diff --git a/cmd/clio.go b/cmd/clio.go index 4c1cb32..e67d8c4 100644 --- a/cmd/clio.go +++ b/cmd/clio.go @@ -17,9 +17,12 @@ package main import ( "log" + "path/filepath" "github.com/openconfig/clio/collector" "go.opentelemetry.io/collector/component" + "go.opentelemetry.io/collector/confmap" + "go.opentelemetry.io/collector/confmap/provider/fileprovider" "go.opentelemetry.io/collector/otelcol" ) @@ -30,7 +33,18 @@ func main() { Version: "1.0.0", } - if err := runInteractive(otelcol.CollectorSettings{BuildInfo: info, Factories: collector.Components}); err != nil { + settings := otelcol.CollectorSettings{ + BuildInfo: info, + Factories: collector.Components, + ConfigProviderSettings: otelcol.ConfigProviderSettings{ + ResolverSettings: confmap.ResolverSettings{ + URIs: []string{filepath.Join("../config", "config.yaml")}, + ProviderFactories: []confmap.ProviderFactory{fileprovider.NewFactory()}, + DefaultScheme: "file", + }, + }, + } + if err := runInteractive(settings); err != nil { log.Fatal(err) } } diff --git a/config/config.yaml b/config/config.yaml index 55f931f..c3ab876 100644 --- a/config/config.yaml +++ b/config/config.yaml @@ -155,7 +155,9 @@ exporters: # NOTE: Prior to v0.86.0 use `logging` instead of `debug`. gnmi: addr: "0.0.0.0:60302" - # To provide certificates, add the following lines: + # To enable transport security (e.g., mTLS), set the following: + # tp_sec: "mtls" + # ca_file: /certs/ca.crt # cert_file: /certs/cert.crt # key_file: /certs/cert.key diff --git a/gnmi/config.go b/gnmi/config.go index 1c8f781..24c1578 100644 --- a/gnmi/config.go +++ b/gnmi/config.go @@ -23,12 +23,21 @@ type Config struct { // Addr is the listen address of the gNMI server. Addr string `mapstructure:"addr"` + // TpSec is the transport security used by the gNMI server, i.e., "insecure", "tls", or "mtls". + TpSec string `mapstructure:"tp_sec"` + + // CAFile is the CA certificate to use for mTLS. + CAFile string `mapstructure:"ca_file"` + // CertFile is the certificate to use for TLS. CertFile string `mapstructure:"cert_file"` // KeyFile is the key to use for TLS. KeyFile string `mapstructure:"key_file"` + // CredsRefresh is the duration to refresh the credentials. + CredsRefresh string `mapstructure:"creds_refresh"` + // TargetName is the target name of this gNMI server. TargetName string `mapstructure:"target_name"` diff --git a/gnmi/config_test.go b/gnmi/config_test.go index 290a73f..ce39a85 100644 --- a/gnmi/config_test.go +++ b/gnmi/config_test.go @@ -20,7 +20,6 @@ import ( "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/require" - "go.opentelemetry.io/collector/component" "go.opentelemetry.io/collector/confmap" "go.opentelemetry.io/collector/confmap/confmaptest" ) @@ -28,7 +27,7 @@ import ( func TestUnmarshalDefaultConfig(t *testing.T) { factory := NewFactory() cfg := factory.CreateDefaultConfig() - if err := component.UnmarshalConfig(confmap.New(), cfg); err != nil { + if err := confmap.New().Unmarshal(cfg); err != nil { t.Errorf("UnmarshalConfig returned error: %v", err) } @@ -42,7 +41,7 @@ func TestUnmarshalConfig(t *testing.T) { require.NoError(t, err) factory := NewFactory() got := factory.CreateDefaultConfig() - if err := component.UnmarshalConfig(cm, got); err != nil { + if err := cm.Unmarshal(got); err != nil { t.Errorf("UnmarshalConfig returned error: %v", err) } diff --git a/gnmi/gnmi.go b/gnmi/gnmi.go index 15d709e..e1b2c33 100644 --- a/gnmi/gnmi.go +++ b/gnmi/gnmi.go @@ -16,7 +16,6 @@ package gnmi import ( "context" - "fmt" "net" "strings" @@ -31,7 +30,6 @@ import ( "go.opentelemetry.io/collector/pdata/pmetric" "go.uber.org/zap" "google.golang.org/grpc" - "google.golang.org/grpc/credentials" "google.golang.org/grpc/reflection" "google.golang.org/protobuf/proto" "k8s.io/klog/v2" @@ -60,14 +58,11 @@ func NewGNMIExporter(logger *zap.Logger, cfg *Config) (*GNMI, error) { } var opts []grpc.ServerOption - - if cfg.CertFile != "" { - creds, err := credentials.NewServerTLSFromFile(cfg.CertFile, cfg.KeyFile) - if err != nil { - return nil, fmt.Errorf("cannot create gNMI credentials, %v", err) - } - opts = append(opts, grpc.Creds(creds)) + opt, err := gRPCSecurityOption(cfg) + if err != nil { + return nil, err } + opts = append(opts, opt...) return &GNMI{ cfg: cfg, diff --git a/gnmi/security.go b/gnmi/security.go new file mode 100644 index 0000000..547395a --- /dev/null +++ b/gnmi/security.go @@ -0,0 +1,135 @@ +// Copyright 2024 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package gnmi + +import ( + "errors" + "fmt" + "os" + "time" + + "google.golang.org/grpc" + "google.golang.org/grpc/credentials" + "google.golang.org/grpc/credentials/tls/certprovider/pemfile" + "google.golang.org/grpc/security/advancedtls" +) + +const ( + // defaultCredsRefreshDuration is the default refresh duration for the credentials. + defaultCredsRefreshDuration = time.Hour +) + +func credsRefreshDuration(cfg *Config) (time.Duration, error) { + if cfg.CredsRefresh == "" { + return defaultCredsRefreshDuration, nil + } + return time.ParseDuration(cfg.CredsRefresh) +} + +// gRPCSecurityOption returns a gRPC server option based on the transport security +// configuration. +func gRPCSecurityOption(cfg *Config) ([]grpc.ServerOption, error) { + var opts []grpc.ServerOption + var err error + + switch cfg.TpSec { + case "", "insecure": // No security option requested. + case "tls": + opts, err = optionTLS(cfg) + case "mtls": + opts, err = optionMutualTLS(cfg) + default: + return nil, fmt.Errorf("unsupported transport security: %q; must be one of: insecure, tls, mtls", cfg.TpSec) + } + + if err != nil { + return nil, fmt.Errorf("failed to create gNMI credentials: %v", err) + } + + return opts, nil +} + +func optionTLS(cfg *Config) ([]grpc.ServerOption, error) { + // Check that all needed files actually exist. + for _, f := range []string{cfg.CertFile, cfg.KeyFile} { + if _, err := os.Stat(f); f == "" || errors.Is(err, os.ErrNotExist) { + return nil, fmt.Errorf("file %q does not exist", f) + } + } + + creds, err := credentials.NewServerTLSFromFile(cfg.CertFile, cfg.KeyFile) + if err != nil { + return