Skip to content

[jaeger-v2] Migrate ElasticSearch/OpenSearch to use OTEL's TLS configuration#6079

Merged
yurishkuro merged 1 commit intojaegertracing:mainfrom
mahadzaryab1:es-tls
Oct 14, 2024
Merged

[jaeger-v2] Migrate ElasticSearch/OpenSearch to use OTEL's TLS configuration#6079
yurishkuro merged 1 commit intojaegertracing:mainfrom
mahadzaryab1:es-tls

Conversation

@mahadzaryab1
Copy link
Copy Markdown
Collaborator

@mahadzaryab1 mahadzaryab1 commented Oct 13, 2024

Which problem is this PR solving?

Description of the changes

  • Migrated the ElasticSearch/OpenSearch configurations to use OTEL's TLS configurations
  • In a follow up PR, I'll re-evaluate the groupings of the configurations and add the missing mapstructure tags

How was this change tested?

  • CI

Checklist

@mahadzaryab1
Migrate To OTEL's TLS Configuration
638fee1 
Signed-off-by: Mahad Zaryab <mahadzaryab1@gmail.com>
@mahadzaryab1 mahadzaryab1 requested a review from a team as a code owner October 13, 2024 02:35
@codecov
Copy link
Copy Markdown

codecov bot commented Oct 13, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 96.92%. Comparing base (4beead7) to head (638fee1).
Report is 4 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #6079      +/-   ##
==========================================
- Coverage   96.92%   96.92%   -0.01%     
==========================================
  Files         351      351              
  Lines       16675    16672       -3     
==========================================
- Hits        16162    16159       -3     
  Misses        329      329              
  Partials      184      184
Flag Coverage Δ
badger_v1 7.99% <0.00%> (+<0.01%) ⬆️
badger_v2 1.84% <0.00%> (+<0.01%) ⬆️
cassandra-4.x-v1 15.75% <0.00%> (+<0.01%) ⬆️
cassandra-4.x-v2 1.77% <0.00%> (+<0.01%) ⬆️
cassandra-5.x-v1 15.75% <0.00%> (+<0.01%) ⬆️
cassandra-5.x-v2 1.77% <0.00%> (+<0.01%) ⬆️
elasticsearch-6.x-v1 19.05% <42.85%> (+0.11%) ⬆️
elasticsearch-7.x-v1 19.13% <42.85%> (+0.11%) ⬆️
elasticsearch-8.x-v1 19.31% <42.85%> (+0.11%) ⬆️
elasticsearch-8.x-v2 1.83% <0.00%> (-0.02%) ⬇️
grpc_v1 9.36% <0.00%> (+<0.01%) ⬆️
grpc_v2 7.12% <0.00%> (+<0.01%) ⬆️
kafka-v1 9.69% <0.00%> (+<0.01%) ⬆️
kafka-v2 1.84% <0.00%> (+<0.01%) ⬆️
memory_v2 1.84% <0.00%> (+<0.01%) ⬆️
opensearch-1.x-v1 19.17% <42.85%> (+0.12%) ⬆️
opensearch-2.x-v1 19.17% <42.85%> (+0.11%) ⬆️
opensearch-2.x-v2 1.84% <0.00%> (+<0.01%) ⬆️
tailsampling-processor 0.49% <0.00%> (+<0.01%) ⬆️
unittests 95.73% <100.00%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

yurishkuro
yurishkuro reviewed Oct 14, 2024
View reviewed changes
pkg/es/config/config_test.go
TLS: configtls.ClientConfig{
Insecure: true,
Config: configtls.Config{
CAFile: certFilePath.Name(),
Copy link
Copy Markdown
Member

@yurishkuro yurishkuro Oct 14, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what's the meaning of this combination Insecure: true but with a CAFile?

Copy link
Copy Markdown
Collaborator Author

@mahadzaryab1 mahadzaryab1 Oct 14, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@yurishkuro from the implementation of LoadTLSConfig, it looks like the configuration still gets loaded if the CAFile is present.

func (c ClientConfig) LoadTLSConfig(_ context.Context) (*tls.Config, error) {
	if c.Insecure && !c.hasCA() {
		return nil, nil
	}

	tlsCfg, err := c.loadTLSConfig()
	if err != nil {
		return nil, fmt.Errorf("failed to load TLS config: %w", err)
	}
	tlsCfg.ServerName = c.ServerName
	tlsCfg.InsecureSkipVerify = c.InsecureSkipVerify
	return tlsCfg, nil
}

@yurishkuro yurishkuro added the changelog:experimental Change to an experimental part of the code label Oct 14, 2024
@yurishkuro yurishkuro merged commit 20d91c2 into jaegertracing:main Oct 14, 2024
chahatsagarmain pushed a commit to chahatsagarmain/jaeger that referenced this pull request Oct 23, 2024
@mahadzaryab1 @chahatsagarmain
[jaeger-v2] Migrate ElasticSearch/OpenSearch to use OTEL's TLS config…
c9a8c6b 
…uration (jaegertracing#6079)

## Which problem is this PR solving?
- Towards jaegertracing#6059

## Description of the changes
- Migrated the ElasticSearch/OpenSearch configurations to use OTEL's TLS
configurations
- In a follow up PR, I'll re-evaluate the groupings of the
configurations and add the missing mapstructure tags

## How was this change tested?
- CI

## Checklist
- [x] I have read
https://github.com/jaegertracing/jaeger/blob/master/CONTRIBUTING_GUIDELINES.md
- [x] I have signed all commits
- [x] I have added unit tests for the new functionality
- [x] I have run lint and test steps successfully
  - for `jaeger`: `make lint test`
  - for `jaeger-ui`: `yarn lint` and `yarn test`

Signed-off-by: Mahad Zaryab <mahadzaryab1@gmail.com>
@mahadzaryab1 mahadzaryab1 deleted the es-tls branch October 31, 2024 22:35
@yurishkuro yurishkuro mentioned this pull request Nov 27, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yurishkuro yurishkuro yurishkuro approved these changes

@joe-elliott joe-elliott Awaiting requested review from joe-elliott joe-elliott is a code owner automatically assigned from jaegertracing/jaeger-maintainers

Assignees

No one assigned

Labels

area/storage changelog:experimental Change to an experimental part of the code v2

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mahadzaryab1 @yurishkuro