Tracing/GRPC: Set TLS credentials only when insecure is false.

Fixes #10542

Signed-off-by: Julien Pivotto <roidelapluie@o11y.eu>
This commit is contained in:
Julien Pivotto 2022-04-14 12:44:02 +02:00 committed by Julien Pivotto
parent db8c550570
commit b4d0dcb6e8

View File

@ -183,6 +183,14 @@ func getClient(tracingCfg config.TracingConfig) (otlptrace.Client, error) {
opts := []otlptracegrpc.Option{otlptracegrpc.WithEndpoint(tracingCfg.Endpoint)} opts := []otlptracegrpc.Option{otlptracegrpc.WithEndpoint(tracingCfg.Endpoint)}
if tracingCfg.Insecure { if tracingCfg.Insecure {
opts = append(opts, otlptracegrpc.WithInsecure()) opts = append(opts, otlptracegrpc.WithInsecure())
} else {
// Use of TLS Credentials forces the use of TLS. Therefore it can
// only be set when `insecure` is set to false.
tlsConf, err := config_util.NewTLSConfig(&tracingCfg.TLSConfig)
if err != nil {
return nil, err
}
opts = append(opts, otlptracegrpc.WithTLSCredentials(credentials.NewTLS(tlsConf)))
} }
if tracingCfg.Compression != "" { if tracingCfg.Compression != "" {
opts = append(opts, otlptracegrpc.WithCompressor(tracingCfg.Compression)) opts = append(opts, otlptracegrpc.WithCompressor(tracingCfg.Compression))
@ -194,12 +202,6 @@ func getClient(tracingCfg config.TracingConfig) (otlptrace.Client, error) {
opts = append(opts, otlptracegrpc.WithTimeout(time.Duration(tracingCfg.Timeout))) opts = append(opts, otlptracegrpc.WithTimeout(time.Duration(tracingCfg.Timeout)))
} }
tlsConf, err := config_util.NewTLSConfig(&tracingCfg.TLSConfig)
if err != nil {
return nil, err
}
opts = append(opts, otlptracegrpc.WithTLSCredentials(credentials.NewTLS(tlsConf)))
client = otlptracegrpc.NewClient(opts...) client = otlptracegrpc.NewClient(opts...)
case config.TracingClientHTTP: case config.TracingClientHTTP:
opts := []otlptracehttp.Option{otlptracehttp.WithEndpoint(tracingCfg.Endpoint)} opts := []otlptracehttp.Option{otlptracehttp.WithEndpoint(tracingCfg.Endpoint)}