Skip to content

Commit

Permalink
http_response plugin: Add SSL config options
Browse files Browse the repository at this point in the history
closes #1264
  • Loading branch information
sparrc committed May 25, 2016
1 parent 5fe7e6e commit 3e4a195
Show file tree
Hide file tree
Showing 3 changed files with 42 additions and 5 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ time before a new metric is included by the plugin.

- [#1247](https://github.com/influxdata/telegraf/pull/1247): rollbar input plugin. Thanks @francois2metz and @cduez!
- [#1208](https://github.com/influxdata/telegraf/pull/1208): Standardized AWS credentials evaluation & wildcard CloudWatch dimensions. Thanks @johnrengelman!
- [#1264](https://github.com/influxdata/telegraf/pull/1264): Add SSL config options to http_response plugin.

### Bugfixes

Expand Down
7 changes: 7 additions & 0 deletions plugins/inputs/http_response/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,13 @@ This input plugin will test HTTP/HTTPS connections.
# body = '''
# {'fake':'data'}
# '''
## Optional SSL Config
# ssl_ca = "/etc/telegraf/ca.pem"
# ssl_cert = "/etc/telegraf/cert.pem"
# ssl_key = "/etc/telegraf/key.pem"
## Use SSL but skip chain & host verification
# insecure_skip_verify = false
```

### Measurements & Fields:
Expand Down
39 changes: 34 additions & 5 deletions plugins/inputs/http_response/http_response.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,15 @@ type HTTPResponse struct {
ResponseTimeout internal.Duration
Headers map[string]string
FollowRedirects bool

// Path to CA file
SSLCA string `toml:"ssl_ca"`
// Path to host cert file
SSLCert string `toml:"ssl_cert"`
// Path to cert key file
SSLKey string `toml:"ssl_key"`
// Use SSL but skip chain & host verification
InsecureSkipVerify bool
}

// Description returns the plugin Description
Expand All @@ -44,6 +53,13 @@ var sampleConfig = `
# body = '''
# {'fake':'data'}
# '''
## Optional SSL Config
# ssl_ca = "/etc/telegraf/ca.pem"
# ssl_cert = "/etc/telegraf/cert.pem"
# ssl_key = "/etc/telegraf/key.pem"
## Use SSL but skip chain & host verification
# insecure_skip_verify = false
`

// SampleConfig returns the plugin SampleConfig
Expand All @@ -56,25 +72,38 @@ var ErrRedirectAttempted = errors.New("redirect")

// CreateHttpClient creates an http client which will timeout at the specified
// timeout period and can follow redirects if specified
func CreateHttpClient(followRedirects bool, ResponseTimeout time.Duration) *http.Client {
func (h *HTTPResponse) createHttpClient() (*http.Client, error) {
tlsCfg, err := internal.GetTLSConfig(
h.SSLCert, h.SSLKey, h.SSLCA, h.InsecureSkipVerify)
if err != nil {
return nil, err
}
tr := &http.Transport{
ResponseHeaderTimeout: h.ResponseTimeout.Duration,
TLSClientConfig: tlsCfg,
}
client := &http.Client{
Timeout: ResponseTimeout,
Transport: tr,
Timeout: h.ResponseTimeout.Duration,
}

if followRedirects == false {
if h.FollowRedirects == false {
client.CheckRedirect = func(req *http.Request, via []*http.Request) error {
return ErrRedirectAttempted
}
}
return client
return client, nil
}

// HTTPGather gathers all fields and returns any errors it encounters
func (h *HTTPResponse) HTTPGather() (map[string]interface{}, error) {
// Prepare fields
fields := make(map[string]interface{})

client := CreateHttpClient(h.FollowRedirects, h.ResponseTimeout.Duration)
client, err := h.createHttpClient()
if err != nil {
return nil, err
}

var body io.Reader
if h.Body != "" {
Expand Down

0 comments on commit 3e4a195

Please sign in to comment.