` | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no `follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no `enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no @@ -58,6 +61,8 @@ discovered servers. `name_filter` returns machines matching a specific name, while `tags_filter` returns machines who contain _all_ the tags listed in the `tags_filter` argument. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ## Blocks The following blocks are supported inside the definition of diff --git a/docs/sources/flow/reference/components/discovery.uyuni.md b/docs/sources/flow/reference/components/discovery.uyuni.md index 25909d8d5217..7621d4b6c4e6 100644 --- a/docs/sources/flow/reference/components/discovery.uyuni.md +++ b/docs/sources/flow/reference/components/discovery.uyuni.md @@ -29,18 +29,22 @@ discovery.uyuni "LABEL" { The following arguments are supported: -Name | Type | Description | Default | Required ---------------------- | ---------- | ---------------------------------------------------------------------- | ------------------------ | -------- -`server` | `string` | The primary Uyuni Server. | | yes -`username` | `string` | The username to use for authentication to the Uyuni API. | | yes -`password` | `Secret` | The password to use for authentication to the Uyuni API. | | yes -`entitlement` | `string` | The entitlement to filter on when listing targets. | `"monitoring_entitled"` | no -`separator` | `string` | The separator to use when building the `__meta_uyuni_groups` label. | `","` | no -`refresh_interval` | `duration` | Interval at which to refresh the list of targets. | `1m` | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------------- | ----------------------- | -------- +`server` | `string` | The primary Uyuni Server. | | yes +`username` | `string` | The username to use for authentication to the Uyuni API. | | yes +`password` | `Secret` | The password to use for authentication to the Uyuni API. | | yes +`entitlement` | `string` | The entitlement to filter on when listing targets. | `"monitoring_entitled"` | no +`separator` | `string` | The separator to use when building the `__meta_uyuni_groups` label. | `","` | no +`refresh_interval` | `duration` | Interval at which to refresh the list of targets. | `1m` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no + +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} ## Blocks The following blocks are supported inside the definition of diff --git a/docs/sources/flow/reference/components/loki.source.kubernetes.md b/docs/sources/flow/reference/components/loki.source.kubernetes.md index a14e305d6d39..1d6c674fb995 100644 --- a/docs/sources/flow/reference/components/loki.source.kubernetes.md +++ b/docs/sources/flow/reference/components/loki.source.kubernetes.md @@ -105,23 +105,28 @@ used. The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`api_server` | `string` | URL of the Kubernetes API server. | | no -`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - At most one of the following can be provided: +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`api_server` | `string` | URL of the Kubernetes API server. | | no +`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument][client]. - [`bearer_token_file` argument][client]. - [`basic_auth` block][basic_auth]. - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ### basic_auth block {{< docs/shared lookup="flow/reference/components/basic-auth-block.md" source="agent" version="" >}} diff --git a/docs/sources/flow/reference/components/loki.source.kubernetes_events.md b/docs/sources/flow/reference/components/loki.source.kubernetes_events.md index 49a9f8b7d824..2bf1be9afe6a 100644 --- a/docs/sources/flow/reference/components/loki.source.kubernetes_events.md +++ b/docs/sources/flow/reference/components/loki.source.kubernetes_events.md @@ -101,23 +101,28 @@ used. The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`api_server` | `string` | URL of the Kubernetes API server. | | no -`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - At most one of the following can be provided: +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`api_server` | `string` | URL of the Kubernetes API server. | | no +`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument][client]. - [`bearer_token_file` argument][client]. - [`basic_auth` block][basic_auth]. - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ### basic_auth block {{< docs/shared lookup="flow/reference/components/basic-auth-block.md" source="agent" version="" >}} diff --git a/docs/sources/flow/reference/components/loki.source.podlogs.md b/docs/sources/flow/reference/components/loki.source.podlogs.md index 2559fd95e055..cc1e0ea0d35c 100644 --- a/docs/sources/flow/reference/components/loki.source.podlogs.md +++ b/docs/sources/flow/reference/components/loki.source.podlogs.md @@ -168,22 +168,28 @@ used. The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`api_server` | `string` | URL of the Kubernetes API server. | | no -`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - At most one of the following can be provided: +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | ------- | -------- +`api_server` | `string` | URL of the Kubernetes API server. | | no +`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument][client]. - [`bearer_token_file` argument][client]. - [`basic_auth` block][basic_auth]. - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ### basic_auth block {{< docs/shared lookup="flow/reference/components/basic-auth-block.md" source="agent" version="" >}} diff --git a/docs/sources/flow/reference/components/loki.write.md b/docs/sources/flow/reference/components/loki.write.md index 946f72c5d324..0ff2d61af4cf 100644 --- a/docs/sources/flow/reference/components/loki.write.md +++ b/docs/sources/flow/reference/components/loki.write.md @@ -71,32 +71,37 @@ The `endpoint` block describes a single location to send logs to. Multiple The following arguments are supported: -Name | Type | Description | Default | Required ---------------------- | ------------- | ------------------------------------- | -------------- | -------- -`url` | `string` | Full URL to send logs to. | | yes -`name` | `string` | Optional name to identify this endpoint with. | | no -`headers` | `map(string)` | Extra headers to deliver with the request. | | no -`batch_wait` | `duration` | Maximum amount of time to wait before sending a batch. | `"1s"` | no -`batch_size` | `string` | Maximum batch size of logs to accumulate before sending. | `"1MiB"` | no -`remote_timeout` | `duration` | Timeout for requests made to the URL. | `"10s"` | no -`tenant_id` | `string` | The tenant ID used by default to push logs. | | no -`min_backoff_period` | `duration` | Initial backoff time between retries. | `"500ms"` | no -`max_backoff_period` | `duration` | Maximum backoff time between retries. | `"5m"` | no -`max_backoff_retries` | `int` | Maximum number of retries. | 10 | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no -`retry_on_http_429` | `bool` | Retry when an HTTP 429 status code is received. | `true` | no - - At most one of the following can be provided: +Name | Type | Description | Default | Required +------------------------ | ------------------- | ------------------------------------------------------------- | --------- | -------- +`url` | `string` | Full URL to send logs to. | | yes +`name` | `string` | Optional name to identify this endpoint with. | | no +`headers` | `map(string)` | Extra headers to deliver with the request. | | no +`batch_wait` | `duration` | Maximum amount of time to wait before sending a batch. | `"1s"` | no +`batch_size` | `string` | Maximum batch size of logs to accumulate before sending. | `"1MiB"` | no +`remote_timeout` | `duration` | Timeout for requests made to the URL. | `"10s"` | no +`tenant_id` | `string` | The tenant ID used by default to push logs. | | no +`min_backoff_period` | `duration` | Initial backoff time between retries. | `"500ms"` | no +`max_backoff_period` | `duration` | Maximum backoff time between retries. | `"5m"` | no +`max_backoff_retries` | `int` | Maximum number of retries. | 10 | no +`retry_on_http_429` | `bool` | Retry when an HTTP 429 status code is received. | `true` | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#endpoint-block). - [`bearer_token_file` argument](#endpoint-block). - [`basic_auth` block][basic_auth]. - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + If no `tenant_id` is provided, the component assumes that the Loki instance at `endpoint` is running in single-tenant mode and no X-Scope-OrgID header is sent. diff --git a/docs/sources/flow/reference/components/mimir.rules.kubernetes.md b/docs/sources/flow/reference/components/mimir.rules.kubernetes.md index fd5639a03bf4..9a8672005b5f 100644 --- a/docs/sources/flow/reference/components/mimir.rules.kubernetes.md +++ b/docs/sources/flow/reference/components/mimir.rules.kubernetes.md @@ -47,21 +47,24 @@ mimir.rules.kubernetes "LABEL" { `mimir.rules.kubernetes` supports the following arguments: -| Name | Type | Description | Default | Required | -| ------------------------ | ---------- | ------------------------------------------------------------------------------- | ------------- | -------- | -| `address` | `string` | URL of the Mimir ruler. | | yes | -| `tenant_id` | `string` | Mimir tenant ID. | | no | -| `use_legacy_routes` | `bool` | Whether to use [deprecated][gem-2_2] ruler API endpoints. | false | no | -| `prometheus_http_prefix` | `string` | Path prefix for [Mimir's Prometheus endpoint][gem-path-prefix]. | `/prometheus` | no | -| `sync_interval` | `duration` | Amount of time between reconciliations with Mimir. | "30s" | no | -| `mimir_namespace_prefix` | `string` | Prefix used to differentiate multiple {{< param "PRODUCT_NAME" >}} deployments. | "agent" | no | -| `bearer_token` | `secret` | Bearer token to authenticate with. | | no | -| `bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no | -| `proxy_url` | `string` | HTTP proxy to proxy requests through. | | no | -| `follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no | -| `enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no | - - At most one of the following can be provided: +Name | Type | Description | Default | Required +------------------------ | ------------------- | --------------------------------------------------------------- | ------------- | -------- +`address` | `string` | URL of the Mimir ruler. | | yes +`tenant_id` | `string` | Mimir tenant ID. | | no +`use_legacy_routes` | `bool` | Whether to use [deprecated][gem-2_2] ruler API endpoints. | false | no +`prometheus_http_prefix` | `string` | Path prefix for [Mimir's Prometheus endpoint][gem-path-prefix]. | `/prometheus` | no +`sync_interval` | `duration` | Amount of time between reconciliations with Mimir. | "30s" | no +`mimir_namespace_prefix` | `string` | Prefix