From f722564792fd63bd40fdd9bb3d1632e1e365fb96 Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 11 Jul 2024 20:45:17 +0300 Subject: [PATCH 1/6] Added app for TA-collecotr mTLS secert transfer e2e tests --- .../workflows/publish-test-e2e-images.yaml | 5 +++ .../metrics-basic-auth/Dockerfile | 10 ++++++ tests/test-e2e-apps/metrics-basic-auth/app.py | 36 +++++++++++++++++++ .../metrics-basic-auth/requirements.txt | 2 ++ 4 files changed, 53 insertions(+) create mode 100644 tests/test-e2e-apps/metrics-basic-auth/Dockerfile create mode 100644 tests/test-e2e-apps/metrics-basic-auth/app.py create mode 100644 tests/test-e2e-apps/metrics-basic-auth/requirements.txt diff --git a/.github/workflows/publish-test-e2e-images.yaml b/.github/workflows/publish-test-e2e-images.yaml index aee5d03ec1..1a00b87943 100644 --- a/.github/workflows/publish-test-e2e-images.yaml +++ b/.github/workflows/publish-test-e2e-images.yaml @@ -53,3 +53,8 @@ jobs: with: path: nodejs platforms: linux/arm64,linux/amd64,linux/s390x,linux/ppc64le + metrics-basic-auth: + uses: ./.github/workflows/reusable-publish-test-e2e-images.yaml + with: + path: metrics-basic-auth + platforms: linux/arm64,linux/amd64,linux/s390x,linux/ppc64le \ No newline at end of file diff --git a/tests/test-e2e-apps/metrics-basic-auth/Dockerfile b/tests/test-e2e-apps/metrics-basic-auth/Dockerfile new file mode 100644 index 0000000000..0a2d008a30 --- /dev/null +++ b/tests/test-e2e-apps/metrics-basic-auth/Dockerfile @@ -0,0 +1,10 @@ +FROM python:3.11-slim + +COPY requirements.txt . +RUN pip install -r requirements.txt + +COPY app.py . + +EXPOSE 9123 + +CMD ["python", "app.py"] diff --git a/tests/test-e2e-apps/metrics-basic-auth/app.py b/tests/test-e2e-apps/metrics-basic-auth/app.py new file mode 100644 index 0000000000..f2ffaa7f64 --- /dev/null +++ b/tests/test-e2e-apps/metrics-basic-auth/app.py @@ -0,0 +1,36 @@ +import os +os.environ['PROMETHEUS_DISABLE_CREATED_SERIES'] = 'true' + +from flask import Flask, Response, request +from prometheus_client import Gauge, generate_latest, REGISTRY, PROCESS_COLLECTOR, PLATFORM_COLLECTOR, GC_COLLECTOR + +app = Flask(__name__) + +REGISTRY.unregister(PROCESS_COLLECTOR) +REGISTRY.unregister(PLATFORM_COLLECTOR) +REGISTRY.unregister(GC_COLLECTOR) + +secure = Gauge('authenticated', 'Client was authenticated') +secure.set(1) + +USERNAME = "user" +PASSWORD = "t0p$ecreT" + +def check_auth(username, password): + return username == USERNAME and password == PASSWORD + +def authenticate(): + return Response( + 'Could not verify your access level for that URL.\n' + 'You have to login with proper credentials', 401, + {'WWW-Authenticate': 'Basic realm="Login Required"'}) + +@app.route('/metrics') +def metrics(): + auth = request.authorization + if not auth or not check_auth(auth.username, auth.password): + return authenticate() + return Response(generate_latest(), mimetype='text/plain') + +if __name__ == '__main__': + app.run(host='0.0.0.0', port=9123) diff --git a/tests/test-e2e-apps/metrics-basic-auth/requirements.txt b/tests/test-e2e-apps/metrics-basic-auth/requirements.txt new file mode 100644 index 0000000000..865b49ac22 --- /dev/null +++ b/tests/test-e2e-apps/metrics-basic-auth/requirements.txt @@ -0,0 +1,2 @@ +Flask==2.3.3 +prometheus_client==0.20.0 From 1bcf8efafd37d252c8b966f37a6f8b289730379e Mon Sep 17 00:00:00 2001 From: Itiel Olenick Date: Thu, 11 Jul 2024 20:46:09 +0300 Subject: [PATCH 2/6] Newline --- .github/workflows/publish-test-e2e-images.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-test-e2e-images.yaml b/.github/workflows/publish-test-e2e-images.yaml index 1a00b87943..2f91f08549 100644 --- a/.github/workflows/publish-test-e2e-images.yaml +++ b/.github/workflows/publish-test-e2e-images.yaml @@ -57,4 +57,4 @@ jobs: uses: ./.github/workflows/reusable-publish-test-e2e-images.yaml with: path: metrics-basic-auth - platforms: linux/arm64,linux/amd64,linux/s390x,linux/ppc64le \ No newline at end of file + platforms: linux/arm64,linux/amd64,linux/s390x,linux/ppc64le From d59892b4dfbc89bc26df7d35e05a84c6d7bd2dda Mon Sep 17 00:00:00 2001 From: ItielOlenick <67790309+ItielOlenick@users.noreply.github.com> Date: Mon, 19 Aug 2024 14:57:15 +0300 Subject: [PATCH 3/6] Added change log --- .chloggen/publish-test-e2e-images.