config: resolve more file paths (#5284)

Signed-off-by: Simon Pasquier <spasquie@redhat.com>
2019-03-12 11:24:15 +01:00 · 2019-03-12 11:24:15 +01:00 · 027d2ece14
parent 683fbc59ec
commit 027d2ece14
4 changed files with 72 additions and 23 deletions
--- a/config/config.go
+++ b/config/config.go
@ -153,11 +153,17 @@ func resolveFilepaths(baseDir string, cfg *Config) {
 		cfg.RuleFiles[i] = join(rf)
 	}

+	tlsPaths := func(cfg *config_util.TLSConfig) {
+		cfg.CAFile = join(cfg.CAFile)
+		cfg.CertFile = join(cfg.CertFile)
+		cfg.KeyFile = join(cfg.KeyFile)
+	}
 	clientPaths := func(scfg *config_util.HTTPClientConfig) {
+		if scfg.BasicAuth != nil {
+			scfg.BasicAuth.PasswordFile = join(scfg.BasicAuth.PasswordFile)
+		}
 		scfg.BearerTokenFile = join(scfg.BearerTokenFile)
-		scfg.TLSConfig.CAFile = join(scfg.TLSConfig.CAFile)
-		scfg.TLSConfig.CertFile = join(scfg.TLSConfig.CertFile)
-		scfg.TLSConfig.KeyFile = join(scfg.TLSConfig.KeyFile)
+		tlsPaths(&scfg.TLSConfig)
 	}
 	sdPaths := func(cfg *sd_config.ServiceDiscoveryConfig) {
 		for _, kcfg := range cfg.KubernetesSDConfigs {
@ -165,15 +171,16 @@ func resolveFilepaths(baseDir string, cfg *Config) {
 		}
 		for _, mcfg := range cfg.MarathonSDConfigs {
 			mcfg.AuthTokenFile = join(mcfg.AuthTokenFile)
-			mcfg.HTTPClientConfig.BearerTokenFile = join(mcfg.HTTPClientConfig.BearerTokenFile)
-			mcfg.HTTPClientConfig.TLSConfig.CAFile = join(mcfg.HTTPClientConfig.TLSConfig.CAFile)
-			mcfg.HTTPClientConfig.TLSConfig.CertFile = join(mcfg.HTTPClientConfig.TLSConfig.CertFile)
-			mcfg.HTTPClientConfig.TLSConfig.KeyFile = join(mcfg.HTTPClientConfig.TLSConfig.KeyFile)
+			clientPaths(&mcfg.HTTPClientConfig)
 		}
 		for _, consulcfg := range cfg.ConsulSDConfigs {
-			consulcfg.TLSConfig.CAFile = join(consulcfg.TLSConfig.CAFile)
-			consulcfg.TLSConfig.CertFile = join(consulcfg.TLSConfig.CertFile)
-			consulcfg.TLSConfig.KeyFile = join(consulcfg.TLSConfig.KeyFile)
+			tlsPaths(&consulcfg.TLSConfig)
+		}
+		for _, cfg := range cfg.OpenstackSDConfigs {
+			tlsPaths(&cfg.TLSConfig)
+		}
+		for _, cfg := range cfg.TritonSDConfigs {
+			tlsPaths(&cfg.TLSConfig)
 		}
 		for _, filecfg := range cfg.FileSDConfigs {
 			for i, fn := range filecfg.Files {
@ -190,6 +197,12 @@ func resolveFilepaths(baseDir string, cfg *Config) {
 		clientPaths(&cfg.HTTPClientConfig)
 		sdPaths(&cfg.ServiceDiscoveryConfig)
 	}
+	for _, cfg := range cfg.RemoteReadConfigs {
+		clientPaths(&cfg.HTTPClientConfig)
+	}
+	for _, cfg := range cfg.RemoteWriteConfigs {
+		clientPaths(&cfg.HTTPClientConfig)
+	}
 }

 func (c Config) String() string {
--- a/config/config_test.go
+++ b/config/config_test.go
@ -23,9 +23,13 @@ import (
 	"testing"
 	"time"

-	"github.com/prometheus/prometheus/pkg/relabel"
+	config_util "github.com/prometheus/common/config"
+	"github.com/prometheus/common/model"
+	"github.com/stretchr/testify/assert"
+	"gopkg.in/yaml.v2"

 	"github.com/prometheus/prometheus/discovery/azure"
+	sd_config "github.com/prometheus/prometheus/discovery/config"
 	"github.com/prometheus/prometheus/discovery/consul"
 	"github.com/prometheus/prometheus/discovery/dns"
 	"github.com/prometheus/prometheus/discovery/ec2"
@ -36,12 +40,8 @@ import (
 	"github.com/prometheus/prometheus/discovery/targetgroup"
 	"github.com/prometheus/prometheus/discovery/triton"
 	"github.com/prometheus/prometheus/discovery/zookeeper"
-
-	config_util "github.com/prometheus/common/config"
-	"github.com/prometheus/common/model"
-	sd_config "github.com/prometheus/prometheus/discovery/config"
+	"github.com/prometheus/prometheus/pkg/relabel"
 	"github.com/prometheus/prometheus/util/testutil"
-	"gopkg.in/yaml.v2"
 )

 func mustParseURL(u string) *config_util.URL {
@ -88,6 +88,12 @@ var expectedConf = &Config{
 			URL:           mustParseURL("http://remote2/push"),
 			RemoteTimeout: model.Duration(30 * time.Second),
 			QueueConfig:   DefaultQueueConfig,
+			HTTPClientConfig: config_util.HTTPClientConfig{
+				TLSConfig: config_util.TLSConfig{
+					CertFile: filepath.FromSlash("testdata/valid_cert_file"),
+					KeyFile:  filepath.FromSlash("testdata/valid_key_file"),
+				},
+			},
 		},
 	},