used to differentiate multiple {{< param "PRODUCT_NAME" >}} deployments. | "agent" | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. @@ -70,6 +73,8 @@ mimir.rules.kubernetes "LABEL" { [arguments]: #arguments +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + If no `tenant_id` is provided, the component assumes that the Mimir instance at `address` is running in single-tenant mode and no `X-Scope-OrgID` header is sent. diff --git a/docs/sources/flow/reference/components/prometheus.operator.podmonitors.md b/docs/sources/flow/reference/components/prometheus.operator.podmonitors.md index b8ef773567ca..aba8d1d91431 100644 --- a/docs/sources/flow/reference/components/prometheus.operator.podmonitors.md +++ b/docs/sources/flow/reference/components/prometheus.operator.podmonitors.md @@ -83,22 +83,28 @@ used. The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`api_server` | `string` | URL of the Kubernetes API server. | | no -`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - At most one of the following can be provided: +Name | Type | Description | Default | Required +-------------------------|---------------------|---------------------------------------------------------------|---------|--------- +`api_server` | `string` | URL of the Kubernetes API server. | | no +`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument][client]. - [`bearer_token_file` argument][client]. - [`basic_auth` block][basic_auth]. - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ### basic_auth block {{< docs/shared lookup="flow/reference/components/basic-auth-block.md" source="agent" version="" >}} diff --git a/docs/sources/flow/reference/components/prometheus.operator.probes.md b/docs/sources/flow/reference/components/prometheus.operator.probes.md index c8fddb96e1dd..0ce21029fce0 100644 --- a/docs/sources/flow/reference/components/prometheus.operator.probes.md +++ b/docs/sources/flow/reference/components/prometheus.operator.probes.md @@ -85,22 +85,28 @@ configuration with the service account of the running {{< param "PRODUCT_ROOT_NA The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`api_server` | `string` | URL of the Kubernetes API server. | | no -`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - At most one of the following can be provided: +Name | Type | Description | Default | Required +-------------------------|---------------------|---------------------------------------------------------------|---------|--------- +`api_server` | `string` | URL of the Kubernetes API server. | | no +`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument][client]. - [`bearer_token_file` argument][client]. - [`basic_auth` block][basic_auth]. - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ### basic_auth block {{< docs/shared lookup="flow/reference/components/basic-auth-block.md" source="agent" version="" >}} diff --git a/docs/sources/flow/reference/components/prometheus.operator.servicemonitors.md b/docs/sources/flow/reference/components/prometheus.operator.servicemonitors.md index 29a6414a6339..7ae878d6a85f 100644 --- a/docs/sources/flow/reference/components/prometheus.operator.servicemonitors.md +++ b/docs/sources/flow/reference/components/prometheus.operator.servicemonitors.md @@ -84,22 +84,28 @@ If the `client` block isn't provided, the default in-cluster configuration with The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`api_server` | `string` | URL of the Kubernetes API server. | | no -`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - At most one of the following can be provided: +Name | Type | Description | Default | Required +-------------------------|---------------------|---------------------------------------------------------------|---------|--------- +`api_server` | `string` | URL of the Kubernetes API server. | | no +`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument][client]. - [`bearer_token_file` argument][client]. - [`basic_auth` block][basic_auth]. - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ### basic_auth block {{< docs/shared lookup="flow/reference/components/basic-auth-block.md" source="agent" version="" >}} diff --git a/docs/sources/flow/reference/components/prometheus.remote_write.md b/docs/sources/flow/reference/components/prometheus.remote_write.md index 5664cd10aa6e..184433a5216d 100644 --- a/docs/sources/flow/reference/components/prometheus.remote_write.md +++ b/docs/sources/flow/reference/components/prometheus.remote_write.md @@ -96,13 +96,16 @@ Name | Type | Description | Default | Required `headers` | `map(string)` | Extra headers to deliver with the request. | | no `send_exemplars` | `bool` | Whether exemplars should be sent. | `true` | no `send_native_histograms` | `bool` | Whether native histograms should be sent. | `false` | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - At most one of the following can be provided: +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#endpoint-block). - [`bearer_token_file` argument](#endpoint-block). - [`basic_auth` block][basic_auth]. @@ -125,6 +128,8 @@ sent to `prometheus.remote_write` are forwarded to the configured endpoint. If the endpoint doesn't support receiving native histogram samples, pushing metrics fails. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ### basic_auth block {{< docs/shared lookup="flow/reference/components/basic-auth-block.md" source="agent" version="" >}} diff --git a/docs/sources/flow/reference/components/prometheus.scrape.md b/docs/sources/flow/reference/components/prometheus.scrape.md index cd204221030d..4cc40b420e74 100644 --- a/docs/sources/flow/reference/components/prometheus.scrape.md +++ b/docs/sources/flow/reference/components/prometheus.scrape.md @@ -64,19 +64,24 @@ Name | Type | Description | Default | Required `label_limit` | `uint` | More than this many labels post metric-relabeling causes the scrape to fail. | | no `label_name_length_limit` | `uint` | More than this label name length post metric-relabeling causes the scrape to fail. | | no `label_value_length_limit` | `uint` | More than this label value length post metric-relabeling causes the scrape to fail. | | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - At most one of the following can be provided: +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + `track_timestamps_staleness` controls whether Prometheus tracks [staleness][prom-staleness] of metrics which with an explicit timestamp present in scraped data. * An "explicit timestamp" is an optional timestamp in the [Prometheus metrics exposition format][prom-text-exposition-format]. For example, this sample has a timestamp of `1395066363000`: ``` diff --git a/docs/sources/flow/reference/components/pyroscope.scrape.md b/docs/sources/flow/reference/components/pyroscope.scrape.md index 35e7022df482..d045f9ac8940 100644 --- a/docs/sources/flow/reference/components/pyroscope.scrape.md +++ b/docs/sources/flow/reference/components/pyroscope.scrape.md @@ -77,13 +77,16 @@ Name | Type | Description `scrape_interval` | `duration` | How frequently to scrape the targets of this scrape configuration. | `"15s"` | no `scrape_timeout` | `duration` | The timeout for scraping targets of this configuration. Must be larger than `scrape_interval`. | `"18s"` | no `scheme` | `string` | The URL scheme with which to fetch metrics from targets. | `"http"` | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no `bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no `enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no -At most one of the following authentication mechanisms can be provided: + At most, one of the following can be provided: - [`bearer_token` argument](#arguments). - [`bearer_token_file` argument](#arguments). - [`basic_auth` block][basic_auth]. @@ -92,6 +95,8 @@ At most one of the following authentication mechanisms can be provided: [arguments]: #arguments +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + #### `job_name` argument `job_name` defaults to the component's unique identifier. diff --git a/docs/sources/flow/reference/components/pyroscope.write.md b/docs/sources/flow/reference/components/pyroscope.write.md index 3012be03319c..94076a605379 100644 --- a/docs/sources/flow/reference/components/pyroscope.write.md +++ b/docs/sources/flow/reference/components/pyroscope.write.md @@ -74,28 +74,32 @@ The `endpoint` block describes a single location to send profiles to. Multiple The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`url` | `string` | Full URL to send metrics to. | | yes -`name` | `string` | Optional name to identify the endpoint in metrics. | | no -`remote_timeout` | `duration` | Timeout for requests made to the URL. | `"10s"` | no -`headers` | `map(string)` | Extra headers to deliver with the request. | | no -`min_backoff_period` | `duration` | Initial backoff time between retries. | `"500ms"` | no -`max_backoff_period` | `duration` | Maximum backoff time between retries. | `"5m"` | no -`max_backoff_retries` | `int` | Maximum number of retries. 0 to retry infinitely. | 10 | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no - - At most one of the following can be provided: - -- [`bearer_token` argument][endpoint]. -- [`bearer_token_file` argument][endpoint]. -- [`basic_auth` block][basic_auth]. -- [`authorization` block][authorization]. -- [`oauth2` block][oauth2]. +Name | Type | Description | Default | Required +-------------------------|---------------------|---------------------------------------------------------------|-----------|--------- +`url` | `string` | Full URL to send metrics to. | | yes +`name` | `string` | Optional name to identify the endpoint in metrics. | | no +`remote_timeout` | `duration` | Timeout for requests made to the URL. | `"10s"` | no +`headers` | `map(string)` | Extra headers to deliver with the request. | | no +`min_backoff_period` | `duration` | Initial backoff time between retries. | `"500ms"` | no +`max_backoff_period` | `duration` | Maximum backoff time between retries. | `"5m"` | no +`max_backoff_retries` | `int` | Maximum number of retries. 