Add otlp authentication support

VERSION

@@ -1 +1 @@
-4.0.10
+4.0.11

ansible-imalive/defaults/main.yml

@@ -1,5 +1,5 @@
 ---
-imalive_api_version: 4.0.10
+imalive_api_version: 4.0.11
 imalive_port: 8099
 imalive_wait_time: 300
 imalive_force_recreate: true

ansible-imalive/templates/.env.imalive.j2

@@ -4,3 +4,15 @@ IMALIVE_NODE_NAME={{ node_name }}
 {% if imalive_otel_collector_endpoint is defined and imalive_otel_collector_endpoint %}
 OTEL_COLLECTOR_ENDPOINT={{ imalive_otel_collector_endpoint }}
 {% endif %}
+
+{% if imalive_otel_collector_username is defined and imalive_otel_collector_username %}
+OTEL_COLLECTOR_USERNAME={{ imalive_otel_collector_username }}
+{% endif %}
+
+{% if imalive_otel_collector_password is defined and imalive_otel_collector_password %}
+OTEL_COLLECTOR_PASSWORD={{ imalive_otel_collector_password }}
+{% endif %}
+
+{% if imalive_otel_collector_auth_header is defined and imalive_otel_collector_auth_header %}
+OTEL_COLLECTOR_AUTH_HEADER={{ imalive_otel_collector_auth_header }}
+{% endif %}

helm/templates/deployment.yaml

@@ -41,6 +41,28 @@ spec:
               value: {{ $.Values.otlp_endpoint | quote }}
             {{ end }}
 
+            {{ if $.Values.otlp_username }}
+            - name: OTEL_COLLECTOR_USERNAME
+              value: {{ $.Values.otlp_username | quote }}
+            {{ end }}
+
+            {{ if $.Values.otlp_password }}
+            - name: OTEL_COLLECTOR_PASSWORD
+              value: {{ $.Values.otlp_password | quote }}
+            {{ end }}
+
+            {{ if $.Values.otlp_auth_header }}
+            - name: OTEL_COLLECTOR_AUTH_HEADER
+              value: {{ $.Values.otlp_auth_header | quote }}
+            {{ end }}
+
+          {{- if .Values.extraEnvFrom }}
+          envFrom:
+          {{- with .Values.extraEnvFrom }}
+            {{- toYaml . | nindent 6 }}
+          {{- end }}
+          {{- end }}
+
       restartPolicy: {{ $.Values.restartPolicy }}
 
       volumes:

src/utils/otel.py

@@ -1,5 +1,8 @@
 import os
 import logging
+import grpc
+
+from base64 import b64encode
 
 from opentelemetry import trace
 from opentelemetry.metrics import set_meter_provider, get_meter
@@ -16,13 +19,31 @@
 from opentelemetry.exporter.otlp.proto.grpc.metric_exporter import OTLPMetricExporter
 from opentelemetry.exporter.otlp.proto.grpc._log_exporter import OTLPLogExporter
 
-from utils.common import is_enabled
+from utils.common import is_enabled, is_not_empty
 
 _otel_tracer = trace.get_tracer(__name__)
 _otel_collector_endpoint = os.getenv('OTEL_COLLECTOR_ENDPOINT')
 _otel_service_name = "imalive-{}".format(os.getenv('IMALIVE_NODE_NAME', "anode"))
 _otel_service_version = os.getenv('VERSION', '0.1')
 
+_otel_collector_username = os.getenv('OTEL_COLLECTOR_USERNAME')
+_otel_collector_password = os.getenv('OTEL_COLLECTOR_PASSWORD')
+_otel_collector_authorization = os.getenv('OTEL_COLLECTOR_AUTH_HEADER')
+
+credentials = None
+auth_header = None
+if is_not_empty(_otel_collector_username) and is_not_empty(_otel_collector_password):
+    creds = b64encode(f"{_otel_collector_username}:{_otel_collector_password}".encode()).decode()
+    auth_header = f'Basic {creds}'
+elif is_not_empty(_otel_collector_authorization):
+    auth_header = _otel_collector_authorization
+
+if is_not_empty(auth_header):
+    credentials = grpc.composite_channel_credentials(
+        grpc.ssl_channel_credentials(),
+        grpc.metadata_call_credentials(lambda context, callback: callback([("Authorization", auth_header)], None)),
+    )
+
 _otel_meter = get_meter(_otel_service_name, version=_otel_service_version)
 _otel_resource = Resource.create(attributes={
     ResourceAttributes.SERVICE_NAME: _otel_service_name,
@@ -35,16 +56,16 @@ def init_otel_tracer():
     trace.set_tracer_provider(TracerProvider(resource=_otel_resource))
 
     if is_enabled(_otel_collector_endpoint):
-        trace.get_tracer_provider().add_span_processor(BatchSpanProcessor(OTLPSpanExporter(endpoint=_otel_collector_endpoint, insecure=True)))
+        trace.get_tracer_provider().add_span_processor(BatchSpanProcessor(OTLPSpanExporter(endpoint=_otel_collector_endpoint, credentials=credentials, insecure=True)))
 
 def init_otel_metrics():
     if is_enabled(_otel_collector_endpoint):
-        otlp_exporter = OTLPMetricExporter(endpoint=_otel_collector_endpoint, insecure=True)
+        otlp_exporter = OTLPMetricExporter(endpoint=_otel_collector_endpoint, credentials=credentials, insecure=True)
         set_meter_provider(MeterProvider(resource=_otel_resource, metric_readers=[PeriodicExportingMetricReader(otlp_exporter, export_interval_millis=5000)]))
 
 def init_otel_logger():
     if is_enabled(_otel_collector_endpoint):
-        otlp_exporter = OTLPLogExporter(endpoint=_otel_collector_endpoint, insecure=True)
+        otlp_exporter = OTLPLogExporter(endpoint=_otel_collector_endpoint, credentials=credentials, insecure=True)
         _logger_provider.add_log_record_processor(BatchLogRecordProcessor(otlp_exporter))
         handler = LoggingHandler(level=logging.NOTSET, logger_provider=_logger_provider)
         logging.getLogger().addHandler(handler)