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 .chloggen/publish-test-e2e-images.yaml diff --git a/.chloggen/publish-test-e2e-images.yaml b/.chloggen/publish-test-e2e-images.yaml new file mode 100644 index 0000000000..0f0ced4622 --- /dev/null +++ b/.chloggen/publish-test-e2e-images.yaml @@ -0,0 +1,17 @@ +# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' +change_type: enhancement + +# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) +component: github action e2e test image + +# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). +note: "Docker image for a simple server with a metrics endpoint that has authentication required" + +# One or more tracking issues related to the change +issues: [1669] + +# (Optional) One or more lines of additional information to render under the primary note. +# These lines will be padded with 2 spaces and then inserted directly into the document. +# Use pipe (|) for multiline entries. +subtext: | + Used for testing the feature that enables mTLS between the TA and the collector for scraping endpoints that have authentication From f46df67cd9c4f86df368ab5aaaee66ba3a3676e4 Mon Sep 17 00:00:00 2001 From: ItielOlenick <67790309+ItielOlenick@users.noreply.github.com> Date: Mon, 19 Aug 2024 16:57:42 +0300 Subject: [PATCH 4/6] Update publish-test-e2e-images.yaml --- .chloggen/publish-test-e2e-images.yaml | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/.chloggen/publish-test-e2e-images.yaml b/.chloggen/publish-test-e2e-images.yaml index 0f0ced4622..8b13789179 100644 --- a/.chloggen/publish-test-e2e-images.yaml +++ b/.chloggen/publish-test-e2e-images.yaml @@ -1,17 +1 @@ -# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix' -change_type: enhancement -# The name of the component, or a single word describing the area of concern, (e.g. collector, target allocator, auto-instrumentation, opamp, github action) -component: github action e2e test image - -# A brief description of the change. Surround your text with quotes ("") if it needs to start with a backtick (`). -note: "Docker image for a simple server with a metrics endpoint that has authentication required" - -# One or more tracking issues related to the change -issues: [1669] - -# (Optional) One or more lines of additional information to render under the primary note. -# These lines will be padded with 2 spaces and then inserted directly into the document. -# Use pipe (|) for multiline entries. -subtext: | - Used for testing the feature that enables mTLS between the TA and the collector for scraping endpoints that have authentication From 56b7094a9dc371b4a477b90527a8189a74e4e733 Mon Sep 17 00:00:00 2001 From: ItielOlenick <67790309+ItielOlenick@users.noreply.github.com> Date: Mon, 19 Aug 2024 16:58:10 +0300 Subject: [PATCH 5/6] Delete .chloggen/publish-test-e2e-images.yaml --- .chloggen/publish-test-e2e-images.yaml | 1 - 1 file changed, 1 deletion(-) delete mode 100644 .chloggen/publish-test-e2e-images.yaml diff --git a/.chloggen/publish-test-e2e-images.yaml b/.chloggen/publish-test-e2e-images.yaml deleted file mode 100644 index 8b13789179..0000000000 --- a/.chloggen/publish-test-e2e-images.yaml +++ /dev/null @@ -1 +0,0 @@ - From 6f4e6e8042355806fc5f41f85cdc3a484fabd3e0 Mon Sep 17 00:00:00 2001 From: ItielOlenick <67790309+ItielOlenick@users.noreply.github.com> Date: Mon, 19 Aug 2024 17:41:46 +0300 Subject: [PATCH 6/6] Added README.md --- tests/test-e2e-apps/metrics-basic-auth/README.md | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 tests/test-e2e-apps/metrics-basic-auth/README.md diff --git a/tests/test-e2e-apps/metrics-basic-auth/README.md b/tests/test-e2e-apps/metrics-basic-auth/README.md new file mode 100644 index 0000000000..16ccb48474 --- /dev/null +++ b/tests/test-e2e-apps/metrics-basic-auth/README.md @@ -0,0 +1,8 @@ +# Metrics Basic Auth E2E Test App +Simple web application used in an end-to-end (E2E) test to verify that the OpenTelemetry collector can retrieve secret authentication details from the target allocator over mTLS. + +## Overview +The web app provides a metrics endpoint secured with basic authentication, simulating real-world scenarios where services require secure access to their metrics. + +## Usage +This app is used within the E2E test suite to verify the OpenTelemetry operator's handling of mTLS-secured communications. \ No newline at end of file