0 to retry infinitely. | 10 | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no + + At most, one of the following can be provided: + - [`bearer_token` argument][endpoint]. + - [`bearer_token_file` argument][endpoint]. + - [`basic_auth` block][basic_auth]. + - [`authorization` block][authorization]. + - [`oauth2` block][oauth2]. + +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} When multiple `endpoint` blocks are provided, profiles are concurrently forwarded to all configured locations. diff --git a/docs/sources/flow/reference/components/remote.kubernetes.configmap.md b/docs/sources/flow/reference/components/remote.kubernetes.configmap.md index 56acc6bbcc4e..adbaf214d2c2 100644 --- a/docs/sources/flow/reference/components/remote.kubernetes.configmap.md +++ b/docs/sources/flow/reference/components/remote.kubernetes.configmap.md @@ -73,14 +73,18 @@ used. The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`api_server` | `string` | URL of the Kubernetes API server. | | no -`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +Name | Type | Description | Default | Required +-------------------------|---------------------|---------------------------------------------------------------|---------|--------- +`api_server` | `string` | URL of the Kubernetes API server. | | no +`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no At most, one of the following can be provided: - [`bearer_token` argument][client]. @@ -89,6 +93,8 @@ Name | Type | Description | Default | Required - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ### basic_auth block {{< docs/shared lookup="flow/reference/components/basic-auth-block.md" source="agent" version="" >}} diff --git a/docs/sources/flow/reference/components/remote.kubernetes.secret.md b/docs/sources/flow/reference/components/remote.kubernetes.secret.md index 3fe84fee4ad0..8e5a7cd966ec 100644 --- a/docs/sources/flow/reference/components/remote.kubernetes.secret.md +++ b/docs/sources/flow/reference/components/remote.kubernetes.secret.md @@ -72,14 +72,18 @@ configuration with the service account of the running {{< param "PRODUCT_ROOT_NA The following arguments are supported: -Name | Type | Description | Default | Required ----- | ---- | ----------- | ------- | -------- -`api_server` | `string` | URL of the Kubernetes API server. | | no -`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`proxy_url` | `string` | HTTP proxy to proxy requests through. | | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +Name | Type | Description | Default | Required +-------------------------|---------------------|---------------------------------------------------------------|---------|--------- +`api_server` | `string` | URL of the Kubernetes API server. | | no +`kubeconfig_file` | `string` | Path of the `kubeconfig` file to use for connecting to Kubernetes. | | no +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no At most, one of the following can be provided: - [`bearer_token` argument][client]. @@ -88,6 +92,8 @@ Name | Type | Description | Default | Required - [`authorization` block][authorization]. - [`oauth2` block][oauth2]. +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} + ### basic_auth block {{< docs/shared lookup="flow/reference/components/basic-auth-block.md" source="agent" version="" >}} diff --git a/docs/sources/shared/flow/reference/components/http-client-config-block.md b/docs/sources/shared/flow/reference/components/http-client-config-block.md index 04a680c51a21..a115d031b209 100644 --- a/docs/sources/shared/flow/reference/components/http-client-config-block.md +++ b/docs/sources/shared/flow/reference/components/http-client-config-block.md @@ -10,12 +10,17 @@ description: Shared content, http client config block headless: true --- -Name | Type | Description | Default | Required ---------------------|----------|--------------------------------------------------------------|---------|--------- -`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no -`bearer_token` | `secret` | Bearer token to authenticate with. | | no -`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no -`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no -`proxy_url` | `string` | HTTP proxy to send requests through. | | no +Name | Type | Description | Default | Required +-------------------------|---------------------|---------------------------------------------------------------|---------|--------- +`bearer_token_file` | `string` | File containing a bearer token to authenticate with. | | no +`bearer_token` | `secret` | Bearer token to authenticate with. | | no +`enable_http2` | `bool` | Whether HTTP2 is supported for requests. | `true` | no +`follow_redirects` | `bool` | Whether redirects returned by the server should be followed. | `true` | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no `bearer_token`, `bearer_token_file`, `basic_auth`, `authorization`, and `oauth2` are mutually exclusive, and only one can be provided inside of a `http_client_config` block. + +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} \ No newline at end of file diff --git a/docs/sources/shared/flow/reference/components/http-client-proxy-config-description.md b/docs/sources/shared/flow/reference/components/http-client-proxy-config-description.md new file mode 100644 index 000000000000..700b0dd2cc63 --- /dev/null +++ b/docs/sources/shared/flow/reference/components/http-client-proxy-config-description.md @@ -0,0 +1,23 @@ +--- +aliases: +- /docs/agent/shared/flow/reference/components/http-client-proxy-config-description-args/ +- /docs/grafana-cloud/agent/shared/flow/reference/components/http-client-proxy-config-description-args/ +- /docs/grafana-cloud/monitor-infrastructure/agent/shared/flow/reference/components/http-client-proxy-config-description-args/ +- /docs/grafana-cloud/monitor-infrastructure/integrations/agent/shared/flow/reference/components/http-client-proxy-config-description-args/ +- /docs/grafana-cloud/send-data/agent/shared/flow/reference/components/http-client-proxy-config-description-args/ +canonical: https://grafana.com/docs/agent/latest/shared/flow/reference/components/http-client-proxy-config-description-args/ +description: Shared content, http client config description +headless: true +--- + +`no_proxy` can contain IPs, CIDR notations, and domain names. IP and domain +names can contain port numbers. `proxy_url` must be configured if `no_proxy` +is configured. + +`proxy_from_environment` uses the environment variables HTTP_PROXY, HTTPS_PROXY +and NO_PROXY (or the lowercase versions thereof). Requests use the proxy from +the environment variable matching their scheme, unless excluded by NO_PROXY. +`proxy_url` and `no_proxy` must not be configured if `proxy_from_environment` +is configured. + +`proxy_connect_header` should only be configured if `proxy_url` or `proxy_from_environment` are configured. \ No newline at end of file diff --git a/docs/sources/shared/flow/reference/components/oauth2-block.md b/docs/sources/shared/flow/reference/components/oauth2-block.md index 93c2b87ba4df..bba91c84a7ab 100644 --- a/docs/sources/shared/flow/reference/components/oauth2-block.md +++ b/docs/sources/shared/flow/reference/components/oauth2-block.md @@ -10,16 +10,21 @@ description: Shared content, oauth2 block headless: true --- -Name | Type | Description | Default | Required ----------------------|----------------|-------------------------------------------------|---------|--------- -`client_id` | `string` | OAuth2 client ID. | | no -`client_secret_file` | `string` | File containing the OAuth2 client secret. | | no -`client_secret` | `secret` | OAuth2 client secret. | | no -`endpoint_params` | `map(string)` | Optional parameters to append to the token URL. | | no -`proxy_url` | `string` | Optional proxy URL for OAuth2 requests. | | no -`scopes` | `list(string)` | List of scopes to authenticate with. | | no -`token_url` | `string` | URL to fetch the token from. | | no +Name | Type | Description | Default | Required +-------------------------|---------------------|---------------------------------------------------------------|---------|--------- +`client_id` | `string` | OAuth2 client ID. | | no +`client_secret_file` | `string` | File containing the OAuth2 client secret. | | no +`client_secret` | `secret` | OAuth2 client secret. | | no +`endpoint_params` | `map(string)` | Optional parameters to append to the token URL. | | no +`proxy_url` | `string` | HTTP proxy to send requests through. | | no +`no_proxy` | `string` | Comma-separated list of IP addresses, CIDR notations, and domain names to exclude from proxying. | | no +`proxy_from_environment` | `bool` | Use the proxy URL indicated by environment variables. | `false` | no +`proxy_connect_header` | `map(list(secret))` | Specifies headers to send to proxies during CONNECT requests. | | no +`scopes` | `list(string)` | List of scopes to authenticate with. | | no +`token_url` | `string` | URL to fetch the token from. | | no `client_secret` and `client_secret_file` are mutually exclusive, and only one can be provided inside an `oauth2` block. The `oauth2` block may also contain a separate `tls_config` sub-block. + +{{< docs/shared lookup="flow/reference/components/http-client-proxy-config-description.md" source="agent" version="" >}} \ No newline at end of file From e7b9ca551e1b7ee499ccd044eb8b2c716a759481 Mon Sep 17 00:00:00 2001 From: Paschalis Tsilias Date: Fri, 9 Feb 2024 19:01:40 +0200 Subject: [PATCH 03/14] Add beta label to remotecfg (#6349) Signed-off-by: Paschalis Tsilias --- docs/sources/flow/reference/config-blocks/remotecfg.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/sources/flow/reference/config-blocks/remotecfg.md b/docs/sources/flow/reference/config-blocks/remotecfg.md index 209cb4648602..17c82df92db1 100644 --- a/docs/sources/flow/reference/config-blocks/remotecfg.md +++ b/docs/sources/flow/reference/config-blocks/remotecfg.md @@ -10,7 +10,7 @@ menuTitle: remotecfg title: remotecfg block --- -# remotecfg block +# remotecfg block (beta) `remotecfg` is an optional configuration block that enables {{< param "PRODUCT_NAME" >}} to fetch and load the configuration from a remote endpoint. @@ -20,7 +20,12 @@ configuration file. The [API definition][] for managing and fetching configuration that the `remotecfg` block uses is available under the Apache 2.0 license. +> **BETA**: The `remotecfg` enables beta functionality. +> Beta features are subject to breaking changes, and may be replaced with +> equivalent functionality that cover the same use case. + [API definition]: https://github.com/grafana/agent-remote-config +[beta]: {{< relref "../../../stability.md#beta" >}} ## Example From d97bc67b8b339b2d7b97a665c62fe1a6595a2fbf Mon Sep 17 00:00:00 2001 From: Paulin Todev Date: Mon, 12 Feb 2024 09:48:22 +0000 Subject: [PATCH 04/14] Docs for k8s event logs: clarify equivalent of Static mode's cache_path in Flow mode. (#6328) * Clarify equivalent of cache_path in Flow mode. * Apply suggestions from code review Co-authored-by: Clayton Cornell <131809008+clayton-cornell@users.noreply.github.com> * Update docs for `loki.source.file` and `loki.source.docker` similarly to `loki.source.kubernetes_events` --------- Co-authored-by: Clayton Cornell <131809008+clayton-cornell@users.noreply.github.com> --- .../staticconvert/internal/build/eventhandler.go | 8 +++++++- .../staticconvert/testdata-v2/unsupported.diags | 2 +- .../reference/components/loki.source.docker.md | 6 +++--- .../flow/reference/components/loki.source.file.md | 10 +++++++--- .../components/loki.source.kubernetes_events.md | 15 +++++++++++++++ 5 files changed, 33 insertions(+), 8 deletions(-) diff --git a/converter/internal/staticconvert/internal/build/eventhandler.go