@ -102,6 +108,12 @@ var expectedConf = &Config{
 			RemoteTimeout:    model.Duration(1 * time.Minute),
 			ReadRecent:       false,
 			RequiredMatchers: model.LabelSet{"job": "special"},
+			HTTPClientConfig: config_util.HTTPClientConfig{
+				TLSConfig: config_util.TLSConfig{
+					CertFile: filepath.FromSlash("testdata/valid_cert_file"),
+					KeyFile:  filepath.FromSlash("testdata/valid_key_file"),
+				},
+			},
 		},
 	},

@ -346,6 +358,10 @@ var expectedConf = &Config{
 								Username: "myusername",
 								Password: "mysecret",
 							},
+							TLSConfig: config_util.TLSConfig{
+								CertFile: filepath.FromSlash("testdata/valid_cert_file"),
+								KeyFile:  filepath.FromSlash("testdata/valid_key_file"),
+							},
 						},
 						NamespaceDiscovery: kubernetes.NamespaceDiscovery{},
 					},
@ -360,6 +376,12 @@ var expectedConf = &Config{

 			MetricsPath: DefaultScrapeConfig.MetricsPath,
 			Scheme:      DefaultScrapeConfig.Scheme,
+			HTTPClientConfig: config_util.HTTPClientConfig{
+				BasicAuth: &config_util.BasicAuth{
+					Username:     "myusername",
+					PasswordFile: filepath.FromSlash("testdata/valid_password_file"),
+				},
+			},

 			ServiceDiscoveryConfig: sd_config.ServiceDiscoveryConfig{
 				KubernetesSDConfigs: []*kubernetes.SDConfig{
@ -561,9 +583,9 @@ var expectedConf = &Config{
 						Port:            80,
 						RefreshInterval: model.Duration(60 * time.Second),
 						TLSConfig: config_util.TLSConfig{
-							CAFile:   "valid_ca_file",
-							CertFile: "valid_cert_file",
-							KeyFile:  "valid_key_file",
+							CAFile:   "testdata/valid_ca_file",
+							CertFile: "testdata/valid_cert_file",
+							KeyFile:  "testdata/valid_key_file",
 						},
 					},
 				},
@ -603,7 +625,7 @@ func TestLoadConfig(t *testing.T) {
 	testutil.Ok(t, err)

 	expectedConf.original = c.original
-	testutil.Equals(t, expectedConf, c)
+	assert.Equal(t, expectedConf, c)
 }

 // YAML marshaling must not reveal authentication credentials.
--- a/config/testdata/conf.good.yml
+++ b/config/testdata/conf.good.yml
@ -19,6 +19,9 @@ remote_write:
      regex:         expensive.*
      action:        drop
  - url: http://remote2/push
+    tls_config:
+      cert_file: valid_cert_file
+      key_file: valid_key_file

 remote_read:
  - url: http://remote1/read
@ -27,6 +30,9 @@ remote_read:
    read_recent: false
    required_matchers:
      job: special
+    tls_config:
+      cert_file: valid_cert_file
+      key_file: valid_key_file

 scrape_configs:
 - job_name: prometheus
@ -153,6 +159,9 @@ scrape_configs:
  kubernetes_sd_configs:
  - role: endpoints
    api_server: 'https://localhost:1234'
+    tls_config:
+      cert_file: valid_cert_file
+      key_file: valid_key_file

    basic_auth:
      username: 'myusername'
@ -167,6 +176,11 @@ scrape_configs:
      names:
        - default

+  basic_auth:
+    username: 'myusername'
+    password_file: valid_password_file
+
+
 - job_name: service-marathon
  marathon_sd_configs:
  - servers:
@ -231,8 +245,8 @@ scrape_configs:
    refresh_interval: 1m
    version: 1
    tls_config:
-      cert_file: testdata/valid_cert_file
-      key_file: testdata/valid_key_file
+      cert_file: valid_cert_file
+      key_file: valid_key_file

 - job_name: service-openstack
  openstack_sd_configs:
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -262,8 +262,8 @@ github.com/shurcooL/httpfs/vfsutil
 # github.com/shurcooL/vfsgen v0.0.0-20180711163814-62bca832be04
 github.com/shurcooL/vfsgen
 # github.com/stretchr/testify v1.2.2
-github.com/stretchr/testify/require
 github.com/stretchr/testify/assert
+github.com/stretchr/testify/require
 # go.opencensus.io v0.18.1-0.20181204023538-aab39bd6a98b
 go.opencensus.io/plugin/ochttp
 go.opencensus.io/plugin/ochttp/propagation/tracecontext