nil, err + } + return []grpc.ServerOption{grpc.Creds(creds)}, nil +} + +func optionMutualTLS(cfg *Config) ([]grpc.ServerOption, error) { + + // Check that all needed files actually exist. + for _, f := range []string{cfg.CertFile, cfg.KeyFile, cfg.CAFile} { + if _, err := os.Stat(f); f == "" || errors.Is(err, os.ErrNotExist) { + return nil, fmt.Errorf("file %q does not exist", f) + } + } + + // Determine the refresh duration. + crd, err := credsRefreshDuration(cfg) + if err != nil { + return nil, err + } + + // Get a provider for the identity credentials. + identity := pemfile.Options{ + CertFile: cfg.CertFile, + KeyFile: cfg.KeyFile, + RefreshDuration: crd, + } + + identityProvider, err := pemfile.NewProvider(identity) + if err != nil { + return nil, fmt.Errorf("failed to create identity provider: %v", err) + } + + // Get a provider for the root credentials. + root := pemfile.Options{ + RootFile: cfg.CAFile, + RefreshDuration: crd, + } + rootProvider, err := pemfile.NewProvider(root) + if err != nil { + return nil, fmt.Errorf("failed to create root provider: %v", err) + } + + // Setup the mTLS option. + options := &advancedtls.Options{ + IdentityOptions: advancedtls.IdentityCertificateOptions{ + IdentityProvider: identityProvider, + }, + RootOptions: advancedtls.RootCertificateOptions{ + RootProvider: rootProvider, + }, + RequireClientCert: true, + } + + // Setup the server credentials. + creds, err := advancedtls.NewServerCreds(options) + if err != nil { + return nil, fmt.Errorf("failed to create client creds: %v", err) + } + + return []grpc.ServerOption{grpc.Creds(creds)}, nil + +} diff --git a/gnmi/security_test.go b/gnmi/security_test.go new file mode 100644 index 0000000..8540dc5 --- /dev/null +++ b/gnmi/security_test.go @@ -0,0 +1,147 @@ +// Copyright 2024 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package gnmi + +import ( + "testing" +) + +var ( + certFile = "testdata/cert.pem" + keyFile = "testdata/private.pem" + caFile = "testdata/gnmi.example.com.crt" +) + +func TestGRPCSecurityOption(t *testing.T) { + tests := []struct { + name string + cfg *Config + wantCnt int + }{ + { + name: "no-tls", + cfg: &Config{}, + }, + { + name: "tls", + cfg: &Config{ + TpSec: "tls", + CertFile: certFile, + KeyFile: keyFile, + }, + wantCnt: 1, + }, + { + name: "mtls", + cfg: &Config{ + TpSec: "mtls", + CAFile: caFile, + CertFile: certFile, + KeyFile: keyFile, + }, + wantCnt: 1, + }, + } + + for _, tc := range tests { + t.Run(tc.name, func(t *testing.T) { + got, err := gRPCSecurityOption(tc.cfg) + if err != nil { + t.Errorf("gRPCSecurityOption returned error: %v", err) + } + if len(got) != tc.wantCnt { + t.Errorf("gRPCSecurityOption returned %d options, want %d", len(got), tc.wantCnt) + } + }) + } +} + +func TestGRPCSecurityOptionErrors(t *testing.T) { + tests := []struct { + name string + cfg *Config + errMsg string + }{ + { + name: "tls-nonexist-cert", + cfg: &Config{ + TpSec: "tls", + CertFile: "testdata/capybara-stole-this-cert.pem", + KeyFile: keyFile, + }, + errMsg: "for nonexistent client