b/converter/internal/staticconvert/internal/build/eventhandler.go index bf816d6d451a..9d61e33d6bf2 100644 --- a/converter/internal/staticconvert/internal/build/eventhandler.go +++ b/converter/internal/staticconvert/internal/build/eventhandler.go @@ -20,10 +20,16 @@ func (b *IntegrationsConfigBuilder) appendEventHandlerV2(config *eventhandler_v2 } b.diags.AddAll(common.ValidateSupported(common.NotDeepEquals, config.SendTimeout, eventhandler_v2.DefaultConfig.SendTimeout, "eventhandler send_timeout", "this field is not configurable in flow mode")) - b.diags.AddAll(common.ValidateSupported(common.NotDeepEquals, config.CachePath, eventhandler_v2.DefaultConfig.CachePath, "eventhandler cache_path", "this field is not configurable in flow mode")) b.diags.AddAll(common.ValidateSupported(common.NotDeepEquals, config.InformerResync, eventhandler_v2.DefaultConfig.InformerResync, "eventhandler informer_resync", "this field is not configurable in flow mode")) b.diags.AddAll(common.ValidateSupported(common.NotDeepEquals, config.FlushInterval, eventhandler_v2.DefaultConfig.FlushInterval, "eventhandler flush_interval", "this field is not configurable in flow mode")) + if config.CachePath != eventhandler_v2.DefaultConfig.CachePath { + b.diags.Add( + diag.SeverityLevelWarn, + "The eventhandler cache_path is unnecessary in flow mode because the storage path is governed by the --storage.path cmd argument and is always local to the component.", + ) + } + receiver := getLogsReceiver(config) if len(config.ExtraLabels) > 0 { receiver = b.injectExtraLabels(config, receiver, compLabel) diff --git a/converter/internal/staticconvert/testdata-v2/unsupported.diags b/converter/internal/staticconvert/testdata-v2/unsupported.diags index cf356c13c1da..48eae120a227 100644 --- a/converter/internal/staticconvert/testdata-v2/unsupported.diags +++ b/converter/internal/staticconvert/testdata-v2/unsupported.diags @@ -1,6 +1,6 @@ (Error) The converter does not support converting the provided eventhandler send_timeout config: this field is not configurable in flow mode -(Error) The converter does not support converting the provided eventhandler cache_path config: this field is not configurable in flow mode (Error) The converter does not support converting the provided eventhandler informer_resync config: this field is not configurable in flow mode (Error) The converter does not support converting the provided eventhandler flush_interval config: this field is not configurable in flow mode +(Warning) The eventhandler cache_path is unnecessary in flow mode because the storage path is governed by the --storage.path cmd argument and is always local to the component. (Warning) Please review your agent command line flags and ensure they are set in your Flow mode config file where necessary. (Error) The converter does not support converting the provided app_agent_receiver traces_instance config. \ No newline at end of file diff --git a/docs/sources/flow/reference/components/loki.source.docker.md b/docs/sources/flow/reference/components/loki.source.docker.md index 79a1204199e1..a43a342b36b7 100644 --- a/docs/sources/flow/reference/components/loki.source.docker.md +++ b/docs/sources/flow/reference/components/loki.source.docker.md @@ -126,9 +126,9 @@ configuration. * `loki_source_docker_target_parsing_errors_total` (gauge): Total number of parsing errors while receiving Docker messages. ## Component behavior -The component uses its data path (a directory named after the domain's -fully qualified name) to store its _positions file_. The positions file -stores the read offsets so that if there is a component or Agent restart, +The component uses its data path, a directory named after the domain's +fully qualified name, to store its _positions file_. The positions file is used +to store read offsets, so that if a component or {{< param "PRODUCT_ROOT_NAME" >}} restarts, `loki.source.docker` can pick up tailing from the same spot. If the target's argument contains multiple entries with the same container diff --git a/docs/sources/flow/reference/components/loki.source.file.md b/docs/sources/flow/reference/components/loki.source.file.md index a581ac0da043..2c7cf2de20a8 100644 --- a/docs/sources/flow/reference/components/loki.source.file.md +++ b/docs/sources/flow/reference/components/loki.source.file.md @@ -143,15 +143,19 @@ the component reads. All other labels starting with a double underscore are considered _internal_ and are removed from the log entries before they're passed to other `loki.*` components. -The component uses its data path (a directory named after the domain's -fully qualified name) to store its _positions file_. The positions file is used -to store read offsets, so that in case of a component or Agent restart, +The component uses its data path, a directory named after the domain's +fully qualified name, to store its _positions file_. The positions file is used +to store read offsets, so that if a component or {{< param "PRODUCT_ROOT_NAME" >}} restarts, `loki.source.file` can pick up tailing from the same spot. +The data path is inside the directory configured by the `--storage.path` [command line argument][cmd-args]. + If a file is removed from the `targets` list, its positions file entry is also removed. When it's added back on, `loki.source.file` starts reading it from the beginning. +[cmd-args]: {{< relref "../cli/run.md" >}} + ## Examples ### Static targets diff --git a/docs/sources/flow/reference/components/loki.source.kubernetes_events.md b/docs/sources/flow/reference/components/loki.source.kubernetes_events.md index 2bf1be9afe6a..57b10de18090 100644 --- a/docs/sources/flow/reference/components/loki.source.kubernetes_events.md +++ b/docs/sources/flow/reference/components/loki.source.kubernetes_events.md @@ -157,6 +157,21 @@ events in each watched namespace. `loki.source.kubernetes_events` does not expose any component-specific debug metrics. +## Component behavior + +The component uses its data path, a directory named after the domain's +fully qualified name, to store its _positions file_. The positions file is used +to store read offsets, so that if a component or {{< param "PRODUCT_ROOT_NAME" >}} restarts, +`loki.source.kubernetes_events` can pick up tailing from the same spot. + +The data path is inside the directory configured by the `--storage.path` [command line argument][cmd-args]. + +In the Static mode's [eventhandler integration][eventhandler-integration], a `cache_path` argument is used to configure a positions file. +In Flow mode, this argument is no longer necessary. + +[cmd-args]: {{< relref "../cli/run.md" >}} +[eventhandler-integration]: {{< relref "../../../static/configuration/integrations/integrations-next/eventhandler-config.md" >}} + ## Example This example collects watches events in the `kube-system` namespace and From 2d21471e4d30d46feaaa9fe336905dc9ed0518f0 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 12 Feb 2024 11:42:36 +0000 Subject: [PATCH 05/14] Update `make docs` procedure (#6339) Co-authored-by: grafanabot --- docs/make-docs | 39 +++++++++++++++++++-------------------- 1 file changed, 19 insertions(+), 20 deletions(-) diff --git a/docs/make-docs b/docs/make-docs index d5d861ca83b4..4b3b5eadcf96 100755 --- a/docs/make-docs +++ b/docs/make-docs @@ -6,6 +6,16 @@ # [Semantic versioning](https://semver.org/) is used to help the reader identify the significance of changes. # Changes are relevant to this script and the support docs.mk GNU Make interface. # +# +# ## 5.3.0 (2024-02-08) +# +# ### Changed +# +# - Updated support for plugins monorepo now that multiple projects have been moved into it. +# - Use `printf` instead of `echo` for better portability of output. +# +# https://www.in-ulm.de/~mascheck/various/echo+printf/ +# # ## 5.2.0 (2024-01-18) # # ### Changed @@ -270,10 +280,7 @@ SOURCES_helm_charts_mimir_distributed='mimir' SOURCES_helm_charts_tempo_distributed='tempo' SOURCES_opentelemetry='opentelemetry-docs' SOURCES_plugins_grafana_datadog_datasource='datadog-datasource' -SOURCES_plugins_grafana_jira_datasource='jira-datasource' -SOURCES_plugins_grafana_mongodb_datasource='mongodb-datasource' SOURCES_plugins_grafana_oracle_datasource='oracle-datasource' -SOURCES_plugins_grafana_splunk_datasource='splunk-datasource' VERSIONS_as_code='UNVERSIONED' VERSIONS_grafana_cloud='UNVERSIONED' @@ -284,10 +291,7 @@ VERSIONS_grafana_cloud_data_configuration_integrations='UNVERSIONED' VERSIONS_grafana_cloud_frontend_observability_faro_web_sdk='UNVERSIONED' VERSIONS_opentelemetry='UNVERSIONED' VERSIONS_plugins_grafana_datadog_datasource='latest' -VERSIONS_plugins_grafana_jira_datasource='latest' -VERSIONS_plugins_grafana_mongodb_datasource='latest' VERSIONS_plugins_grafana_oracle_datasource='latest' -VERSIONS_plugins_grafana_splunk_datasource='latest' VERSIONS_technical_documentation='UNVERSIONED' VERSIONS_website='UNVERSIONED' VERSIONS_writers_toolkit='UNVERSIONED' @@ -297,10 +301,7 @@ PATHS_helm_charts_mimir_distributed='docs/sources/helm-charts/mimir-distributed' PATHS_helm_charts_tempo_distributed='docs/sources/helm-charts/tempo-distributed' PATHS_mimir='docs/sources/mimir' PATHS_plugins_grafana_datadog_datasource='docs/sources' -PATHS_plugins_grafana_jira_datasource='docs/sources' -PATHS_plugins_grafana_mongodb_datasource='docs/sources' PATHS_plugins_grafana_oracle_datasource='docs/sources' -PATHS_plugins_grafana_splunk_datasource='docs/sources' PATHS_tempo='docs/sources/tempo' PATHS_website='content' @@ -590,8 +591,7 @@ await_build() { i=$((i + 1)) if ${req} "${url}"; then - echo - echo "View documentation locally:" + printf '\r\nView documentation locally:\r\n' for x in ${url_src_dst_vers}; do IFS='^' read -r url _ _ <&2 + printf 'DEBG: %s\r\n' "$1" >&2 fi } errr() { - echo "ERRR: $1" >&2 + printf 'ERRR: %s\r\n' "$1" >&2 } note() { - echo "NOTE: $1" >&2 + printf 'NOTE: %s\r\n' "$1" >&2 } url_src_dst_vers="$(url_src_dst_vers "$@")" @@ -690,7 +689,7 @@ POSIX_HERESTRING case "${image}" in 'grafana/doc-validator') proj="$(new_proj "$1")" - echo + printf '\r\n' "${PODMAN}" run \ --init \ --interactive \ @@ -706,7 +705,7 @@ case "${image}" in ;; 'grafana/vale') proj="$(new_proj "$1")" - echo + printf '\r\n' "${PODMAN}" run \ --init \ --interactive \ From d37425437f7e2d228a04b05073b6ce0f7f1de67c Mon Sep 17 00:00:00 2001 From: William Dumont Date: Mon, 12 Feb 2024 13:37:25 +0100 Subject: [PATCH 06/14] attempt to fix datarace by checking on target readiness (#6353) --- .../loki/source/docker/internal/dockertarget/target_test.