Expose initial and effective config for debugging purposes

[pjanotti]

Exposes config via an HTTP server at localhost if explicitly requested. Expose the config by setting the environment variable "SPLUNK_DEBUG_CONFIG_SERVER" to "true" (it won't work for any other value). By default it exposes the HTTP server at localhost:55555 with the following paths:

• /debug/configz/initial
• /debug/configz/effective

The first shows the initial configuration used by the collector the second the configuration actually in use by the collector. If the configuration is reloaded due to some update triggered by a config source the endpoint is briefly unavailable until the updated configuration is reloaded.

The exposed port is controlled by the env var "SPLUNK_CONFIG_SERVER_PORT" - if it is explicitly set to the empty string, e.g. SPLUNK_DEBUG_CONFIG_SERVER_PORT="" it disables the HTTP server.

On the effective configuration, it performs a simple attempt to redact all string values for which the key contains strings like "token", "secret", etc. This covers all components currently in use by the collector a more generic solution is desirable.

[codecov]

Codecov Report

Merging #325 (ee9a2ac) into main (237af7d) will decrease coverage by 1.39%.
The diff coverage is 48.83%.

❗ Current head ee9a2ac differs from pull request most recent head 94c4dae. Consider uploading reports for the commit 94c4dae to get more accurate results

@@            Coverage Diff             @@
##             main     #325      +/-   ##
==========================================
- Coverage   79.71%   78.31%   -1.40%     
==========================================
  Files          38       33       -5     
  Lines        2489     2412      -77     
==========================================
- Hits         1984     1889      -95     
- Misses        458      469      +11     
- Partials       47       54       +7     

Impacted Files	Coverage Δ
internal/configprovider/config_server.go	48.10% <48.10%> (ø)
internal/configprovider/config_source_provider.go	93.33% <57.14%> (-6.67%)	⬇️
internal/configprovider/helpers.go	36.36% <0.00%> (-45.46%)	⬇️
internal/configsources/configsources.go	100.00% <0.00%> (ø)
...rnal/configsource/zookeeperconfigsource/session.go
...configsource/zookeeperconfigsource/configsource.go
...rnal/configsource/zookeeperconfigsource/factory.go
internal/configsource/etcd2configsource/factory.go
...nal/configsource/etcd2configsource/configsource.go
internal/configsource/etcd2configsource/session.go
... and 1 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update f8d8894...94c4dae. Read the comment docs.

[pjanotti]

This is a simple solution for the time being. A better solution in my view will be to have a metadata annotation indicating which configuration fields must not be displayed on the configuration.

[pjanotti]

@pmcollins this may be something to be done together with annotating the configuration for documentation, i.e., we could annotate the fields with info to indicate if they are secrets and not display those annotated as secrets.

[tigrannajaryan]

Do we want to upstream this too?

[pjanotti]

Do we want to upstream this too?

My idea at this moment is to add a mechanism for the insertion of custom zPages and use it to add these pages but I'm not sure yet about the best path to add this support on the zPages extension.

[jrcamp]

My idea at this moment is to add a mechanism for the insertion of custom zPages and use it to add these pages but I'm not sure yet about the best path to add this support on the zPages extension.

@pjanotti I'm interested in this for a different use case but have some ideas if you want to discuss sometime.