certificate", + }, + { + name: "tls-nonexist-key", + cfg: &Config{ + TpSec: "tls", + CertFile: certFile, + KeyFile: "testdata/capybara-stole-this-key.pem", + }, + errMsg: "for nonexistent client private key", + }, + { + name: "mtls-nonexist-ca-cert", + cfg: &Config{ + TpSec: "mtls", + CAFile: "testdata/capybara-stole-this-ca-cert.crt", + CertFile: certFile, + KeyFile: keyFile, + }, + errMsg: "for nonexistent CA certificate", + }, + { + name: "mtls-nonexist-cli-cert", + cfg: &Config{ + TpSec: "mtls", + CAFile: caFile, + CertFile: "", + KeyFile: keyFile, + }, + errMsg: "for nonexistent client certificate", + }, + { + name: "mtls-nonexist-key", + cfg: &Config{ + TpSec: "mtls", + CAFile: caFile, + CertFile: certFile, + KeyFile: "testdata/capybara-stole-this-key.pem", + }, + errMsg: "for nonexistent client private key", + }, + { + name: "mtls-refresh-duration-error", + cfg: &Config{ + TpSec: "mtls", + CAFile: caFile, + CertFile: certFile, + KeyFile: keyFile, + CredsRefresh: "1095.75fortnights", + }, + errMsg: "unknown unit \"fortnights\" in duration \"1095.75fortnights\"", + }, + } + + for _, tc := range tests { + t.Run(tc.name, func(t *testing.T) { + _, err := gRPCSecurityOption(tc.cfg) + if err == nil { + t.Errorf("gRPCSecurityOption did not return error %v", tc.errMsg) + } + + }) + } +} diff --git a/gnmi/testdata/cert.pem b/gnmi/testdata/cert.pem new file mode 100644 index 0000000..cc884c5 --- /dev/null +++ b/gnmi/testdata/cert.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEXzCCAkcCFGvSOmNP0qOPUCg8CLz8h+lmkBPEMA0GCSqGSIb3DQEBCwUAMGwx +GTAXBgNVBAMMEGdubWkuZXhhbXBsZS5jb20xDzANBgNVBAsMBmdpdGh1YjENMAsG +A1UECgwEY2xpbzERMA8GA1UEBwwIRHVibGluIDQxDzANBgNVBAgMBkR1YmxpbjEL +MAkGA1UEBhMCSUUwHhcNMjQwNzE5MTYzMDU1WhcNMjUwNzE5MTYzMDU1WjBsMRkw +FwYDVQQDDBBnbm1pLmV4YW1wbGUuY29tMQ8wDQYDVQQLDAZnaXRodWIxDTALBgNV +BAoMBGNsaW8xETAPBgNVBAcMCER1YmxpbiA0MQ8wDQYDVQQIDAZEdWJsaW4xCzAJ +BgNVBAYTAklFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzXqfr6O +xO9gm+HcjNxF/b7nq5ij/OGySoJeqFw6wqSUhRRzoWBCirx2O1i8qVkPJ8dktKD1 +mCxsgeIppCopvEBnzIvexPLEpo8aASj4qKTMNys6TtcK4Cbw6h2mytn3LVlYl49D +Pg4f7TCYz3RMoKXEh33dAOTfuYi0uV/dalPo2vCPlId5zZ8Uraa+EKhPx8UfNlBl +AmRSMq9Hqf3efeQFZPHVsVOzkUFMi66z9cdg87vy8BrZ+xvVY0Z/3eGQbvUZTyKB +inG8rYOvGElRidB5hZ7h7Nqq90ozHblR8MjGv3PZGcp1qokrLdpQAIDm3LuOWrlU +sIG6t82Y2HVHwQIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQAwrEPPvfpXRekI/NPq +/pipaLCcBaT2PVR2F1Q0gSDQIDEXuQ3Z8GjmsIFxUQ4Jd5huYmUmUZx8LBA+b/fN +bJHcYyNSz5vIBEX3B/EDHkUVF6SnlO/4i6y0U2VEvEX2iqb8+MvSj6XDYNm5d7oE +bEbniPloGtG6uJqWrTv43vZvhOOOh26HsRbMWXEZTbZAFJGzF5LWgWJWwZOh3rdt +7SkoMhW2axiG7DaAuNuy2dwEhyxGYaskvW+X7uNT3EJcBcxqKzXInP9luuHpuTJg +gF55GB5uXZAVZWiBja9ajMdJ1ezmlrT6yXPyIsQBG0eXu6YNTS0w824qtOcp6xRL +BMriq/y65gnxh+aDyPWMN0GWp3ZuitjXfa/htDAnI5lF78kPJvErF/mJ3/v86eX6 +FQKXb8D3kFGMYcrBrFm77v+GeM3U5s+4bIU9OKPtgNqbpiFpogKVWoUnewPpDq42 +T3HCw1SRpSEF/4EqZ92Ka8uJlURXL8DK7Be8KvnWDfsxEhmlIlw+cYrLtAEzrkbn +Vb/g/JTVzYqVk55bnjmf5e1MZU6KBmT2j/nvNymAi40gG2t/ylFcJyJWSV9uUg9k +K29lRZ3ntW5gz5L4sdcC+vj8BDJzrJRYtPitGrtXrXfJbseBgrVu7BS4m0qNoM5C +4jWrVUQGNPcUyWCagqTZAd1C7w== +-----END CERTIFICATE----- diff --git a/gnmi/testdata/gnmi.example.com.crt b/gnmi/testdata/gnmi.example.com.crt new file mode 100644 index 0000000..ad54396 --- /dev/null +++ b/gnmi/testdata/gnmi.example.com.