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/component/loki/source/docker/internal/dockertarget/target_test.go b/component/loki/source/docker/internal/dockertarget/target_test.go index 979f15ffb751..6f3b52a4421f 100644 --- a/component/loki/source/docker/internal/dockertarget/target_test.go +++ b/component/loki/source/docker/internal/dockertarget/target_test.go @@ -94,7 +94,10 @@ func TestDockerTarget(t *testing.T) { assertExpectedLog(c, entryHandler, expectedLines) }, 5*time.Second, 100*time.Millisecond, "Expected log lines were not found within the time limit.") - tgt.Stop() + assert.EventuallyWithT(t, func(c *assert.CollectT) { + assert.False(t, tgt.Ready()) + }, 5*time.Second, 20*time.Millisecond, "Expected target to finish processing within the time limit.") + entryHandler.Clear() // restart target to simulate container restart tgt.StartIfNotRunning() From abbf2dcf904761ded4260e62f6ba4a6811a3b1c6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Feb 2024 08:40:46 -0500 Subject: [PATCH 07/14] build(deps): bump github.com/opencontainers/runc from 1.1.9 to 1.1.12 (#6285) Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.1.9 to 1.1.12. - [Release notes](https://github.com/opencontainers/runc/releases) - [Changelog](https://github.com/opencontainers/runc/blob/v1.1.12/CHANGELOG.md) - [Commits](https://github.com/opencontainers/runc/compare/v1.1.9...v1.1.12) --- updated-dependencies: - dependency-name: github.com/opencontainers/runc dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 7 ++++--- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index c0c9bbbbc498..eee36bc67aa4 100644 --- a/go.mod +++ b/go.mod @@ -483,7 +483,7 @@ require ( github.com/montanaflynn/stats v0.7.0 // indirect github.com/morikuni/aec v1.0.0 // indirect github.com/mostynb/go-grpc-compression v1.2.1 // indirect - github.com/mrunalp/fileutils v0.5.0 // indirect + github.com/mrunalp/fileutils v0.5.1 // indirect github.com/mtibben/percent v0.2.1 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/ncabatoff/go-seq v0.0.0-20180805175032-b08ef85ed833 // indirect @@ -500,7 +500,7 @@ require ( github.com/open-telemetry/opentelemetry-collector-contrib/pkg/translator/zipkin v0.87.0 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.0-rc4 // indirect - github.com/opencontainers/runc v1.1.9 // indirect + github.com/opencontainers/runc v1.1.12 // indirect github.com/opencontainers/runtime-spec v1.1.0-rc.1 // indirect github.com/opencontainers/selinux v1.11.0 // indirect github.com/openzipkin/zipkin-go v0.4.2 // indirect diff --git a/go.sum b/go.sum index 051dd158c864..73da63596501 100644 --- a/go.sum +++ b/go.sum @@ -1648,8 +1648,9 @@ github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/mostynb/go-grpc-compression v1.2.1 h1:16tdYxBZSD8p9AUmvw4F7Nyc2T4/eE7XsIXrgxSEcJI= github.com/mostynb/go-grpc-compression v1.2.1/go.mod h1:oidYvYyefMmhcuvU8fLJ8FfZyTyVzJ6SkmD5fIKgRe8= -github.com/mrunalp/fileutils v0.5.0 h1:NKzVxiH7eSk+OQ4M+ZYW1K6h27RUV3MI6NUTsHhU6Z4= github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= +github.com/mrunalp/fileutils v0.5.1 h1:F+S7ZlNKnrwHfSwdlgNSkKo67ReVf8o9fel6C3dkm/Q= +github.com/mrunalp/fileutils v0.5.1/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= github.com/mtibben/percent v0.2.1 h1:5gssi8Nqo8QU/r2pynCm+hBQHpkB/uNK7BJCFogWdzs= github.com/mtibben/percent v0.2.1/go.mod h1:KG9uO+SZkUp+VkRHsCdYQV3XSZrrSpR3O9ibNBTZrns= github.com/multiplay/go-ts3 v1.0.0/go.mod h1:14S6cS3fLNT3xOytrA/DkRyAFNuQLMLEqOYAsf87IbQ= @@ -1829,8 +1830,8 @@ github.com/opencontainers/image-spec v1.1.0-rc4 h1:oOxKUJWnFC4YGHCCMNql1x4YaDfYB github.com/opencontainers/image-spec v1.1.0-rc4/go.mod h1:X4pATf0uXsnn3g5aiGIsVnJBR4mxhKzfwmvK/B2NTm8= github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0= -github.com/opencontainers/runc v1.1.9 h1:XR0VIHTGce5eWPkaPesqTBrhW2yAcaraWfsEalNwQLM= -github.com/opencontainers/runc v1.1.9/go.mod h1:CbUumNnWCuTGFukNXahoo/RFBZvDAgRh/smNYNOhA50= +github.com/opencontainers/runc v1.1.12 h1:BOIssBaW1La0/qbNZHXOOa71dZfZEQOzW7dqQf3phss= +github.com/opencontainers/runc v1.1.12/go.mod h1:S+lQwSfncpBha7XTy/5lBwWgm5+y5Ma/O44Ekby9FK8= github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.1.0-rc.1 h1:wHa9jroFfKGQqFHj0I1fMRKLl0pfj+ynAqBxo3v6u9w= github.com/opencontainers/runtime-spec v1.1.0-rc.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= From 1f3943dddbf9f1b8a4146bcd95f88be8aadbfa38 Mon Sep 17 00:00:00 2001 From: Paschalis Tsilias Date: Tue, 13 Feb 2024 13:31:26 +0200 Subject: [PATCH 08/14] Allow service.Host to return services (#6348) Signed-off-by: Paschalis Tsilias --- cmd/internal/flowmode/cmd_run.go | 2 -- pkg/flow/flow_services.go | 11 +++++++++++ service/http/http_test.go | 2 ++ service/remotecfg/remotecfg_test.go | 3 ++- service/service.go | 3 +++ service/ui/ui.go | 6 +----- web/api/api.go | 15 ++++++++++----- 7 files changed, 29 insertions(+), 13 deletions(-) diff --git a/cmd/internal/flowmode/cmd_run.go b/cmd/internal/flowmode/cmd_run.go index 2c143e3989b2..fb3c5a235f52 100644 --- a/cmd/internal/flowmode/cmd_run.go +++ b/cmd/internal/flowmode/cmd_run.go @@ -29,7 +29,6 @@ import ( "github.com/grafana/agent/pkg/flow/tracing" "github.com/grafana/agent/pkg/usagestats" "github.com/grafana/agent/service" - "github.com/grafana/agent/service/cluster" httpservice "github.com/grafana/agent/service/http" "github.com/grafana/agent/service/labelstore" otel_service "github.com/grafana/agent/service/otel" @@ -254,7 +253,6 @@ func (fr *flowRun) Run(configPath string) error { uiService := uiservice.New(uiservice.Options{ UIPrefix: fr.uiPrefix, - Cluster: clusterService.Data().(cluster.Cluster), }) otelService := otel_service.New(l) diff --git a/pkg/flow/flow_services.go b/pkg/flow/flow_services.go index a1002d29a21a..f4ff5b933a7b 100644 --- a/pkg/flow/flow_services.go +++ b/pkg/flow/flow_services.go @@ -26,6 +26,17 @@ func (f *Flow) GetServiceConsumers(serviceName string) []service.Consumer { return consumers } +// GetService implements [service.Host]. It looks up a [service.Service] by +// name. +func (f *Flow) GetService(name string) (service.Service, bool) { + for _, svc := range f.opts.Services { + if svc.Definition().Name == name { + return svc, true + } + } + return nil, false +} + func serviceConsumersForGraph(graph *dag.Graph, serviceName string, includePeerServices bool) []service.Consumer { serviceNode, _ := graph.GetByID(serviceName).(*controller.ServiceNode) if serviceNode == nil { diff --git a/service/http/http_test.go b/service/http/http_test.go index 649af93c05b6..68e34780cdfa 100644 --- a/service/http/http_test.go +++ b/service/http/http_test.go @@ -217,3 +217,5 @@ func (fakeHost) ListComponents(moduleID string, opts component.InfoOptions) ([]* func (fakeHost) GetServiceConsumers(serviceName string) []service.Consumer { return nil } func (fakeHost) NewController(id string) service.Controller { return nil } + +func (fakeHost) GetService(_ string) (service.Service, bool) { return nil, false } diff --git a/service/remotecfg/remotecfg_test.go b/service/remotecfg/remotecfg_test.go index 90313ee6866e..52341517e9cd 100644 --- a/service/remotecfg/remotecfg_test.go +++ b/service/remotecfg/remotecfg_test.go @@ -156,7 +156,8 @@ func (fakeHost) ListComponents(moduleID string, opts component.InfoOptions) ([]* return nil, fmt.Errorf("no such module %q", moduleID) } -func (fakeHost) GetServiceConsumers(serviceName string) []service.Consumer { return nil } +func (fakeHost) GetServiceConsumers(_ string) []service.Consumer { return nil } +func (fakeHost) GetService(_ string) (service.Service, bool) { return nil, false } func (f fakeHost) NewController(id string) service.Controller { logger, _ := logging.New(io.Discard, logging.DefaultOptions) diff --git a/service/service.go b/service/service.go index abbb6e21ac40..a6e73cdee929 100644 --- a/service/service.go +++ b/service/service.go @@ -51,6 +51,9 @@ type Host interface { // exist. ListComponents(moduleID string, opts component.InfoOptions) ([]*component.Info, error) + // GetService gets a running service using its name. + GetService(name string) (Service, bool) + // GetServiceConsumers gets the list of services which depend on a service by // name. GetServiceConsumers(serviceName string) []Consumer diff --git a/service/ui/ui.go b/service/ui/ui.go index d5f7e2cc11f5..d8927c60127a 100644 --- a/service/ui/ui.go +++ b/service/ui/ui.go @@ -9,7 +9,6 @@ import ( "github.com/gorilla/mux" "github.com/grafana/agent/service" - "github.com/grafana/agent/service/cluster" http_service "github.com/grafana/agent/service/http" "github.com/grafana/agent/web/api" "github.com/grafana/agent/web/ui" @@ -21,7 +20,6 @@ const ServiceName = "ui" // Options are used to configure the UI service. Options are constant for the // lifetime of the UI service. type Options struct { - Cluster cluster.Cluster UIPrefix string // Path prefix to host the UI at. } @@ -75,9 +73,7 @@ func (s *Service) Data() any { func (s *Service) ServiceHandler(host service.Host) (base string, handler http.Handler) { r := mux.NewRouter() - // TODO(rfratto): allow service.Host to return services so we don't have to - // pass the clustering service in Options. - fa := api.NewFlowAPI(host, s.opts.Cluster) + fa := api.NewFlowAPI(host) fa.RegisterRoutes(path.Join(s.opts.UIPrefix, "/api/v0/web"), r) ui.RegisterRoutes(s.opts.UIPrefix, r) diff --git a/web/api/api.go b/web/api/api.go index 56bce043c3ac..f382897f8bcc 100644 --- a/web/api/api.go +++ b/web/api/api.go @@ -11,19 +11,19 @@ import ( "github.com/gorilla/mux" "github.com/grafana/agent/component" + "github.com/grafana/agent/service" "github.com/grafana/agent/service/cluster" "github.com/prometheus/prometheus/util/httputil" ) // FlowAPI is a wrapper around the component API. type FlowAPI struct { - flow component.Provider - cluster cluster.Cluster + flow service.Host } // NewFlowAPI instantiates a new Flow API. -func NewFlowAPI(flow component.Provider, cluster cluster.Cluster) *FlowAPI { - return &FlowAPI{flow: flow, cluster: cluster} +func NewFlowAPI(flow service.Host) *FlowAPI { + return &FlowAPI{flow: flow} } // RegisterRoutes registers all the API's routes. @@ -93,7 +93,12 @@ func (f *FlowAPI) getClusteringPeersHandler() http.HandlerFunc { return func(w http.ResponseWriter, _ *http.Request) { // TODO(@tpaschalis) Detect if clustering is disabled and propagate to // the Typescript code (eg. via the returned status code?). - peers := f.cluster.Peers() + svc, found := f.flow.GetService(cluster.ServiceName) + if !found { + http.Error(w, "cluster service not running", http.StatusInternalServerError) + return + } + peers := svc.Data().(cluster.Cluster).Peers() bb, err := json.Marshal(peers) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) From 6e1feb95ef33baa34eb838c253984e005f8a457a Mon Sep 17 00:00:00 2001 From: Craig Peterson <192540+captncraig@users.noreply.github.com> Date: Tue, 13 Feb 2024 17:25:56 -0500 Subject: [PATCH 09/14] loki.write: pass Config around by reference, not value (#6337) * fix for setting headers on slice of struct values * cautionary comments * changelog --- CHANGELOG.md | 2 ++ component/loki/write/write.go | 10 ++++++---- pkg/logs/logs.go | 9 +++++---- 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d4bd1a066fd2..c2aecab50d25 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -81,6 +81,8 @@ Main (unreleased) - Fix divide-by-zero issue when sharding targets. (@hainenber) +- Fix bug where custom headers were not actually being set in loki client. (@captncraig) + ### Other changes - Removed support for Windows 2012 in line with Microsoft end of life. (@mattdurham) diff --git a/component/loki/write/write.go b/component/loki/write/write.go index 65fd04c6f692..5ef5cf864888 100644 --- a/component/loki/write/write.go +++ b/component/loki/write/write.go @@ -160,12 +160,14 @@ func (c *Component) Update(args component.Arguments) error { } cfgs := newArgs.convertClientConfigs() + uid := agentseed.Get().UID - for _, cfg := range cfgs { - if cfg.Headers == nil { - cfg.Headers = map[string]string{} + for i := range cfgs { + //cfgs is slice of struct values, so we set by index + if cfgs[i].Headers == nil { + cfgs[i].Headers = map[string]string{} } - cfg.Headers[agentseed.HeaderName] = uid + cfgs[i].Headers[agentseed.HeaderName] = uid } walCfg := wal.Config{ Enabled: newArgs.WAL.Enabled, diff --git a/pkg/logs/logs.go b/pkg/logs/logs.go index 118c1a75bf58..8e09e002ac91 100644 --- a/pkg/logs/logs.go +++ b/pkg/logs/logs.go @@ -185,11 +185,12 @@ func (i *Instance) ApplyConfig(c *InstanceConfig, g GlobalConfig, dryRun bool) e } uid := agentseed.Get().UID - for _, cfg := range c.ClientConfigs { - if cfg.Headers == nil { - cfg.Headers = map[string]string{} + for i := range c.ClientConfigs { + // ClientConfigs is a slice of struct, so we set values with the index + if c.ClientConfigs[i].Headers == nil { + c.ClientConfigs[i].Headers = map[string]string{} } - cfg.Headers[agentseed.HeaderName] = uid + c.ClientConfigs[i].Headers[agentseed.HeaderName] = uid } clientMetrics := client.NewMetrics(i.reg) From 5a9cff6a1475a08cf353f0e36ac2d3d192a12ee1 Mon Sep 17 00:00:00 2001 From: William Dumont Date: Wed, 14 Feb 2024 09:08:49 +0100 Subject: [PATCH 10/14] Fix flaky test metrics pkg (#6364) * fix flaky test metrics pkg * add fix to other tests in the file * refactor to use sync.WaitGroup --- .../instance/instance_integration_test.go | 28 +++++++++++++++++-- 1 file changed, 25 insertions(+), 3 deletions(-) diff --git a/pkg/metrics/instance/instance_integration_test.go b/pkg/metrics/instance/instance_integration_test.go index 85c804a5711e..3ffa70892690 100644 --- a/pkg/metrics/instance/instance_integration_test.go +++ b/pkg/metrics/instance/instance_integration_test.go @@ -7,6 +7,7 @@ import ( "net/http" "os" "strings" + "sync" "testing" "time" @@ -73,8 +74,15 @@ remote_write: [] require.NoError(t, err) instCtx, cancel := context.WithCancel(context.Background()) - defer cancel() + var wg sync.WaitGroup + defer func() { + cancel() + wg.Wait() + }() + + wg.Add(1) go func() { + defer wg.Done() err := inst.Run(instCtx) require.NoError(t, err) }() @@ -142,8 +150,15 @@ remote_write: [] require.NoError(t, err) instCtx, cancel := context.WithCancel(context.Background()) - defer cancel() + var wg sync.WaitGroup + defer func() { + cancel() + wg.Wait() + }() + + wg.Add(1) go func() { + defer wg.Done() err := inst.Run(instCtx) require.NoError(t, err) }() @@ -193,8 +208,15 @@ remote_write: [] require.NoError(t, err) instCtx, cancel := context.WithCancel(context.Background()) - defer cancel() + var wg sync.WaitGroup + defer func() { + cancel() + wg.Wait() + }() + + wg.Add(1) go func() { + defer wg.Done() err := inst.Run(instCtx) require.NoError(t, err) }() From 6eb188959fe1dafda56ed34a8fb7c7fb9832ec99 Mon Sep 17 00:00:00 2001 From: Christian Simon Date: Wed, 14 Feb 2024 10:07:08 +0000 Subject: [PATCH 11/14] pyroscope.scrape: Adjust handling of scrape_timeout (#6252) * pyroscope.scrape: Adjust handling of scrape_timeout This automatically adapts the timeout when a ProfilingTarget is fetched with Delta=true. In those cases the HTTP calll is block for ScrapeInterval - 1s while the target profiles itself. This also updates the ScrapeTimeout to 10s (default in prometheus). * Adapt tests to the dynamic timeout * Fix linting problem --- component/pyroscope/scrape/scrape.go | 16 ++++++------- component/pyroscope/scrape/scrape_loop.go | 7 ++++++ .../pyroscope/scrape/scrape_loop_test.go | 7 +++++- component/pyroscope/scrape/scrape_test.go | 24 +++++++++++++------ 4 files changed, 38 insertions(+), 16 deletions(-) diff --git a/component/pyroscope/scrape/scrape.go b/component/pyroscope/scrape/scrape.go index bf84c1567e4f..5f4b1f18e19c 100644 --- a/component/pyroscope/scrape/scrape.go +++ b/component/pyroscope/scrape/scrape.go @@ -193,7 +193,7 @@ func NewDefaultArguments() Arguments { Scheme: "http", HTTPClientConfig: component_config.DefaultHTTPClientConfig, ScrapeInterval: 15 * time.Second, - ScrapeTimeout: 15*time.Second + (3 * time.Second), + ScrapeTimeout: 10 * time.Second, ProfilingConfig: DefaultProfilingConfig, } } @@ -205,16 +205,16 @@ func (arg *Arguments) SetToDefault() { // Validate implements river.Validator. func (arg *Arguments) Validate() error { - if arg.ScrapeTimeout <= 0 { + if arg.ScrapeTimeout.Seconds() <= 0 { return fmt.Errorf("scrape_timeout must be greater than 0") } - if arg.ScrapeTimeout <= arg.ScrapeInterval { - return fmt.Errorf("scrape_timeout must be greater than scrape_interval") - } - if cfg, ok := arg.ProfilingConfig.ProcessCPU, true; ok { - if cfg.Enabled && arg.ScrapeTimeout < time.Second*2 { - return fmt.Errorf("%v scrape_timeout must be at least 2 seconds", pprofProcessCPU) + // ScrapeInterval must be at least 2 seconds, because if + // ProfilingTarget.Delta is true the ScrapeInterval - 1s is propagated in + // the `seconds` parameter and it must be >= 1. + for _, target := range arg.ProfilingConfig.AllTargets() { + if target.Enabled && target.Delta && arg.ScrapeInterval.Seconds() < 2 { + return fmt.Errorf("scrape_interval must be at least 2 seconds when using delta profiling") } } diff --git a/component/pyroscope/scrape/scrape_loop.go b/component/pyroscope/scrape/scrape_loop.go index a1f7d2a6c1b7..76eb93dd1ffb 100644 --- a/component/pyroscope/scrape/scrape_loop.go +++ b/component/pyroscope/scrape/scrape_loop.go @@ -174,6 +174,13 @@ type scrapeLoop struct { } func newScrapeLoop(t *Target, scrapeClient *http.Client, appendable pyroscope.Appendable, interval, timeout time.Duration, logger log.Logger) *scrapeLoop { + // if the URL parameter have a seconds parameter, then the collection will + // take at least scrape_duration - 1 second, as the HTTP request will block + // until the profile is collected. + if t.Params().Has("seconds") { + timeout += interval - time.Second + } + return &scrapeLoop{ Target: t, logger: logger, diff --git a/component/pyroscope/scrape/scrape_loop_test.go b/component/pyroscope/scrape/scrape_loop_test.go index 5435846e9b13..0b5b11bbfd86 100644 --- a/component/pyroscope/scrape/scrape_loop_test.go +++ b/component/pyroscope/scrape/scrape_loop_test.go @@ -147,7 +147,12 @@ func TestScrapePool(t *testing.T) { args.ScrapeInterval = 2 * time.Second p.reload(args) for _, ta := range p.activeTargets { - require.Equal(t, 1*time.Second, ta.timeout) + if paramsSeconds := ta.params.Get("seconds"); paramsSeconds != "" { + // if the param is set timeout includes interval - 1s + require.Equal(t, 2*time.Second, ta.timeout) + } else { + require.Equal(t, 1*time.Second, ta.timeout) + } require.Equal(t, 2*time.Second, ta.interval) } } diff --git a/component/pyroscope/scrape/scrape_test.go b/component/pyroscope/scrape/scrape_test.go index 1ba6a1515e44..e6e07a0aeb81 100644 --- a/component/pyroscope/scrape/scrape_test.go +++ b/component/pyroscope/scrape/scrape_test.go @@ -142,30 +142,40 @@ func TestUnmarshalConfig(t *testing.T) { return r }, }, - "invalid cpu timeout": { + "invalid cpu scrape_interval": { in: ` targets = [] forward_to = null scrape_timeout = "1s" scrape_interval = "0.5s" `, - expectedErr: "process_cpu scrape_timeout must be at least 2 seconds", + expectedErr: "scrape_interval must be at least 2 seconds when using delta profiling", }, - "invalid timeout/interval": { + "allow short scrape_intervals without delta": { in: ` targets = [] forward_to = null - scrape_timeout = "4s" - scrape_interval = "5s" + scrape_interval = "0.5s" + profiling_config { + profile.process_cpu { + enabled = false + } + } `, - expectedErr: "scrape_timeout must be greater than scrape_interval", + expected: func() Arguments { + r := NewDefaultArguments() + r.Targets = make([]discovery.Target, 0) + r.ScrapeInterval = 500 * time.Millisecond + r.ProfilingConfig.ProcessCPU.Enabled = false + return r + }, }, "invalid HTTPClientConfig": { in: ` targets = [] forward_to = null scrape_timeout = "5s" - scrape_interval = "1s" + scrape_interval = "2s" bearer_token = "token" bearer_token_file = "/path/to/file.token" `, From 3ac98b9801989f88a8e0bac1a1ac5d42420590fe Mon Sep 17 00:00:00 2001 From: William Dumont Date: Thu, 15 Feb 2024 10:28:20 +0100 Subject: [PATCH 12/14] Fix two data races in declare tests (#6370) * fix two data races * setter should not be exported --- pkg/flow/internal/controller/component_node_manager.go | 7 +++++++ .../internal/controller/custom_component_registry.go | 10 ++++++++-- pkg/flow/internal/controller/loader.go | 2 +- 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/pkg/flow/internal/controller/component_node_manager.go b/pkg/flow/internal/controller/component_node_manager.go index 152823da4ca5..b4f70bfd87da 100644 --- a/pkg/flow/internal/controller/component_node_manager.go +++ b/pkg/flow/internal/controller/component_node_manager.go @@ -74,3 +74,10 @@ func findLocalDeclare(reg *CustomComponentRegistry, componentName string) (ast.B } return nil, nil } + +func (m *ComponentNodeManager) setCustomComponentRegistry(reg *CustomComponentRegistry) { + m.mut.Lock() + defer m.mut.Unlock() + + m.customComponentReg = reg +} diff --git a/pkg/flow/internal/controller/custom_component_registry.go b/pkg/flow/internal/controller/custom_component_registry.go index dccdb776cf94..1a63e53767f7 100644 --- a/pkg/flow/internal/controller/custom_component_registry.go +++ b/pkg/flow/internal/controller/custom_component_registry.go @@ -1,13 +1,17 @@ package controller import ( + "sync" + "github.com/grafana/river/ast" ) // CustomComponentRegistry holds custom component definitions that are available in the context. type CustomComponentRegistry struct { - parent *CustomComponentRegistry // nil if root config - declares map[string]ast.Body // customComponentName: template + parent *CustomComponentRegistry // nil if root config + + mut sync.RWMutex + declares map[string]ast.Body // customComponentName: template } // NewCustomComponentRegistry creates a new CustomComponentRegistry with a parent. @@ -21,5 +25,7 @@ func NewCustomComponentRegistry(parent *CustomComponentRegistry) *CustomComponen // registerDeclare stores a local declare block. func (s *CustomComponentRegistry) registerDeclare(declare *ast.BlockStmt) { + s.mut.Lock() + defer s.mut.Unlock() s.declares[declare.Label] = declare.Body } diff --git a/pkg/flow/internal/controller/loader.go b/pkg/flow/internal/controller/loader.go index c9a62d8ad3b8..278c6434b2f1 100644 --- a/pkg/flow/internal/controller/loader.go +++ b/pkg/flow/internal/controller/loader.go @@ -150,7 +150,7 @@ func (l *Loader) Apply(options ApplyOptions) diag.Diagnostics { // Create a new CustomComponentRegistry based on the provided one. // The provided one should be nil for the root config. - l.componentNodeManager.customComponentReg = NewCustomComponentRegistry(options.CustomComponentRegistry) + l.componentNodeManager.setCustomComponentRegistry(NewCustomComponentRegistry(options.CustomComponentRegistry)) newGraph, diags := l.loadNewGraph(options.Args, options.ComponentBlocks, options.ConfigBlocks, options.DeclareBlocks) if diags.HasErrors() { return diags From 8a6c8d7f5db8268a9867c53991c34435ab2f4447 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C4=90=E1=BB=97=20Tr=E1=BB=8Dng=20H=E1=BA=A3i?