Skip to content

Commit

Permalink
Add ability to dynamically get authentication information (DataDog#7660)
Browse files Browse the repository at this point in the history
* Add ability to dynamically get authentication information

* Update config specs

* incorporate feedback

* Apply suggestions from code review

Co-authored-by: ruthnaebeck <[email protected]>

* sync config

* easier default

* gracefully retry

* update from master

* address

Co-authored-by: ruthnaebeck <[email protected]>
  • Loading branch information
ofek and ruthnaebeck authored Oct 8, 2020
1 parent 1b176b8 commit e9bbcf2
Show file tree
Hide file tree
Showing 50 changed files with 1,890 additions and 4 deletions.
28 changes: 28 additions & 0 deletions activemq_xml/datadog_checks/activemq_xml/data/conf.yaml.example
Original file line number Diff line number Diff line change
Expand Up @@ -217,6 +217,34 @@ instances:
#
# kerberos_keytab: <KEYTAB_FILE_PATH>

## @param auth_token - mapping - optional
## This allows for the use of authentication information from dynamic sources.
## Both a reader and writer must be configured.
##
## The available readers are:
##
## - type: file
## path (required): The absolute path for the file to read from.
## pattern: A regular expression pattern with a single capture group used to find the
## token rather than using the entire file, for example: Your secret is (.+)
##
## The available writers are:
##
## - type: header
## name (required): The name of the field, for example: Authorization
## value: The template value, for example `Bearer <TOKEN>`. The default is: <TOKEN>
## placeholder: The substring in `value` to replace by the token, defaults to: <TOKEN>
#
# auth_token:
# reader:
# type: <READER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>
# writer:
# type: <WRITER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>

## @param aws_region - string - optional
## If your services require AWS Signature Version 4 signing, set the region.
##
Expand Down
28 changes: 28 additions & 0 deletions airflow/datadog_checks/airflow/data/conf.yaml.example
Original file line number Diff line number Diff line change
Expand Up @@ -188,6 +188,34 @@ instances:
#
# kerberos_keytab: <KEYTAB_FILE_PATH>

## @param auth_token - mapping - optional
## This allows for the use of authentication information from dynamic sources.
## Both a reader and writer must be configured.
##
## The available readers are:
##
## - type: file
## path (required): The absolute path for the file to read from.
## pattern: A regular expression pattern with a single capture group used to find the
## token rather than using the entire file, for example: Your secret is (.+)
##
## The available writers are:
##
## - type: header
## name (required): The name of the field, for example: Authorization
## value: The template value, for example `Bearer <TOKEN>`. The default is: <TOKEN>
## placeholder: The substring in `value` to replace by the token, defaults to: <TOKEN>
#
# auth_token:
# reader:
# type: <READER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>
# writer:
# type: <WRITER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>

## @param aws_region - string - optional
## If your services require AWS Signature Version 4 signing, set the region.
##
Expand Down
28 changes: 28 additions & 0 deletions amazon_msk/datadog_checks/amazon_msk/data/conf.yaml.example
Original file line number Diff line number Diff line change
Expand Up @@ -306,6 +306,34 @@ instances:
#
# kerberos_keytab: <KEYTAB_FILE_PATH>

## @param auth_token - mapping - optional
## This allows for the use of authentication information from dynamic sources.
## Both a reader and writer must be configured.
##
## The available readers are:
##
## - type: file
## path (required): The absolute path for the file to read from.
## pattern: A regular expression pattern with a single capture group used to find the
## token rather than using the entire file, for example: Your secret is (.+)
##
## The available writers are:
##
## - type: header
## name (required): The name of the field, for example: Authorization
## value: The template value, for example `Bearer <TOKEN>`. The default is: <TOKEN>
## placeholder: The substring in `value` to replace by the token, defaults to: <TOKEN>
#
# auth_token:
# reader:
# type: <READER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>
# writer:
# type: <WRITER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>

## @param aws_region - string - optional
## If your services require AWS Signature Version 4 signing, set the region.
##
Expand Down
28 changes: 28 additions & 0 deletions ambari/datadog_checks/ambari/data/conf.yaml.example
Original file line number Diff line number Diff line change
Expand Up @@ -217,6 +217,34 @@ instances:
#
# kerberos_keytab: <KEYTAB_FILE_PATH>

## @param auth_token - mapping - optional
## This allows for the use of authentication information from dynamic sources.
## Both a reader and writer must be configured.
##
## The available readers are:
##
## - type: file
## path (required): The absolute path for the file to read from.
## pattern: A regular expression pattern with a single capture group used to find the
## token rather than using the entire file, for example: Your secret is (.+)
##
## The available writers are:
##
## - type: header
## name (required): The name of the field, for example: Authorization
## value: The template value, for example `Bearer <TOKEN>`. The default is: <TOKEN>
## placeholder: The substring in `value` to replace by the token, defaults to: <TOKEN>
#
# auth_token:
# reader:
# type: <READER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>
# writer:
# type: <WRITER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>

## @param aws_region - string - optional
## If your services require AWS Signature Version 4 signing, set the region.
##
Expand Down
28 changes: 28 additions & 0 deletions apache/datadog_checks/apache/data/conf.yaml.example
Original file line number Diff line number Diff line change
Expand Up @@ -188,6 +188,34 @@ instances:
#
# kerberos_keytab: <KEYTAB_FILE_PATH>

## @param auth_token - mapping - optional
## This allows for the use of authentication information from dynamic sources.
## Both a reader and writer must be configured.
##
## The available readers are:
##
## - type: file
## path (required): The absolute path for the file to read from.
## pattern: A regular expression pattern with a single capture group used to find the
## token rather than using the entire file, for example: Your secret is (.+)
##
## The available writers are:
##
## - type: header
## name (required): The name of the field, for example: Authorization
## value: The template value, for example `Bearer <TOKEN>`. The default is: <TOKEN>
## placeholder: The substring in `value` to replace by the token, defaults to: <TOKEN>
#
# auth_token:
# reader:
# type: <READER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>
# writer:
# type: <WRITER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>

## @param aws_region - string - optional
## If your services require AWS Signature Version 4 signing, set the region.
##
Expand Down
28 changes: 28 additions & 0 deletions cilium/datadog_checks/cilium/data/conf.yaml.example
Original file line number Diff line number Diff line change
Expand Up @@ -260,6 +260,34 @@ instances:
#
# kerberos_keytab: <KEYTAB_FILE_PATH>

## @param auth_token - mapping - optional
## This allows for the use of authentication information from dynamic sources.
## Both a reader and writer must be configured.
##
## The available readers are:
##
## - type: file
## path (required): The absolute path for the file to read from.
## pattern: A regular expression pattern with a single capture group used to find the
## token rather than using the entire file, for example: Your secret is (.+)
##
## The available writers are:
##
## - type: header
## name (required): The name of the field, for example: Authorization
## value: The template value, for example `Bearer <TOKEN>`. The default is: <TOKEN>
## placeholder: The substring in `value` to replace by the token, defaults to: <TOKEN>
#
# auth_token:
# reader:
# type: <READER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>
# writer:
# type: <WRITER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>

## @param aws_region - string - optional
## If your services require AWS Signature Version 4 signing, set the region.
##
Expand Down
28 changes: 28 additions & 0 deletions cisco_aci/datadog_checks/cisco_aci/data/conf.yaml.example
Original file line number Diff line number Diff line change
Expand Up @@ -155,6 +155,34 @@ instances:
#
# use_legacy_auth_encoding: true

## @param auth_token - mapping - optional
## This allows for the use of authentication information from dynamic sources.
## Both a reader and writer must be configured.
##
## The available readers are:
##
## - type: file
## path (required): The absolute path for the file to read from.
## pattern: A regular expression pattern with a single capture group used to find the
## token rather than using the entire file, for example: Your secret is (.+)
##
## The available writers are:
##
## - type: header
## name (required): The name of the field, for example: Authorization
## value: The template value, for example `Bearer <TOKEN>`. The default is: <TOKEN>
## placeholder: The substring in `value` to replace by the token, defaults to: <TOKEN>
#
# auth_token:
# reader:
# type: <READER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>
# writer:
# type: <WRITER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>

## @param tls_verify - boolean - optional - default: true
## Instructs the check to validate the TLS certificate of services.
#
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,34 @@ instances:
#
# use_legacy_auth_encoding: true

## @param auth_token - mapping - optional
## This allows for the use of authentication information from dynamic sources.
## Both a reader and writer must be configured.
##
## The available readers are:
##
## - type: file
## path (required): The absolute path for the file to read from.
## pattern: A regular expression pattern with a single capture group used to find the
## token rather than using the entire file, for example: Your secret is (.+)
##
## The available writers are:
##
## - type: header
## name (required): The name of the field, for example: Authorization
## value: The template value, for example `Bearer <TOKEN>`. The default is: <TOKEN>
## placeholder: The substring in `value` to replace by the token, defaults to: <TOKEN>
#
# auth_token:
# reader:
# type: <READER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>
# writer:
# type: <WRITER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>

## @param tls_verify - boolean - optional - default: true
## Instructs the check to validate the TLS certificate of services.
#
Expand Down
28 changes: 28 additions & 0 deletions cockroachdb/datadog_checks/cockroachdb/data/conf.yaml.example
Original file line number Diff line number Diff line change
Expand Up @@ -284,6 +284,34 @@ instances:
#
# kerberos_keytab: <KEYTAB_FILE_PATH>

## @param auth_token - mapping - optional
## This allows for the use of authentication information from dynamic sources.
## Both a reader and writer must be configured.
##
## The available readers are:
##
## - type: file
## path (required): The absolute path for the file to read from.
## pattern: A regular expression pattern with a single capture group used to find the
## token rather than using the entire file, for example: Your secret is (.+)
##
## The available writers are:
##
## - type: header
## name (required): The name of the field, for example: Authorization
## value: The template value, for example `Bearer <TOKEN>`. The default is: <TOKEN>
## placeholder: The substring in `value` to replace by the token, defaults to: <TOKEN>
#
# auth_token:
# reader:
# type: <READER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>
# writer:
# type: <WRITER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>

## @param aws_region - string - optional
## If your services require AWS Signature Version 4 signing, set the region.
##
Expand Down
28 changes: 28 additions & 0 deletions consul/datadog_checks/consul/data/conf.yaml.example
Original file line number Diff line number Diff line change
Expand Up @@ -257,6 +257,34 @@ instances:
#
# kerberos_keytab: <KEYTAB_FILE_PATH>

## @param auth_token - mapping - optional
## This allows for the use of authentication information from dynamic sources.
## Both a reader and writer must be configured.
##
## The available readers are:
##
## - type: file
## path (required): The absolute path for the file to read from.
## pattern: A regular expression pattern with a single capture group used to find the
## token rather than using the entire file, for example: Your secret is (.+)
##
## The available writers are:
##
## - type: header
## name (required): The name of the field, for example: Authorization
## value: The template value, for example `Bearer <TOKEN>`. The default is: <TOKEN>
## placeholder: The substring in `value` to replace by the token, defaults to: <TOKEN>
#
# auth_token:
# reader:
# type: <READER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>
# writer:
# type: <WRITER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>

## @param aws_region - string - optional
## If your services require AWS Signature Version 4 signing, set the region.
##
Expand Down
28 changes: 28 additions & 0 deletions coredns/datadog_checks/coredns/data/conf.yaml.example
Original file line number Diff line number Diff line change
Expand Up @@ -303,6 +303,34 @@ instances:
#
# kerberos_keytab: <KEYTAB_FILE_PATH>

## @param auth_token - mapping - optional
## This allows for the use of authentication information from dynamic sources.
## Both a reader and writer must be configured.
##
## The available readers are:
##
## - type: file
## path (required): The absolute path for the file to read from.
## pattern: A regular expression pattern with a single capture group used to find the
## token rather than using the entire file, for example: Your secret is (.+)
##
## The available writers are:
##
## - type: header
## name (required): The name of the field, for example: Authorization
## value: The template value, for example `Bearer <TOKEN>`. The default is: <TOKEN>
## placeholder: The substring in `value` to replace by the token, defaults to: <TOKEN>
#
# auth_token:
# reader:
# type: <READER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>
# writer:
# type: <WRITER_TYPE>
# <OPTION_1>: <VALUE_1>
# <OPTION_2>: <VALUE_2>

## @param aws_region - string - optional
## If your services require AWS Signature Version 4 signing, set the region.
##
Expand Down
Loading

0 comments on commit e9bbcf2

Please sign in to comment.