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFxzCCA6+gAwIBAgIUSI8M19jz0Dk2dQaYl5tUppTUrjMwDQYJKoZIhvcNAQEL +BQAwbDEZMBcGA1UEAwwQZ25taS5leGFtcGxlLmNvbTEPMA0GA1UECwwGZ2l0aHVi +MQ0wCwYDVQQKDARjbGlvMREwDwYDVQQHDAhEdWJsaW4gNDEPMA0GA1UECAwGRHVi +bGluMQswCQYDVQQGEwJJRTAeFw0yNDA3MTkxNjI3MzBaFw0zNDA3MTcxNjI3MzBa +MGwxGTAXBgNVBAMMEGdubWkuZXhhbXBsZS5jb20xDzANBgNVBAsMBmdpdGh1YjEN +MAsGA1UECgwEY2xpbzERMA8GA1UEBwwIRHVibGluIDQxDzANBgNVBAgMBkR1Ymxp +bjELMAkGA1UEBhMCSUUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCv +Z/BWKspjd6GBc2HVW8GCTJZGSj1cs6lKnWQdys7yYoLsfzTJuvbLE4qMoPuXIZK7 ++LyCFPtkT5HXUDYlHM0JkyEh8iX+mOgiqtXG9SNAm5BGfKdYTqyufpOMMvfgBr8t +W1btIB5puvjkjyDbCPDgvioA+xxQWi2xbr7aYHZCriXNIis6uT+CoEb1HSBnGur9 +a6xml/UaUdX3IFO2JWlBO6/t7QmtZK/MNmWsJaWIgq/OZxT9OL6lfFXSstROZTZu +wU22zygw/ges4gJRxmplF8J41fWI0TtrXVYVk2zgWhtCPZqWkl+YVFInyzGdN0cP +85ufgLjinV/2zNrt45TbrFgLh1YqvR5PsrR888/g1rdYC+Yu+ngcrduRLrSJP+wj +eK/RWTtj9Ycwn4MnAyCWdRZNQdV8WIRGRjgQjs3sjsF0v2xwL4wId4EFUsLlVrvI +6lUrHRgHB/1nfS+MSzIrV5uehYu4uRRSTLWOeXuxYa6YroD9yAzw3yGTr7fi+0UL +dJ7IkiauOGJG7Mc4sBK2UF72hwYpr1w2AQGCM8tAdpJyv8jTD1d5wEUojhKmm6yj +9R72LUYj8iViwCq/yjEDw9GJpBycEEvkhmA3SwIZYJjtx6GUkqvhra6+50GnR3uX +iU6xSx/Qn/y2/GAb1Ja6xk9cE3Lqlp7O0Q9giDHFRQIDAQABo2EwXzAdBgNVHQ4E +FgQUFt28Xo14+r6gmAF+GDaamsmd/1swHwYDVR0jBBgwFoAUFt28Xo14+r6gmAF+ +GDaamsmd/1swDwYDVR0TAQH/BAUwAwEB/zAMBgNVHREEBTADggEqMA0GCSqGSIb3 +DQEBCwUAA4ICAQCVdfuhgV8dYSQMhd3rZUVaI/Nd3j0mWOkKDHNjOlCtpJeiC2Un +evD+L2FpODb0vFKYxjIA9zX2mGQV/N7J05VsYl8T2v9S7WM7Qdswx9jqWGbi6Yfl +6mpPA0ClwJrxel85XjVO/L6pMXu4BF2ocN/URoOT3xWMRQrjH8PXe2zjlJ/qdq2l +y4qvCaUAc6PND4MLW+LVz3Nqjhhc+4MrrB/EDEITcUEwPvX/VWiTbymnzotMEmQz +rMr3fX8xmGB2XmkPH8wE8vOvSBIJMfmsB5MF8eNB16u8H256QF9/w7L0vwLN1kHC +WyfWYouoVpZAuzKvHaSggKAwrDoxq1pRIn76GyDWub5psi69BWU+O+RufCovzHnZ +D/JtkyOxl+B46gUCZ0tqsINq/T0ClDVEQbFQhRAJWFpgYQd+p/mOTE4alkq4K4zh +Hf+KefGIpCosuJAtoHf98mK7DuLoXpNkLW4mdo1hgAAm61OH2va+aiRvBEpLv6i0 +cQcfg/JyAXWdWjhnwbTxfpU8Abg+ciYSj7n3G6DtvtCACfVwbiDIHgs/LNK54S6g +c0PAzdWbUhl/C0n+ZvlrfSe63g/dQkPw6z9NYc5VkV0hwt4CABUkB9gawlBhGN9t +conxyojw/C7jSFfUG3/t8LSIlXpA4TOolKfp4wB1r8NO7z7wO1kg26q/tw== +-----END CERTIFICATE----- diff --git a/gnmi/testdata/private.pem b/gnmi/testdata/private.pem new file mode 100644 index 0000000..8b4be6a --- /dev/null +++ b/gnmi/testdata/private.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDHNep+vo7E72Cb +4dyM3EX9vuermKP84bJKgl6oXDrCpJSFFHOhYEKKvHY7WLypWQ8nx2S0oPWYLGyB +4imkKim8QGfMi97E8sSmjxoBKPiopMw3KzpO1wrgJvDqHabK2fctWViXj0M+Dh/t +MJjPdEygpcSHfd0A5N+5iLS5X91qU+ja8I+Uh3nNnxStpr4QqE/HxR82UGUCZFIy +r0ep/d595AVk8dWxU7ORQUyLrrP1x2Dzu/LwGtn7G9VjRn/d4ZBu9RlPIoGKcbyt +g68YSVGJ0HmFnuHs2qr3SjMduVHwyMa/c9kZynWqiSst2lAAgObcu45auVSwgbq3 +zZjYdUfBAgMBAAECggEAAfWLgP/ptHmOVKUiWa0rR+w7H/ufKgAcHE4LPVaUHjy/ +ME5910GMoPu60dFI8HVNjCKSmLFMLgkaj3XSexSeMsWLQcpyvEMPFJxj3Qzeom21 +u5GKfBrSvsbqQ9KrJKvDadX7BFlQj/NEjI0XtSNZozMzJ0IZWLpPghYUYS32dfah +IeHOk/ZE2Bi31MQvSIjID2TdEz0t2wt+skLJlics/kUvBTBa1p0Di9+3HPTyeDaj +2pXTDgUyTSnPQwqKpsv0l51YkdulBJi939QqIqDUPEJwgwm7R2mYeiTPdaNHGOY2 +3QRAuqqQ1Xq0e+zkA1hEfQiTetgCfF45UG656HOYAQKBgQD/kHPTHohkN9kBMg46 +9CMo7a+TuzVPWQXWff6gUH9WiXEx363k5aS0Ol0ROcOGn6qglzLu++mG9k5EuzHd +ndp2KGmfpVLpnzjkGKo+r6+McJi3Zq5tGEGT5zpZaBLWeGWEhe9fercQ3c8f1/ej +AwOwogBJXPkpP9Tb/HgfCHS0AQKBgQDHjN3W9ApOsm71lpLLle9AE/3/t4a8DnAy +5N4xPBKZZyc1OtFEQUXNpg0o3olWNTBl3LGr7T3LeNZIg7d3YXxOBMj9rzyb1QZ9 +OZ4DAOlcZ4GNYNZ9Cis8rPk0+L4u141EygXcV6BLy9R79gB9QkotaLFb/Ecbg6gx +WMcsER2TwQKBgB7tYUbsS/8szwMZBqXVw6eBVB0hq6rlkBJL/xNximdzjJJHimjH +7a2t3nNmNSZGjkSO56gKLlGZ3xDsQnWaU8S20UlznVwOW7kmzvt1EV6Chci0EWm8 +ZLs8YVBOivEPcuGdv8EjPaI55YXqAdrlU339rOEz8icuxVi17ed7g3wBAoGBAKcO +PfWjDjH93TiKWtBG8ClT01NOAGTVLYbd5UmQgf2cxs0gNWsPvfFA70lkq9LY6nCM +Rs2o6g+6VKIWavRtT1Q9W0pNds76ktko8CiRjcuG94U1Kbs6VSIRqPt4tjaey6xn ++GoTjaWGuZchRh2W7mR/feOFGr5lBNxy9yLkHT/BAoGBAMVW/X59I9oO41bjKc1w +SzygnmmYcaYjsJ0fiZshnEnTI2o0RLAKH21JUcOV6fWi2+cDZd7ITukEPZu+sSN0 +JpowE6CEYLTOJ5W70SMusLRFjh9vW19Rxd21TzrLTKnMZZjMUUyH/2Dao5FTtUzk +uOFsVPRup0axxQgvqH3HnFi6 +-----END PRIVATE KEY----- diff --git a/gnmipath/config_test.go b/gnmipath/config_test.go index e32f60e..341e963 100644 --- a/gnmipath/config_test.go +++ b/gnmipath/config_test.go @@ -20,7 +20,6 @@ import ( "github.com/google/go-cmp/cmp" "github.com/stretchr/testify/require" - "go.opentelemetry.io/collector/component" "go.opentelemetry.io/collector/confmap" "go.opentelemetry.io/collector/confmap/confmaptest" ) @@ -28,7 +27,7 @@ import ( func TestUnmarshalDefaultConfig(t *testing.T) { factory := NewFactory() cfg := factory.CreateDefaultConfig() - if err := component.UnmarshalConfig(confmap.New(), cfg); err != nil { + if err := confmap.New().Unmarshal(cfg); err != nil { t.Errorf("UnmarshalConfig returned error: %v", err) } @@ -42,7 +41,7 @@ func TestUnmarshalConfig(t *testing.T) { require.NoError(t, err) factory := NewFactory() got := factory.CreateDefaultConfig() - if err := component.UnmarshalConfig(cm, got); err != nil { + if err := cm.Unmarshal(got); err != nil { t.Errorf("UnmarshalConfig returned error: %v", err) } diff --git a/go.mod b/go.mod index c33e655..8234195 100644 --- a/go.mod +++ b/go.mod @@ -25,6 +25,7 @@ require ( go.opentelemetry.io/proto/otlp v1.2.0 go.uber.org/zap v1.27.0 google.golang.org/grpc v1.64.1 + google.golang.org/grpc/security/advancedtls v1.0.0 google.golang.org/protobuf v1.34.1 k8s.io/klog/v2 v2.120.1 ) @@ -42,13 +43,13 @@ require ( github.com/docker/go-units v0.5.0 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect - github.com/go-logr/logr v1.4.1 // indirect + github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-ole/go-ole v1.3.0 // indirect github.com/go-viper/mapstructure/v2 v2.0.0-alpha.1 // indirect github.com/gobwas/glob v0.2.3 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang/glog v1.2.1 // indirect + github.com/golang/glog v1.2.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/snappy v0.0.4 // indirect github.com/google/uuid v1.6.0 // indirect @@ -56,7 +57,7 @@ require ( github.com/hashicorp/go-version v1.7.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/klauspost/compress v1.17.8 // indirect + github.com/klauspost/compress v1.17.9 // indirect github.com/knadh/koanf/maps v0.1.1 // indirect github.com/knadh/koanf/providers/confmap v0.1.0 // indirect github.com/knadh/koanf/v2 v2.1.1 // indirect @@ -84,7 +85,7 @@ require ( github.com/rs/cors v1.11.0 // indirect github.com/shirou/gopsutil/v3 v3.24.4 // indirect github.com/shoenig/go-m1cpu v0.1.6 // indirect - github.com/spf13/cobra v1.8.0 // indirect + github.com/spf13/cobra v1.8.1 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/tklauser/go-sysconf v0.3.14 // indirect github.com/tklauser/numcpus v0.8.0 // indirect @@ -131,6 +132,7 @@ require ( go.opentelemetry.io/otel/sdk v1.27.0 // indirect go.opentelemetry.io/otel/sdk/metric v1.27.0 // indirect go.uber.org/multierr v1.11.0 // indirect + golang.org/x/crypto v0.24.0 // indirect golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 // indirect golang.org/x/mod v0.17.0 // indirect golang.org/x/net v0.26.0 // indirect @@ -140,6 +142,6 @@ require ( golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect gonum.org/v1/gonum v0.15.0 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20240520151616-dc85e6b867a5 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20240520151616-dc85e6b867a5 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240604185151-ef581f913117 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 1ebb4da..75a7200 100644 --- a/go.sum +++ b/go.sum @@ -1391,7 +1391,7 @@ github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= github.com/cpuguy83/dockercfg v0.3.1 h1:/FpZ+JaygUR/lZP2NlFI2DVfrOEMAIKP5wWEJdoYe9E= github.com/cpuguy83/dockercfg v0.3.1/go.mod h1:sugsbF4//dDlL/i+S+rtpIWp+5h0BHJHfjj5/jFyUJc= -github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -1453,8 +1453,9 @@ github.com/go-latex/latex v0.0.0-20210823091927-c0d11ff05a81/go.mod h1:SX0U8uGpx github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= -github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= @@ -1482,8 +1483,8 @@ github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0L github.com/golang/glog v1.1.0/go.mod h1:pfYeQZ3JWZoXTV5sFc986z3HTpwQs9At6P4ImfuP3NQ= github.com/golang/glog v1.1.2/go.mod h1:zR+okUeTbrL6EL3xHUDxZuEtGv04p5shwip1+mL/rLQ= github.com/golang/glog v1.2.0/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= -github.com/golang/glog v1.2.1 h1:OptwRhECazUx5ix5TTWC3EZhsZEHWcYWY4FQHTIubm4= -github.com/golang/glog v1.2.1/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= +github.com/golang/glog v1.2.2 h1:1+mZ9upx1Dh6FmUTFR1naJ77miKiXgALjWOZ3NVFPmY= +github.com/golang/glog v1.2.2/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -1516,6 +1517,7 @@ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaS github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= @@ -1633,8 +1635,8 @@ github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+o