feat(inputs.gnmi): Add secret store support for username and password (#15173)
This commit is contained in:
Joshua Powers
GitHub
parent
c443b762b2
commit
96e7b2b7e7
|
|
@ -34,6 +34,14 @@ See the [CONFIGURATION.md][CONFIGURATION.md] for more details.
|
||||||
|
|
||||||
[CONFIGURATION.md]: ../../../docs/CONFIGURATION.md#plugins
|
[CONFIGURATION.md]: ../../../docs/CONFIGURATION.md#plugins
|
||||||
|
|
||||||
|
## Secret-store support
|
||||||
|
|
||||||
|
This plugin supports secrets from secret-stores for the `username` and
|
||||||
|
`password` options. See the [secret-store documentation][SECRETSTORE] for more
|
||||||
|
details on how to use them.
|
||||||
|
|
||||||
|
[SECRETSTORE]: ../../../docs/CONFIGURATION.md#secret-store-secrets
|
||||||
|
|
||||||
## Configuration
|
## Configuration
|
||||||
|
|
||||||
```toml @sample.conf
|
```toml @sample.conf
|
||||||
|
|
|
||||||
|
|
@ -48,8 +48,8 @@ type GNMI struct {
|
||||||
Target string `toml:"target"`
|
Target string `toml:"target"`
|
||||||
UpdatesOnly bool `toml:"updates_only"`
|
UpdatesOnly bool `toml:"updates_only"`
|
||||||
VendorSpecific []string `toml:"vendor_specific"`
|
VendorSpecific []string `toml:"vendor_specific"`
|
||||||
Username string `toml:"username"`
|
Username config.Secret `toml:"username"`
|
||||||
Password string `toml:"password"`
|
Password config.Secret `toml:"password"`
|
||||||
Redial config.Duration `toml:"redial"`
|
Redial config.Duration `toml:"redial"`
|
||||||
MaxMsgSize config.Size `toml:"max_msg_size"`
|
MaxMsgSize config.Size `toml:"max_msg_size"`
|
||||||
Trace bool `toml:"dump_responses"`
|
Trace bool `toml:"dump_responses"`
|
||||||
|
|
@ -214,8 +214,23 @@ func (c *GNMI) Start(acc telegraf.Accumulator) error {
|
||||||
// Prepare the context, optionally with credentials
|
// Prepare the context, optionally with credentials
|
||||||
var ctx context.Context
|
var ctx context.Context
|
||||||
ctx, c.cancel = context.WithCancel(context.Background())
|
ctx, c.cancel = context.WithCancel(context.Background())
|
||||||
if len(c.Username) > 0 {
|
|
||||||
ctx = metadata.AppendToOutgoingContext(ctx, "username", c.Username, "password", c.Password)
|
if !c.Username.Empty() {
|
||||||
|
usernameSecret, err := c.Username.Get()
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("getting username failed: %w", err)
|
||||||
|
}
|
||||||
|
username := usernameSecret.String()
|
||||||
|
usernameSecret.Destroy()
|
||||||
|
|
||||||
|
passwordSecret, err := c.Password.Get()
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("getting password failed: %w", err)
|
||||||
|
}
|
||||||
|
password := passwordSecret.String()
|
||||||
|
passwordSecret.Destroy()
|
||||||
|
|
||||||
|
ctx = metadata.AppendToOutgoingContext(ctx, "username", username, "password", password)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create a goroutine for each device, dial and subscribe
|
// Create a goroutine for each device, dial and subscribe
|
||||||
|
|
|
||||||
|
|
@ -140,8 +140,8 @@ func TestUsernamePassword(t *testing.T) {
|
||||||
plugin := &GNMI{
|
plugin := &GNMI{
|
||||||
Log: testutil.Logger{},
|
Log: testutil.Logger{},
|
||||||
Addresses: []string{listener.Addr().String()},
|
Addresses: []string{listener.Addr().String()},
|
||||||
Username: "theusername",
|
Username: config.NewSecret([]byte("theusername")),
|
||||||
Password: "thepassword",
|
Password: config.NewSecret([]byte("thepassword")),
|
||||||
Encoding: "proto",
|
Encoding: "proto",
|
||||||
Redial: config.Duration(1 * time.Second),
|
Redial: config.Duration(1 * time.Second),
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue