From 1db1fbf1a4f2d049daf5264a75c28e6cf017ec23 Mon Sep 17 00:00:00 2001 From: Szilard Parrag Date: Thu, 1 Feb 2024 16:26:56 +0100 Subject: [PATCH] feat(output): refine OTLPgrpc output Signed-off-by: Szilard Parrag --- api/telemetry/v1alpha1/otlp_config.go | 2 +- .../v1alpha1/zz_generated.deepcopy.go | 1 + ...elemetry.kube-logging.dev_oteloutputs.yaml | 41 +++++++++++++++++++ 3 files changed, 43 insertions(+), 1 deletion(-) diff --git a/api/telemetry/v1alpha1/otlp_config.go b/api/telemetry/v1alpha1/otlp_config.go index dd00f042..b0bf8182 100644 --- a/api/telemetry/v1alpha1/otlp_config.go +++ b/api/telemetry/v1alpha1/otlp_config.go @@ -117,7 +117,7 @@ type GRPCClientSettings struct { // components configuring TLS client connections. type TLSClientSetting struct { // squash ensures fields are correctly decoded in embedded struct. - //TLSSetting `json:",inline"` + TLSSetting `json:",inline"` // These are config options specific to client connections. diff --git a/api/telemetry/v1alpha1/zz_generated.deepcopy.go b/api/telemetry/v1alpha1/zz_generated.deepcopy.go index 0988f9bb..99597a6a 100644 --- a/api/telemetry/v1alpha1/zz_generated.deepcopy.go +++ b/api/telemetry/v1alpha1/zz_generated.deepcopy.go @@ -427,6 +427,7 @@ func (in *SubscriptionStatus) DeepCopy() *SubscriptionStatus { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TLSClientSetting) DeepCopyInto(out *TLSClientSetting) { *out = *in + out.TLSSetting = in.TLSSetting } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSClientSetting. diff --git a/config/crd/bases/telemetry.kube-logging.dev_oteloutputs.yaml b/config/crd/bases/telemetry.kube-logging.dev_oteloutputs.yaml index c65411d7..5566a2df 100644 --- a/config/crd/bases/telemetry.kube-logging.dev_oteloutputs.yaml +++ b/config/crd/bases/telemetry.kube-logging.dev_oteloutputs.yaml @@ -165,6 +165,23 @@ spec: tls: description: TLSSetting struct exposes TLS client configuration. properties: + ca_file: + description: |- + Path to the CA cert. For a client this verifies the server certificate. + For a server this verifies client certificates. If empty uses system root CA. + (optional) + type: string + ca_pem: + description: In memory PEM encoded cert. (optional) + type: string + cert_file: + description: Path to the TLS cert to use for TLS required + connections. (optional) + type: string + cert_pem: + description: In memory PEM encoded TLS cert to use for TLS + required connections. (optional) + type: string insecure: description: |- In gRPC when set to true, this is used to disable the client transport security. @@ -178,6 +195,30 @@ spec: description: InsecureSkipVerify will enable TLS but not verify the certificate. type: boolean + key_file: + description: Path to the TLS key to use for TLS required connections. + (optional) + type: string + key_pem: + description: In memory PEM encoded TLS key to use for TLS + required connections. (optional) + type: string + max_version: + description: |- + MaxVersion sets the maximum TLS version that is acceptable. + If not set, refer to crypto/tls for defaults. (optional) + type: string + min_version: + description: |- + MinVersion sets the minimum TLS version that is acceptable. + If not set, TLS 1.2 will be used. (optional) + type: string + reload_interval: + description: |- + ReloadInterval specifies the duration after which the certificate will be reloaded + If not set, it will never be reloaded (optional) + format: int64 + type: integer server_name_override: description: |- ServerName requested by client for virtual hosting.