github.com/klauspost/asmfmt v1.3.2/go.mod h1:AG8TuvYojzulgDAMCnYn50l/5QV3Bs/tp6j0HLHbNSE= github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= github.com/klauspost/compress v1.16.7/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= -github.com/klauspost/compress v1.17.8 h1:YcnTYrq7MikUT7k0Yb5eceMmALQPYBW/Xltxn0NAMnU= -github.com/klauspost/compress v1.17.8/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= +github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= +github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/klauspost/cpuid/v2 v2.2.3/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY= github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= @@ -1790,8 +1792,8 @@ github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY52 github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= github.com/spf13/afero v1.9.2/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y= github.com/spf13/afero v1.10.0/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ= -github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= -github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stoewer/go-strcase v1.3.0/go.mod h1:fAH5hQ5pehh+j3nZfvwdk2RgEgQjAoM8wodgtPmh1xo= @@ -2751,8 +2753,8 @@ google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe/go. google.golang.org/genproto/googleapis/rpc v0.0.0-20240205150955-31a09d347014/go.mod h1:SaPjaZGWb0lPqs6Ittu0spdfrOArqji4ZdeP5IC/9N4= google.golang.org/genproto/googleapis/rpc v0.0.0-20240213162025-012b6fc9bca9/go.mod h1:YUWgXUFRPfoYK1IHMuxH5K6nPEXSCzIMljnQ59lLRCk= google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:H4O17MA/PE9BsGx3w+a+W2VOLLD1Qf7oJneAoU6WktY= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240520151616-dc85e6b867a5 h1:Q2RxlXqh1cgzzUgV261vBO2jI5R/3DD1J2pM0nI4NhU= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240520151616-dc85e6b867a5/go.mod h1:EfXuqaE1J41VCDicxHzUDm+8rk+7ZdXzHV0IhO/I6s0= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240604185151-ef581f913117 h1:1GBuWVLM/KMVUv1t1En5Gs+gFZCNd360GGb4sSxtrhU= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240604185151-ef581f913117/go.mod h1:EfXuqaE1J41VCDicxHzUDm+8rk+7ZdXzHV0IhO/I6s0= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -2809,6 +2811,10 @@ google.golang.org/grpc v1.63.2/go.mod h1:WAX/8DgncnokcFUldAxq7GeB5DXHDbMF+lLvDom google.golang.org/grpc v1.64.1 h1:LKtvyfbX3UGVPFcGqJ9ItpVWW6oN/2XqTxfAnwRRXiA= google.golang.org/grpc v1.64.1/go.mod h1:hiQF4LFZelK2WKaP6W0L92zGHtiQdZxk8CrSdvyjeP0= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= +google.golang.org/grpc/examples v0.0.0-20201112215255-90f1b3ee835b h1:NuxyvVZoDfHZwYW9LD4GJiF5/nhiSyP4/InTrvw9Ibk= +google.golang.org/grpc/examples v0.0.0-20201112215255-90f1b3ee835b/go.mod h1:IBqQ7wSUJ2Ep09a8rMWFsg4fmI2r38zwsq8a0GgxXpM= +google.golang.org/grpc/security/advancedtls v1.0.0 h1:/KQ7VP/1bs53/aopk9QhuPyFAp9Dm9Ejix3lzYkCrDA= +google.golang.org/grpc/security/advancedtls v1.0.0/go.mod h1:o+s4go+e1PJ2AjuQMY5hU82W7lDlefjJA6FqEHRVHWk= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=