= <41283691+hainenber@users.noreply.github.com> Date: Thu, 15 Feb 2024 19:47:36 +0700 Subject: [PATCH 13/14] feat(cmd/agent): add fallback X.509 trusted roots (#6340) * feat(cmd/agent): add fallback X.509 trusted roots Signed-off-by: hainenber * chore(doc): add CHANGELOG entry Signed-off-by: hainenber * Update CHANGELOG.md --------- Signed-off-by: hainenber Co-authored-by: Paulin Todev --- CHANGELOG.md | 3 +++ cmd/grafana-agent-flow/main.go | 4 ++++ cmd/grafana-agent/main.go | 4 ++++ go.mod | 1 + go.sum | 2 ++ 5 files changed, 14 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c2aecab50d25..103fb003ebee 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -95,6 +95,9 @@ Main (unreleased) - Updated docs for MSSQL Integration to show additional authentication capabilities. (@StefanKurek) +- `grafana-agent` and `grafana-agent-flow` fallback to default X.509 trusted root certificates + when the `GODEBUG=x509usefallbackroots=1` environment variable is set. (@hainenber) + v0.39.2 (2024-1-31) -------------------- diff --git a/cmd/grafana-agent-flow/main.go b/cmd/grafana-agent-flow/main.go index e64f007a9e38..60ad1707f0dd 100644 --- a/cmd/grafana-agent-flow/main.go +++ b/cmd/grafana-agent-flow/main.go @@ -17,6 +17,10 @@ import ( // Register integrations _ "github.com/grafana/agent/pkg/integrations/install" + + // Embed a set of fallback X.509 trusted roots + // Allows the app to work correctly even when the OS does not provide a verifier or systems roots pool + _ "golang.org/x/crypto/x509roots/fallback" ) func init() { diff --git a/cmd/grafana-agent/main.go b/cmd/grafana-agent/main.go index f2aa40fc860e..976d5654812c 100644 --- a/cmd/grafana-agent/main.go +++ b/cmd/grafana-agent/main.go @@ -21,6 +21,10 @@ import ( // Register integrations _ "github.com/grafana/agent/pkg/integrations/install" + + // Embed a set of fallback X.509 trusted roots + // Allows the app to work correctly even when the OS does not provide a verifier or systems roots pool + _ "golang.org/x/crypto/x509roots/fallback" ) func init() { diff --git a/go.mod b/go.mod index eee36bc67aa4..207afe279450 100644 --- a/go.mod +++ b/go.mod @@ -616,6 +616,7 @@ require ( github.com/open-telemetry/opentelemetry-collector-contrib/receiver/prometheusreceiver v0.87.0 github.com/open-telemetry/opentelemetry-collector-contrib/receiver/vcenterreceiver v0.87.0 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v0.42.0 + golang.org/x/crypto/x509roots/fallback v0.0.0-20240208163226-62c9f1799c91 k8s.io/apimachinery v0.28.3 ) diff --git a/go.sum b/go.sum index 73da63596501..3678d04048f4 100644 --- a/go.sum +++ b/go.sum @@ -2513,6 +2513,8 @@ golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I= golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc= golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= +golang.org/x/crypto/x509roots/fallback v0.0.0-20240208163226-62c9f1799c91 h1:Lyizcy9jX02jYR0ceBkL6S+jRys8Uepf7wt1vrz6Ras= +golang.org/x/crypto/x509roots/fallback v0.0.0-20240208163226-62c9f1799c91/go.mod h1:kNa9WdvYnzFwC79zRpLRMJbdEFlhyM5RPFBBZp/wWH8= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= From 91f4ff0300ee8d237c23ae99d501c8b54d078c1d Mon Sep 17 00:00:00 2001 From: Craig Peterson <192540+captncraig@users.noreply.github.com> Date: Thu, 15 Feb 2024 15:33:05 -0500 Subject: [PATCH 14/14] Helm: allow setting scheme for readiness probes (#6374) * helm: allow setting scheme for readiness checks * changelog * caps * update version and make release * gen --- operations/helm/charts/grafana-agent/CHANGELOG.md | 9 +++++++++ operations/helm/charts/grafana-agent/Chart.yaml | 4 ++-- operations/helm/charts/grafana-agent/README.md | 3 ++- .../grafana-agent/templates/containers/_agent.yaml | 1 + operations/helm/charts/grafana-agent/values.yaml | 3 +++ .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/statefulset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/deployment.yaml | 3 ++- .../grafana-agent/templates/controllers/deployment.yaml | 3 ++- .../grafana-agent/templates/controllers/statefulset.yaml | 3 ++- .../grafana-agent/templates/controllers/statefulset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 3 ++- .../grafana-agent/templates/controllers/deployment.yaml | 3 ++- .../grafana-agent/templates/controllers/daemonset.yaml | 1 + 33 files changed, 72 insertions(+), 30 deletions(-) diff --git a/operations/helm/charts/grafana-agent/CHANGELOG.md b/operations/helm/charts/grafana-agent/CHANGELOG.md index f6b9caf9aedb..5af50bd3ac0b 100644 --- a/operations/helm/charts/grafana-agent/CHANGELOG.md +++ b/operations/helm/charts/grafana-agent/CHANGELOG.md @@ -10,6 +10,15 @@ internal API changes are not present. Unreleased ---------- +0.32.0 (2024-02-15) +------------------- + +### Enhancements + +- Allow setting scheme for readiness checks when using tls. (@captncraig) + +- Update Grafana Agent version to v0.39.2. (@captncraig) + 0.31.1 (2024-01-19) ------------------- diff --git a/operations/helm/charts/grafana-agent/Chart.yaml b/operations/helm/charts/grafana-agent/Chart.yaml index 76675dcf65a7..bc15d163221a 100644 --- a/operations/helm/charts/grafana-agent/Chart.yaml +++ b/operations/helm/charts/grafana-agent/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: grafana-agent description: 'Grafana Agent' type: application -version: 0.31.1 -appVersion: 'v0.39.1' +version: 0.32.0 +appVersion: 'v0.39.2' dependencies: - name: crds diff --git a/operations/helm/charts/grafana-agent/README.md b/operations/helm/charts/grafana-agent/README.md index 4904736239cc..343463584ba5 100644 --- a/operations/helm/charts/grafana-agent/README.md +++ b/operations/helm/charts/grafana-agent/README.md @@ -1,6 +1,6 @@ # Grafana Agent Helm chart -![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.31.1](https://img.shields.io/badge/Version-0.31.1-informational?style=flat-square) ![AppVersion: v0.39.1](https://img.shields.io/badge/AppVersion-v0.39.1-informational?style=flat-square) +![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.32.0](https://img.shields.io/badge/Version-0.32.0-informational?style=flat-square) ![AppVersion: v0.39.2](https://img.shields.io/badge/AppVersion-v0.39.2-informational?style=flat-square) Helm chart for deploying [Grafana Agent][] to Kubernetes. @@ -53,6 +53,7 @@ use the older mode (called "static mode"), set the `agent.mode` value to | agent.extraPorts | list | `[]` | Extra ports to expose on the Agent | | agent.listenAddr | string | `"0.0.0.0"` | Address to listen for traffic on. 0.0.0.0 exposes the UI to other containers. | | agent.listenPort | int | `80` | Port to listen for traffic on. | +| agent.listenScheme | string | `"HTTP"` | Scheme is needed for readiness probes. If enabling tls in your configs, set to "HTTPS" | | agent.mode | string | `"flow"` | Mode to run Grafana Agent in. Can be "flow" or "static". | | agent.mounts.dockercontainers | bool | `false` | Mount /var/lib/docker/containers from the host into the container for log collection. | | agent.mounts.extra | list | `[]` | Extra volume mounts to add into the Grafana Agent container. Does not affect the watch container. | diff --git a/operations/helm/charts/grafana-agent/templates/containers/_agent.yaml b/operations/helm/charts/grafana-agent/templates/containers/_agent.yaml index 32d081b58dc4..0066f198ca0c 100644 --- a/operations/helm/charts/grafana-agent/templates/containers/_agent.yaml +++ b/operations/helm/charts/grafana-agent/templates/containers/_agent.yaml @@ -55,6 +55,7 @@ httpGet: path: /-/ready port: {{ .Values.agent.listenPort }} + scheme: {{ .Values.agent.listenScheme }} initialDelaySeconds: 10 timeoutSeconds: 1 {{- with .Values.agent.resources }} diff --git a/operations/helm/charts/grafana-agent/values.yaml b/operations/helm/charts/grafana-agent/values.yaml index 9050976a43b9..c053280c209a 100644 --- a/operations/helm/charts/grafana-agent/values.yaml +++ b/operations/helm/charts/grafana-agent/values.yaml @@ -53,6 +53,9 @@ agent: # -- Port to listen for traffic on. listenPort: 80 + # -- Scheme is needed for readiness probes. If enabling tls in your configs, set to "HTTPS" + listenScheme: HTTP + # -- Base path where the UI is exposed. uiPathPrefix: / diff --git a/operations/helm/tests/additional-serviceaccount-label/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/additional-serviceaccount-label/grafana-agent/templates/controllers/daemonset.yaml index ac5ccd4389b9..41d527d5dbea 100644 --- a/operations/helm/tests/additional-serviceaccount-label/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/additional-serviceaccount-label/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/clustering/grafana-agent/templates/controllers/statefulset.yaml b/operations/helm/tests/clustering/grafana-agent/templates/controllers/statefulset.yaml index fb64c8abfc9b..5088ba03f04e 100644 --- a/operations/helm/tests/clustering/grafana-agent/templates/controllers/statefulset.yaml +++ b/operations/helm/tests/clustering/grafana-agent/templates/controllers/statefulset.yaml @@ -30,7 +30,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -56,6 +56,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/controller-volumes-extra/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/controller-volumes-extra/grafana-agent/templates/controllers/daemonset.yaml index 2b36fc32980a..26696e473513 100644 --- a/operations/helm/tests/controller-volumes-extra/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/controller-volumes-extra/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/create-daemonset-hostnetwork/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/create-daemonset-hostnetwork/grafana-agent/templates/controllers/daemonset.yaml index 252d5e276878..749461246e5d 100644 --- a/operations/helm/tests/create-daemonset-hostnetwork/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/create-daemonset-hostnetwork/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/create-daemonset/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/create-daemonset/grafana-agent/templates/controllers/daemonset.yaml index ac5ccd4389b9..41d527d5dbea 100644 --- a/operations/helm/tests/create-daemonset/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/create-daemonset/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/create-deployment-autoscaling/grafana-agent/templates/controllers/deployment.yaml b/operations/helm/tests/create-deployment-autoscaling/grafana-agent/templates/controllers/deployment.yaml index 98397b6c00f4..b889386e95f6 100644 --- a/operations/helm/tests/create-deployment-autoscaling/grafana-agent/templates/controllers/deployment.yaml +++ b/operations/helm/tests/create-deployment-autoscaling/grafana-agent/templates/controllers/deployment.