[extension/opamp] Redact values in effective config #33267
Conversation
|
Can processors be excluded from the redaction? The ability to see the processor's original config and the sequence of processors under a pipeline would be great because when we (me and the internal team I work with) look at the effective config, it's usually the processors and their config to troubleshoot the output data-related issues. I am probably wrong about this but there aren't any processors with secrets in the config? |
Unfortunately one of the resource detection processor detectors has a secret in the config. We could loosen the requirements to pass through values in arrays, which aren't used as secrets anywhere. Would this help your case, or do you need full processor configs? If absolutely necessary, I could put this functionality behind an on-by-default feature gate, though I would like to avoid that if possible. |
evan-bradley
force-pushed
the
redact-effective-config
branch
3 times, most recently
from
662fc47 to
a84b5a9
Compare
is it going to be arrays with primitive data types only or arrays of structs (for example, sampling policies) would also be excluded? |
|
It would be great to add some sort of annotation mechanism in the future to allow components to declare which parts of their config needs to be redacted and which part can stay as is. |
@srikanthccv I think we would probably just terminate recursing into the map once we hit an array, so any array values would be unredacted. I will need to double check that no
@tigrannajaryan We have this today with |
evan-bradley
force-pushed
the
redact-effective-config
branch
from
a84b5a9 to
da1ce94
Compare
|
@srikanthccv One example I found of secrets inside arrays is that the Prometheus receiver has secrets in its scrape configs. I would prefer not to make guesses for which values may be secret or not, is there another way we can make this work for you? |
|
@jaronoff97 I'd also appreciate your feedback here, I know the Operator uses the OpAMP extension. Will this change cause major issues for users? |
|
@evan-bradley right now the operator only uses the opamp-go repo for this, so the bridge shouldn't be effected by this change. The bridge gets around all of this because we're not loading any potential secrets/env vars and just taking exactly what the user gave prior to any replacements. Taking a look at this, I agree with Tigran that having some mechanism to annotate what should and shouldn't be redacted would be valuable. I understand that doing so is probably not the simplest and is fine to not include in this initial version. Is there a reason we can't just use the confmap's Marshal function which should do the redaction correctly? I saw this test in core that made me think this was possible. This would be different than today where we just do a blind convert to a |
|
The issue is that the marshaling logic in confmap only reads in I investigated this and ended up at a dead end in this PR. We will need to either update the marshaling/unmarshaling library the Collector uses (moving away from mapstructure and to a YAML library) or update our use of mapstructure. |
evan-bradley
force-pushed
the
redact-effective-config
branch
from
da1ce94 to
99313dd
Compare
|
In addition to the default |
|
Thanks everyone for your input. I think we are all in agreement, so I will merge this. Since it is so restrictive, any changes going forward will be non-breaking and should be more straightforward. |
Description:
Redacts primitive values in the effective config reported by the extension.
Necessary for #31641 until open-telemetry/opentelemetry-collector#10139 is resolved.
Relates to #32983