diff options
Diffstat (limited to 'vendor/github.com/prometheus/common/config')
13 files changed, 0 insertions, 595 deletions
diff --git a/vendor/github.com/prometheus/common/config/config.go b/vendor/github.com/prometheus/common/config/config.go deleted file mode 100644 index 9195c34bf..000000000 --- a/vendor/github.com/prometheus/common/config/config.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright 2016 The Prometheus Authors -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package config - -import ( - "fmt" - "strings" -) - -func checkOverflow(m map[string]interface{}, ctx string) error { - if len(m) > 0 { - var keys []string - for k := range m { - keys = append(keys, k) - } - return fmt.Errorf("unknown fields in %s: %s", ctx, strings.Join(keys, ", ")) - } - return nil -} - -// Secret special type for storing secrets. -type Secret string - -// MarshalYAML implements the yaml.Marshaler interface for Secrets. -func (s Secret) MarshalYAML() (interface{}, error) { - if s != "" { - return "<secret>", nil - } - return nil, nil -} - -//UnmarshalYAML implements the yaml.Unmarshaler interface for Secrets. -func (s *Secret) UnmarshalYAML(unmarshal func(interface{}) error) error { - type plain Secret - return unmarshal((*plain)(s)) -} diff --git a/vendor/github.com/prometheus/common/config/http_config.go b/vendor/github.com/prometheus/common/config/http_config.go deleted file mode 100644 index ea231bf8d..000000000 --- a/vendor/github.com/prometheus/common/config/http_config.go +++ /dev/null @@ -1,281 +0,0 @@ -// Copyright 2016 The Prometheus Authors -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package config - -import ( - "crypto/tls" - "crypto/x509" - "fmt" - "io/ioutil" - "net/http" - "net/url" - "strings" - - "gopkg.in/yaml.v2" -) - -// BasicAuth contains basic HTTP authentication credentials. -type BasicAuth struct { - Username string `yaml:"username"` - Password Secret `yaml:"password"` - - // Catches all undefined fields and must be empty after parsing. - XXX map[string]interface{} `yaml:",inline"` -} - -// URL is a custom URL type that allows validation at configuration load time. -type URL struct { - *url.URL -} - -// UnmarshalYAML implements the yaml.Unmarshaler interface for URLs. -func (u *URL) UnmarshalYAML(unmarshal func(interface{}) error) error { - var s string - if err := unmarshal(&s); err != nil { - return err - } - - urlp, err := url.Parse(s) - if err != nil { - return err - } - u.URL = urlp - return nil -} - -// MarshalYAML implements the yaml.Marshaler interface for URLs. -func (u URL) MarshalYAML() (interface{}, error) { - if u.URL != nil { - return u.String(), nil - } - return nil, nil -} - -// HTTPClientConfig configures an HTTP client. -type HTTPClientConfig struct { - // The HTTP basic authentication credentials for the targets. - BasicAuth *BasicAuth `yaml:"basic_auth,omitempty"` - // The bearer token for the targets. - BearerToken Secret `yaml:"bearer_token,omitempty"` - // The bearer token file for the targets. - BearerTokenFile string `yaml:"bearer_token_file,omitempty"` - // HTTP proxy server to use to connect to the targets. - ProxyURL URL `yaml:"proxy_url,omitempty"` - // TLSConfig to use to connect to the targets. - TLSConfig TLSConfig `yaml:"tls_config,omitempty"` - - // Catches all undefined fields and must be empty after parsing. - XXX map[string]interface{} `yaml:",inline"` -} - -// Validate validates the HTTPClientConfig to check only one of BearerToken, -// BasicAuth and BearerTokenFile is configured. -func (c *HTTPClientConfig) Validate() error { - if len(c.BearerToken) > 0 && len(c.BearerTokenFile) > 0 { - return fmt.Errorf("at most one of bearer_token & bearer_token_file must be configured") - } - if c.BasicAuth != nil && (len(c.BearerToken) > 0 || len(c.BearerTokenFile) > 0) { - return fmt.Errorf("at most one of basic_auth, bearer_token & bearer_token_file must be configured") - } - return nil -} - -// UnmarshalYAML implements the yaml.Unmarshaler interface -func (c *HTTPClientConfig) UnmarshalYAML(unmarshal func(interface{}) error) error { - type plain HTTPClientConfig - err := unmarshal((*plain)(c)) - if err != nil { - return err - } - err = c.Validate() - if err != nil { - return c.Validate() - } - return checkOverflow(c.XXX, "http_client_config") -} - -// UnmarshalYAML implements the yaml.Unmarshaler interface. -func (a *BasicAuth) UnmarshalYAML(unmarshal func(interface{}) error) error { - type plain BasicAuth - err := unmarshal((*plain)(a)) - if err != nil { - return err - } - return checkOverflow(a.XXX, "basic_auth") -} - -// NewHTTPClientFromConfig returns a new HTTP client configured for the -// given config.HTTPClientConfig. -func NewHTTPClientFromConfig(cfg *HTTPClientConfig) (*http.Client, error) { - tlsConfig, err := NewTLSConfig(&cfg.TLSConfig) - if err != nil { - return nil, err - } - - // It's the caller's job to handle timeouts - var rt http.RoundTripper = &http.Transport{ - Proxy: http.ProxyURL(cfg.ProxyURL.URL), - DisableKeepAlives: true, - TLSClientConfig: tlsConfig, - } - - // If a bearer token is provided, create a round tripper that will set the - // Authorization header correctly on each request. - bearerToken := cfg.BearerToken - if len(bearerToken) == 0 && len(cfg.BearerTokenFile) > 0 { - b, err := ioutil.ReadFile(cfg.BearerTokenFile) - if err != nil { - return nil, fmt.Errorf("unable to read bearer token file %s: %s", cfg.BearerTokenFile, err) - } - bearerToken = Secret(strings.TrimSpace(string(b))) - } - - if len(bearerToken) > 0 { - rt = NewBearerAuthRoundTripper(bearerToken, rt) - } - - if cfg.BasicAuth != nil { - rt = NewBasicAuthRoundTripper(cfg.BasicAuth.Username, Secret(cfg.BasicAuth.Password), rt) - } - - // Return a new client with the configured round tripper. - return &http.Client{Transport: rt}, nil -} - -type bearerAuthRoundTripper struct { - bearerToken Secret - rt http.RoundTripper -} - -type basicAuthRoundTripper struct { - username string - password Secret - rt http.RoundTripper -} - -// NewBasicAuthRoundTripper will apply a BASIC auth authorization header to a request unless it has -// already been set. -func NewBasicAuthRoundTripper(username string, password Secret, rt http.RoundTripper) http.RoundTripper { - return &basicAuthRoundTripper{username, password, rt} -} - -func (rt *bearerAuthRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) { - if len(req.Header.Get("Authorization")) == 0 { - req = cloneRequest(req) - req.Header.Set("Authorization", "Bearer "+string(rt.bearerToken)) - } - - return rt.rt.RoundTrip(req) -} - -// NewBearerAuthRoundTripper adds the provided bearer token to a request unless the authorization -// header has already been set. -func NewBearerAuthRoundTripper(bearer Secret, rt http.RoundTripper) http.RoundTripper { - return &bearerAuthRoundTripper{bearer, rt} -} - -func (rt *basicAuthRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) { - if len(req.Header.Get("Authorization")) != 0 { - return rt.RoundTrip(req) - } - req = cloneRequest(req) - req.SetBasicAuth(rt.username, string(rt.password)) - return rt.rt.RoundTrip(req) -} - -// cloneRequest returns a clone of the provided *http.Request. -// The clone is a shallow copy of the struct and its Header map. -func cloneRequest(r *http.Request) *http.Request { - // Shallow copy of the struct. - r2 := new(http.Request) - *r2 = *r - // Deep copy of the Header. - r2.Header = make(http.Header) - for k, s := range r.Header { - r2.Header[k] = s - } - return r2 -} - -// NewTLSConfig creates a new tls.Config from the given config.TLSConfig. -func NewTLSConfig(cfg *TLSConfig) (*tls.Config, error) { - tlsConfig := &tls.Config{InsecureSkipVerify: cfg.InsecureSkipVerify} - - // If a CA cert is provided then let's read it in so we can validate the - // scrape target's certificate properly. - if len(cfg.CAFile) > 0 { - caCertPool := x509.NewCertPool() - // Load CA cert. - caCert, err := ioutil.ReadFile(cfg.CAFile) - if err != nil { - return nil, fmt.Errorf("unable to use specified CA cert %s: %s", cfg.CAFile, err) - } - caCertPool.AppendCertsFromPEM(caCert) - tlsConfig.RootCAs = caCertPool - } - - if len(cfg.ServerName) > 0 { - tlsConfig.ServerName = cfg.ServerName - } - - // If a client cert & key is provided then configure TLS config accordingly. - if len(cfg.CertFile) > 0 && len(cfg.KeyFile) == 0 { - return nil, fmt.Errorf("client cert file %q specified without client key file", cfg.CertFile) - } else if len(cfg.KeyFile) > 0 && len(cfg.CertFile) == 0 { - return nil, fmt.Errorf("client key file %q specified without client cert file", cfg.KeyFile) - } else if len(cfg.CertFile) > 0 && len(cfg.KeyFile) > 0 { - cert, err := tls.LoadX509KeyPair(cfg.CertFile, cfg.KeyFile) - if err != nil { - return nil, fmt.Errorf("unable to use specified client cert (%s) & key (%s): %s", cfg.CertFile, cfg.KeyFile, err) - } - tlsConfig.Certificates = []tls.Certificate{cert} - } - tlsConfig.BuildNameToCertificate() - - return tlsConfig, nil -} - -// TLSConfig configures the options for TLS connections. -type TLSConfig struct { - // The CA cert to use for the targets. - CAFile string `yaml:"ca_file,omitempty"` - // The client cert file for the targets. - CertFile string `yaml:"cert_file,omitempty"` - // The client key file for the targets. - KeyFile string `yaml:"key_file,omitempty"` - // Used to verify the hostname for the targets. - ServerName string `yaml:"server_name,omitempty"` - // Disable target certificate validation. - InsecureSkipVerify bool `yaml:"insecure_skip_verify"` - - // Catches all undefined fields and must be empty after parsing. - XXX map[string]interface{} `yaml:",inline"` -} - -// UnmarshalYAML implements the yaml.Unmarshaler interface. -func (c *TLSConfig) UnmarshalYAML(unmarshal func(interface{}) error) error { - type plain TLSConfig - if err := unmarshal((*plain)(c)); err != nil { - return err - } - return checkOverflow(c.XXX, "TLS config") -} - -func (c HTTPClientConfig) String() string { - b, err := yaml.Marshal(c) - if err != nil { - return fmt.Sprintf("<error creating http client config string: %s>", err) - } - return string(b) -} diff --git a/vendor/github.com/prometheus/common/config/http_config_test.go b/vendor/github.com/prometheus/common/config/http_config_test.go deleted file mode 100644 index 4b13e101b..000000000 --- a/vendor/github.com/prometheus/common/config/http_config_test.go +++ /dev/null @@ -1,157 +0,0 @@ -// Copyright 2015 The Prometheus Authors -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package config - -import ( - "io/ioutil" - "net/http" - "net/url" - "strings" - "testing" - - yaml "gopkg.in/yaml.v2" -) - -var invalidHTTPClientConfigs = []struct { - httpClientConfigFile string - errMsg string -}{ - { - httpClientConfigFile: "testdata/http.conf.bearer-token-and-file-set.bad.yml", - errMsg: "at most one of bearer_token & bearer_token_file must be configured", - }, - { - httpClientConfigFile: "testdata/http.conf.empty.bad.yml", - errMsg: "at most one of basic_auth, bearer_token & bearer_token_file must be configured", - }, -} - -func TestAuthRoundTrippers(t *testing.T) { - - cfg, _, err := LoadHTTPConfigFile("testdata/http.conf.good.yml") - if err != nil { - t.Errorf("Error loading HTTP client config: %v", err) - } - - tlsConfig, err := NewTLSConfig(&cfg.TLSConfig) - if err != nil { - t.Errorf("Error creating new TLS config: %v", err) - } - - rt := &http.Transport{ - Proxy: http.ProxyURL(cfg.ProxyURL.URL), - DisableKeepAlives: true, - TLSClientConfig: tlsConfig, - } - req := new(http.Request) - - bearerAuthRoundTripper := NewBearerAuthRoundTripper("mysecret", rt) - bearerAuthRoundTripper.RoundTrip(req) - - basicAuthRoundTripper := NewBasicAuthRoundTripper("username", "password", rt) - basicAuthRoundTripper.RoundTrip(req) -} - -func TestHideHTTPClientConfigSecrets(t *testing.T) { - c, _, err := LoadHTTPConfigFile("testdata/http.conf.good.yml") - if err != nil { - t.Errorf("Error parsing %s: %s", "testdata/http.conf.good.yml", err) - } - - // String method must not reveal authentication credentials. - s := c.String() - if strings.Contains(s, "mysecret") { - t.Fatal("http client config's String method reveals authentication credentials.") - } -} - -func mustParseURL(u string) *URL { - parsed, err := url.Parse(u) - if err != nil { - panic(err) - } - return &URL{URL: parsed} -} - -func TestNewClientFromConfig(t *testing.T) { - cfg, _, err := LoadHTTPConfigFile("testdata/http.conf.good.yml") - if err != nil { - t.Errorf("Error loading HTTP client config: %v", err) - } - _, err = NewHTTPClientFromConfig(cfg) - if err != nil { - t.Errorf("Error creating new client from config: %v", err) - } -} - -func TestNewClientFromInvalidConfig(t *testing.T) { - cfg, _, err := LoadHTTPConfigFile("testdata/http.conf.invalid-bearer-token-file.bad.yml") - if err != nil { - t.Errorf("Error loading HTTP client config: %v", err) - } - _, err = NewHTTPClientFromConfig(cfg) - if err == nil { - t.Error("Expected error creating new client from invalid config but got none") - } - if !strings.Contains(err.Error(), "unable to read bearer token file file: open file: no such file or directory") { - t.Errorf("Expected error with config but got: %s", err.Error()) - } -} - -func TestValidateHTTPConfig(t *testing.T) { - cfg, _, err := LoadHTTPConfigFile("testdata/http.conf.good.yml") - if err != nil { - t.Errorf("Error loading HTTP client config: %v", err) - } - err = cfg.Validate() - if err != nil { - t.Fatalf("Error validating %s: %s", "testdata/http.conf.good.yml", err) - } -} - -func TestInvalidHTTPConfigs(t *testing.T) { - for _, ee := range invalidHTTPClientConfigs { - _, _, err := LoadHTTPConfigFile(ee.httpClientConfigFile) - if err == nil { - t.Error("Expected error with config but got none") - continue - } - if !strings.Contains(err.Error(), ee.errMsg) { - t.Errorf("Expected error for invalid HTTP client configuration to contain %q but got: %s", ee.errMsg, err) - } - } -} - -// LoadHTTPConfig parses the YAML input s into a HTTPClientConfig. -func LoadHTTPConfig(s string) (*HTTPClientConfig, error) { - cfg := &HTTPClientConfig{} - err := yaml.Unmarshal([]byte(s), cfg) - if err != nil { - return nil, err - } - return cfg, nil -} - -// LoadHTTPConfigFile parses the given YAML file into a HTTPClientConfig. -func LoadHTTPConfigFile(filename string) (*HTTPClientConfig, []byte, error) { - content, err := ioutil.ReadFile(filename) - if err != nil { - return nil, nil, err - } - cfg, err := LoadHTTPConfig(string(content)) - if err != nil { - return nil, nil, err - } - return cfg, content, nil -} diff --git a/vendor/github.com/prometheus/common/config/testdata/http.conf.bearer-token-and-file-set.bad.yml b/vendor/github.com/prometheus/common/config/testdata/http.conf.bearer-token-and-file-set.bad.yml deleted file mode 100644 index c613bacb0..000000000 --- a/vendor/github.com/prometheus/common/config/testdata/http.conf.bearer-token-and-file-set.bad.yml +++ /dev/null @@ -1,5 +0,0 @@ -basic_auth: - username: username - password: "mysecret" -bearer_token: mysecret -bearer_token_file: file diff --git a/vendor/github.com/prometheus/common/config/testdata/http.conf.empty.bad.yml b/vendor/github.com/prometheus/common/config/testdata/http.conf.empty.bad.yml deleted file mode 100644 index ea2811f7c..000000000 --- a/vendor/github.com/prometheus/common/config/testdata/http.conf.empty.bad.yml +++ /dev/null @@ -1,4 +0,0 @@ -basic_auth: - username: username - password: mysecret -bearer_token_file: file diff --git a/vendor/github.com/prometheus/common/config/testdata/http.conf.good.yml b/vendor/github.com/prometheus/common/config/testdata/http.conf.good.yml deleted file mode 100644 index 46ca63908..000000000 --- a/vendor/github.com/prometheus/common/config/testdata/http.conf.good.yml +++ /dev/null @@ -1,4 +0,0 @@ -basic_auth: - username: username - password: "mysecret" -proxy_url: "http://remote.host" diff --git a/vendor/github.com/prometheus/common/config/testdata/http.conf.invalid-bearer-token-file.bad.yml b/vendor/github.com/prometheus/common/config/testdata/http.conf.invalid-bearer-token-file.bad.yml deleted file mode 100644 index 4b1349bf4..000000000 --- a/vendor/github.com/prometheus/common/config/testdata/http.conf.invalid-bearer-token-file.bad.yml +++ /dev/null @@ -1 +0,0 @@ -bearer_token_file: file diff --git a/vendor/github.com/prometheus/common/config/testdata/tls_config.cert_no_key.bad.yml b/vendor/github.com/prometheus/common/config/testdata/tls_config.cert_no_key.bad.yml deleted file mode 100644 index 7dfdc1ead..000000000 --- a/vendor/github.com/prometheus/common/config/testdata/tls_config.cert_no_key.bad.yml +++ /dev/null @@ -1 +0,0 @@ -cert_file: somefile diff --git a/vendor/github.com/prometheus/common/config/testdata/tls_config.empty.good.yml b/vendor/github.com/prometheus/common/config/testdata/tls_config.empty.good.yml deleted file mode 100644 index e69de29bb..000000000 --- a/vendor/github.com/prometheus/common/config/testdata/tls_config.empty.good.yml +++ /dev/null diff --git a/vendor/github.com/prometheus/common/config/testdata/tls_config.insecure.good.yml b/vendor/github.com/prometheus/common/config/testdata/tls_config.insecure.good.yml deleted file mode 100644 index d054383f1..000000000 --- a/vendor/github.com/prometheus/common/config/testdata/tls_config.insecure.good.yml +++ /dev/null @@ -1 +0,0 @@ -insecure_skip_verify: true diff --git a/vendor/github.com/prometheus/common/config/testdata/tls_config.invalid_field.bad.yml b/vendor/github.com/prometheus/common/config/testdata/tls_config.invalid_field.bad.yml deleted file mode 100644 index 12cbaac3b..000000000 --- a/vendor/github.com/prometheus/common/config/testdata/tls_config.invalid_field.bad.yml +++ /dev/null @@ -1 +0,0 @@ -something_invalid: true diff --git a/vendor/github.com/prometheus/common/config/testdata/tls_config.key_no_cert.bad.yml b/vendor/github.com/prometheus/common/config/testdata/tls_config.key_no_cert.bad.yml deleted file mode 100644 index cec045e89..000000000 --- a/vendor/github.com/prometheus/common/config/testdata/tls_config.key_no_cert.bad.yml +++ /dev/null @@ -1 +0,0 @@ -key_file: somefile diff --git a/vendor/github.com/prometheus/common/config/tls_config_test.go b/vendor/github.com/prometheus/common/config/tls_config_test.go deleted file mode 100644 index e2bd68edb..000000000 --- a/vendor/github.com/prometheus/common/config/tls_config_test.go +++ /dev/null @@ -1,92 +0,0 @@ -// Copyright 2016 The Prometheus Authors -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package config - -import ( - "crypto/tls" - "io/ioutil" - "reflect" - "strings" - "testing" - - "gopkg.in/yaml.v2" -) - -// LoadTLSConfig parses the given YAML file into a tls.Config. -func LoadTLSConfig(filename string) (*tls.Config, error) { - content, err := ioutil.ReadFile(filename) - if err != nil { - return nil, err - } - cfg := &TLSConfig{} - if err = yaml.Unmarshal(content, cfg); err != nil { - return nil, err - } - return NewTLSConfig(cfg) -} - -var expectedTLSConfigs = []struct { - filename string - config *tls.Config -}{ - { - filename: "tls_config.empty.good.yml", - config: &tls.Config{}, - }, { - filename: "tls_config.insecure.good.yml", - config: &tls.Config{InsecureSkipVerify: true}, - }, -} - -func TestValidTLSConfig(t *testing.T) { - for _, cfg := range expectedTLSConfigs { - cfg.config.BuildNameToCertificate() - got, err := LoadTLSConfig("testdata/" + cfg.filename) - if err != nil { - t.Errorf("Error parsing %s: %s", cfg.filename, err) - } - if !reflect.DeepEqual(*got, *cfg.config) { - t.Fatalf("%v: unexpected config result: \n\n%v\n expected\n\n%v", cfg.filename, got, cfg.config) - } - } -} - -var expectedTLSConfigErrors = []struct { - filename string - errMsg string -}{ - { - filename: "tls_config.invalid_field.bad.yml", - errMsg: "unknown fields in", - }, { - filename: "tls_config.cert_no_key.bad.yml", - errMsg: "specified without client key file", - }, { - filename: "tls_config.key_no_cert.bad.yml", - errMsg: "specified without client cert file", - }, -} - -func TestBadTLSConfigs(t *testing.T) { - for _, ee := range expectedTLSConfigErrors { - _, err := LoadTLSConfig("testdata/" + ee.filename) - if err == nil { - t.Errorf("Expected error parsing %s but got none", ee.filename) - continue - } - if !strings.Contains(err.Error(), ee.errMsg) { - t.Errorf("Expected error for %s to contain %q but got: %s", ee.filename, ee.errMsg, err) - } - } -} |