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 resources: diff --git a/operations/helm/tests/create-deployment/grafana-agent/templates/controllers/deployment.yaml b/operations/helm/tests/create-deployment/grafana-agent/templates/controllers/deployment.yaml index 5ccee146ffef..a721958449e4 100644 --- a/operations/helm/tests/create-deployment/grafana-agent/templates/controllers/deployment.yaml +++ b/operations/helm/tests/create-deployment/grafana-agent/templates/controllers/deployment.yaml @@ -28,7 +28,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -52,6 +52,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/create-statefulset-autoscaling/grafana-agent/templates/controllers/statefulset.yaml b/operations/helm/tests/create-statefulset-autoscaling/grafana-agent/templates/controllers/statefulset.yaml index 132210c7c2e3..1fad47bde2e9 100644 --- a/operations/helm/tests/create-statefulset-autoscaling/grafana-agent/templates/controllers/statefulset.yaml +++ b/operations/helm/tests/create-statefulset-autoscaling/grafana-agent/templates/controllers/statefulset.yaml @@ -29,7 +29,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -53,6 +53,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 resources: diff --git a/operations/helm/tests/create-statefulset/grafana-agent/templates/controllers/statefulset.yaml b/operations/helm/tests/create-statefulset/grafana-agent/templates/controllers/statefulset.yaml index 6f7d11f76fa9..97eea71b733e 100644 --- a/operations/helm/tests/create-statefulset/grafana-agent/templates/controllers/statefulset.yaml +++ b/operations/helm/tests/create-statefulset/grafana-agent/templates/controllers/statefulset.yaml @@ -30,7 +30,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -54,6 +54,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/custom-config/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/custom-config/grafana-agent/templates/controllers/daemonset.yaml index ac5ccd4389b9..41d527d5dbea 100644 --- a/operations/helm/tests/custom-config/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/custom-config/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/default-values/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/default-values/grafana-agent/templates/controllers/daemonset.yaml index ac5ccd4389b9..41d527d5dbea 100644 --- a/operations/helm/tests/default-values/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/default-values/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/enable-servicemonitor/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/enable-servicemonitor/grafana-agent/templates/controllers/daemonset.yaml index ac5ccd4389b9..41d527d5dbea 100644 --- a/operations/helm/tests/enable-servicemonitor/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/enable-servicemonitor/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/envFrom/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/envFrom/grafana-agent/templates/controllers/daemonset.yaml index 85fb01959587..448a41609886 100644 --- a/operations/helm/tests/envFrom/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/envFrom/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -54,6 +54,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/existing-config/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/existing-config/grafana-agent/templates/controllers/daemonset.yaml index b6a93df6f9f8..aecad9744502 100644 --- a/operations/helm/tests/existing-config/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/existing-config/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/extra-env/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/extra-env/grafana-agent/templates/controllers/daemonset.yaml index 4f45d0fc40ed..6b458bf8acbe 100644 --- a/operations/helm/tests/extra-env/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/extra-env/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -60,6 +60,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/extra-ports/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/extra-ports/grafana-agent/templates/controllers/daemonset.yaml index c07733057e80..a0d812daf634 100644 --- a/operations/helm/tests/extra-ports/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/extra-ports/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -54,6 +54,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/faro-ingress/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/faro-ingress/grafana-agent/templates/controllers/daemonset.yaml index c955003a200e..9b1d7375d803 100644 --- a/operations/helm/tests/faro-ingress/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/faro-ingress/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -54,6 +54,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/global-image-pullsecrets/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/global-image-pullsecrets/grafana-agent/templates/controllers/daemonset.yaml index 1f05afd30c17..35ed8c3eee6c 100644 --- a/operations/helm/tests/global-image-pullsecrets/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/global-image-pullsecrets/grafana-agent/templates/controllers/daemonset.yaml @@ -32,7 +32,7 @@ spec: - name: global-cred containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -56,6 +56,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/global-image-registry/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/global-image-registry/grafana-agent/templates/controllers/daemonset.yaml index 0048873d187e..c18af15deea3 100644 --- a/operations/helm/tests/global-image-registry/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/global-image-registry/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: quay.io/grafana/agent:v0.39.1 + image: quay.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/initcontainers/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/initcontainers/grafana-agent/templates/controllers/daemonset.yaml index 0d58403356bb..fb649aa53fb6 100644 --- a/operations/helm/tests/initcontainers/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/initcontainers/grafana-agent/templates/controllers/daemonset.yaml @@ -45,7 +45,7 @@ spec: name: geoip containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -69,6 +69,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/local-image-pullsecrets/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/local-image-pullsecrets/grafana-agent/templates/controllers/daemonset.yaml index 2ce6b7ad7a21..dd90c71c2af9 100644 --- a/operations/helm/tests/local-image-pullsecrets/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/local-image-pullsecrets/grafana-agent/templates/controllers/daemonset.yaml @@ -29,7 +29,7 @@ spec: - name: local-cred containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -53,6 +53,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/local-image-registry/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/local-image-registry/grafana-agent/templates/controllers/daemonset.yaml index 0048873d187e..c18af15deea3 100644 --- a/operations/helm/tests/local-image-registry/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/local-image-registry/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: quay.io/grafana/agent:v0.39.1 + image: quay.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/nodeselectors-and-tolerations/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/nodeselectors-and-tolerations/grafana-agent/templates/controllers/daemonset.yaml index b4c896139945..9d70a1b0c49e 100644 --- a/operations/helm/tests/nodeselectors-and-tolerations/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/nodeselectors-and-tolerations/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/pod_annotations/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/pod_annotations/grafana-agent/templates/controllers/daemonset.yaml index 8fb72ca6f523..fc507885ae2c 100644 --- a/operations/helm/tests/pod_annotations/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/pod_annotations/grafana-agent/templates/controllers/daemonset.yaml @@ -28,7 +28,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -52,6 +52,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/sidecars/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/sidecars/grafana-agent/templates/controllers/daemonset.yaml index bb9b6a1ba64d..998f9770e590 100644 --- a/operations/helm/tests/sidecars/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/sidecars/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/static-mode/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/static-mode/grafana-agent/templates/controllers/daemonset.yaml index f676d9f3e046..47367e4d5ae4 100644 --- a/operations/helm/tests/static-mode/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/static-mode/grafana-agent/templates/controllers/daemonset.yaml @@ -27,7 +27,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - -config.file=/etc/agent/config.yaml @@ -48,6 +48,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/topologyspreadconstraints/grafana-agent/templates/controllers/deployment.yaml b/operations/helm/tests/topologyspreadconstraints/grafana-agent/templates/controllers/deployment.yaml index b28114e09e4d..79db950e4208 100644 --- a/operations/helm/tests/topologyspreadconstraints/grafana-agent/templates/controllers/deployment.yaml +++ b/operations/helm/tests/topologyspreadconstraints/grafana-agent/templates/controllers/deployment.yaml @@ -28,7 +28,7 @@ spec: serviceAccountName: grafana-agent containers: - name: grafana-agent - image: docker.io/grafana/agent:v0.39.1 + image: docker.io/grafana/agent:v0.39.2 imagePullPolicy: IfNotPresent args: - run @@ -52,6 +52,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: diff --git a/operations/helm/tests/with-digests/grafana-agent/templates/controllers/daemonset.yaml b/operations/helm/tests/with-digests/grafana-agent/templates/controllers/daemonset.yaml index fbe3f266523b..d52c502d3c31 100644 --- a/operations/helm/tests/with-digests/grafana-agent/templates/controllers/daemonset.yaml +++ b/operations/helm/tests/with-digests/grafana-agent/templates/controllers/daemonset.yaml @@ -51,6 +51,7 @@ spec: httpGet: path: /-/ready port: 80 + scheme: HTTP initialDelaySeconds: 10 timeoutSeconds: 1 volumeMounts: