From fa91807dc22750d11a46ebc53c3ee14c6ac64743 Mon Sep 17 00:00:00 2001 From: David de Lucca Date: Thu, 5 Jan 2023 15:03:26 -0300 Subject: [PATCH 01/13] refactor: add tracing on hydrator --- .../provider_koanf_public_test.go | 2 +- driver/registry_memory.go | 2 +- pipeline/mutate/mutator_hydrator.go | 42 ++++++++++--------- 3 files changed, 25 insertions(+), 21 deletions(-) diff --git a/driver/configuration/provider_koanf_public_test.go b/driver/configuration/provider_koanf_public_test.go index f995c72445..0eb7a74d0c 100644 --- a/driver/configuration/provider_koanf_public_test.go +++ b/driver/configuration/provider_koanf_public_test.go @@ -365,7 +365,7 @@ func TestKoanfProvider(t *testing.T) { }) t.Run("mutator=hydrator", func(t *testing.T) { - a := mutate.NewMutatorHydrator(p, new(x.TestLoggerProvider)) + a := mutate.NewMutatorHydrator(p, new(x.TestLoggerProvider), nil) assert.True(t, p.MutatorIsEnabled(a.GetID())) require.NoError(t, a.Validate(nil)) }) diff --git a/driver/registry_memory.go b/driver/registry_memory.go index 1df8acc7fb..3438e0173c 100644 --- a/driver/registry_memory.go +++ b/driver/registry_memory.go @@ -415,7 +415,7 @@ func (r *RegistryMemory) prepareMutators() { mutate.NewMutatorHeader(r.c), mutate.NewMutatorIDToken(r.c, r), mutate.NewMutatorNoop(r.c), - mutate.NewMutatorHydrator(r.c, r), + mutate.NewMutatorHydrator(r.c, r, r.Tracer()), } r.mutators = map[string]mutate.Mutator{} diff --git a/pipeline/mutate/mutator_hydrator.go b/pipeline/mutate/mutator_hydrator.go index 8b2be781bd..c7b1cf7546 100644 --- a/pipeline/mutate/mutator_hydrator.go +++ b/pipeline/mutate/mutator_hydrator.go @@ -13,6 +13,7 @@ import ( "time" "github.com/dgraph-io/ristretto" + "go.opentelemetry.io/otel/trace" "github.com/ory/oathkeeper/pipeline/authn" "github.com/ory/oathkeeper/x" @@ -37,12 +38,12 @@ const ( ) type MutatorHydrator struct { - c configuration.Provider - client *http.Client - d mutatorHydratorDependencies + c configuration.Provider + d mutatorHydratorDependencies - hydrateCache *ristretto.Cache - cacheTTL *time.Duration + hydrateCache *ristretto.Cache + cacheTTL *time.Duration + tracerProvider trace.Tracer } type BasicAuth struct { @@ -81,7 +82,7 @@ type mutatorHydratorDependencies interface { x.RegistryLogger } -func NewMutatorHydrator(c configuration.Provider, d mutatorHydratorDependencies) *MutatorHydrator { +func NewMutatorHydrator(c configuration.Provider, d mutatorHydratorDependencies, provider trace.Tracer) *MutatorHydrator { cache, _ := ristretto.NewCache(&ristretto.Config{ // This will hold about 1000 unique mutation responses. NumCounters: 10000, @@ -90,11 +91,14 @@ func NewMutatorHydrator(c configuration.Provider, d mutatorHydratorDependencies) // This is a best-practice value. BufferItems: 64, }) + + fmt.Println("XUXU") + return &MutatorHydrator{ - c: c, - d: d, - client: httpx.NewResilientClient().StandardClient(), - hydrateCache: cache, + c: c, + d: d, + hydrateCache: cache, + tracerProvider: provider, } } @@ -173,10 +177,10 @@ func (a *MutatorHydrator) Mutate(r *http.Request, session *authn.AuthenticationS req.Header.Set(contentTypeHeaderKey, contentTypeJSONHeaderValue) var client *http.Client + maxRetryDelay := time.Second + giveUpAfter := time.Millisecond * 50 if cfg.Api.Retry != nil { - maxRetryDelay := time.Second - giveUpAfter := time.Millisecond * 50 if len(cfg.Api.Retry.MaxDelay) > 0 { if d, err := time.ParseDuration(cfg.Api.Retry.MaxDelay); err != nil { a.d.Logger().WithError(err).Warn("Unable to parse max_delay in the Hydrator Mutator, falling pack to default.") @@ -191,15 +195,15 @@ func (a *MutatorHydrator) Mutate(r *http.Request, session *authn.AuthenticationS giveUpAfter = d } } - - client = httpx.NewResilientClient( - httpx.ResilientClientWithMaxRetryWait(maxRetryDelay), - httpx.ResilientClientWithConnectionTimeout(giveUpAfter), - ).StandardClient() - } else { - client = http.DefaultClient } + client = httpx.NewResilientClient( + httpx.ResilientClientWithMaxRetryWait(maxRetryDelay), + httpx.ResilientClientWithConnectionTimeout(giveUpAfter), + // httpx.ResilientClientWithTracer(a.tracerProvider.Tracer("otel")), + httpx.ResilientClientWithTracer(a.tracerProvider), + ).StandardClient() + res, err := client.Do(req.WithContext(r.Context())) if err != nil { return errors.WithStack(err) From 137fce8129efa6c21791774a88ab3e9171f54f06 Mon Sep 17 00:00:00 2001 From: David de Lucca Date: Thu, 5 Jan 2023 16:12:24 -0300 Subject: [PATCH 02/13] chore: remove commented code --- pipeline/mutate/mutator_hydrator.go | 1 - 1 file changed, 1 deletion(-) diff --git a/pipeline/mutate/mutator_hydrator.go b/pipeline/mutate/mutator_hydrator.go index c7b1cf7546..0126289577 100644 --- a/pipeline/mutate/mutator_hydrator.go +++ b/pipeline/mutate/mutator_hydrator.go @@ -200,7 +200,6 @@ func (a *MutatorHydrator) Mutate(r *http.Request, session *authn.AuthenticationS client = httpx.NewResilientClient( httpx.ResilientClientWithMaxRetryWait(maxRetryDelay), httpx.ResilientClientWithConnectionTimeout(giveUpAfter), - // httpx.ResilientClientWithTracer(a.tracerProvider.Tracer("otel")), httpx.ResilientClientWithTracer(a.tracerProvider), ).StandardClient() From 661bf6aff17795c79e02f5770a64e52c43f32e65 Mon Sep 17 00:00:00 2001 From: David de Lucca Date: Thu, 5 Jan 2023 16:36:28 -0300 Subject: [PATCH 03/13] chore: test pipeline --- .../authenticator_oauth2_introspection_test.go | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/pipeline/authn/authenticator_oauth2_introspection_test.go b/pipeline/authn/authenticator_oauth2_introspection_test.go index 417c08635f..2cbb5428aa 100644 --- a/pipeline/authn/authenticator_oauth2_introspection_test.go +++ b/pipeline/authn/authenticator_oauth2_introspection_test.go @@ -704,15 +704,15 @@ func TestAuthenticatorOAuth2Introspection(t *testing.T) { require.NoError(t, a.Authenticate(r, expected, config, nil)) assertHandlerWasCalled(t) - t.Run("case=request succeeds and uses the cache", func(t *testing.T) { - config := setup(t, `{ "trusted_issuers": ["foo", "bar"], "target_audience": ["audience"] }`) - sess := new(AuthenticationSession) - - err = a.Authenticate(r, sess, config, nil) - require.NoError(t, err) - assertCacheWasUsed(t) - assertx.EqualAsJSON(t, expected, sess) - }) + // t.Run("case=request succeeds and uses the cache", func(t *testing.T) { + // config := setup(t, `{ "trusted_issuers": ["foo", "bar"], "target_audience": ["audience"] }`) + // sess := new(AuthenticationSession) + + // err = a.Authenticate(r, sess, config, nil) + // require.NoError(t, err) + // assertCacheWasUsed(t) + // assertx.EqualAsJSON(t, expected, sess) + // }) t.Run("case=cache the initial request which also passes", func(t *testing.T) { config := setup(t, `{ "required_scope": ["scope-a"], "trusted_issuers": ["foo", "bar"], "target_audience": ["audience"] }`) From 7c7f21f4128289c25d2421b6fc38f07668483648 Mon Sep 17 00:00:00 2001 From: David de Lucca Date: Thu, 5 Jan 2023 16:42:11 -0300 Subject: [PATCH 04/13] chore: fix break test --- .../authenticator_oauth2_introspection_test.go | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/pipeline/authn/authenticator_oauth2_introspection_test.go b/pipeline/authn/authenticator_oauth2_introspection_test.go index 2cbb5428aa..8d475bbaba 100644 --- a/pipeline/authn/authenticator_oauth2_introspection_test.go +++ b/pipeline/authn/authenticator_oauth2_introspection_test.go @@ -704,15 +704,15 @@ func TestAuthenticatorOAuth2Introspection(t *testing.T) { require.NoError(t, a.Authenticate(r, expected, config, nil)) assertHandlerWasCalled(t) - // t.Run("case=request succeeds and uses the cache", func(t *testing.T) { - // config := setup(t, `{ "trusted_issuers": ["foo", "bar"], "target_audience": ["audience"] }`) - // sess := new(AuthenticationSession) - - // err = a.Authenticate(r, sess, config, nil) - // require.NoError(t, err) - // assertCacheWasUsed(t) - // assertx.EqualAsJSON(t, expected, sess) - // }) + t.Run("case=request succeeds and uses the cache", func(t *testing.T) { + config := setup(t, `{ "required_scope": ["scope-a"], "trusted_issuers": ["foo", "bar"], "target_audience": ["audience"] }`) + sess := new(AuthenticationSession) + + err = a.Authenticate(r, sess, config, nil) + require.NoError(t, err) + assertCacheWasUsed(t) + assertx.EqualAsJSON(t, expected, sess) + }) t.Run("case=cache the initial request which also passes", func(t *testing.T) { config := setup(t, `{ "required_scope": ["scope-a"], "trusted_issuers": ["foo", "bar"], "target_audience": ["audience"] }`) From fed7446599853eb35ff8f6c988b23e50ed339593 Mon Sep 17 00:00:00 2001 From: David de Lucca Date: Thu, 5 Jan 2023 16:46:28 -0300 Subject: [PATCH 05/13] chore: rename struct attributes --- pipeline/mutate/mutator_hydrator.go | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/pipeline/mutate/mutator_hydrator.go b/pipeline/mutate/mutator_hydrator.go index 0126289577..3763307565 100644 --- a/pipeline/mutate/mutator_hydrator.go +++ b/pipeline/mutate/mutator_hydrator.go @@ -41,9 +41,9 @@ type MutatorHydrator struct { c configuration.Provider d mutatorHydratorDependencies - hydrateCache *ristretto.Cache - cacheTTL *time.Duration - tracerProvider trace.Tracer + hydrateCache *ristretto.Cache + cacheTTL *time.Duration + tracer trace.Tracer } type BasicAuth struct { @@ -82,7 +82,7 @@ type mutatorHydratorDependencies interface { x.RegistryLogger } -func NewMutatorHydrator(c configuration.Provider, d mutatorHydratorDependencies, provider trace.Tracer) *MutatorHydrator { +func NewMutatorHydrator(c configuration.Provider, d mutatorHydratorDependencies, tracer trace.Tracer) *MutatorHydrator { cache, _ := ristretto.NewCache(&ristretto.Config{ // This will hold about 1000 unique mutation responses. NumCounters: 10000, @@ -91,14 +91,11 @@ func NewMutatorHydrator(c configuration.Provider, d mutatorHydratorDependencies, // This is a best-practice value. BufferItems: 64, }) - - fmt.Println("XUXU") - return &MutatorHydrator{ - c: c, - d: d, - hydrateCache: cache, - tracerProvider: provider, + c: c, + d: d, + hydrateCache: cache, + tracer: tracer, } } @@ -200,7 +197,7 @@ func (a *MutatorHydrator) Mutate(r *http.Request, session *authn.AuthenticationS client = httpx.NewResilientClient( httpx.ResilientClientWithMaxRetryWait(maxRetryDelay), httpx.ResilientClientWithConnectionTimeout(giveUpAfter), - httpx.ResilientClientWithTracer(a.tracerProvider), + httpx.ResilientClientWithTracer(a.tracer), ).StandardClient() res, err := client.Do(req.WithContext(r.Context())) From 90433ab3208fa99a0a1008a3d52a4b963fa6f3ea Mon Sep 17 00:00:00 2001 From: Arne Luenser Date: Fri, 6 Jan 2023 13:34:00 +0100 Subject: [PATCH 06/13] fix: refactor tracer injection in mutator --- .../provider_koanf_public_test.go | 2 +- driver/registry_memory.go | 4 +-- pipeline/mutate/mutator_hydrator.go | 31 +++++++------------ pipeline/mutate/mutator_hydrator_test.go | 4 +-- x/registry.go | 6 ++++ 5 files changed, 21 insertions(+), 26 deletions(-) diff --git a/driver/configuration/provider_koanf_public_test.go b/driver/configuration/provider_koanf_public_test.go index 0eb7a74d0c..f995c72445 100644 --- a/driver/configuration/provider_koanf_public_test.go +++ b/driver/configuration/provider_koanf_public_test.go @@ -365,7 +365,7 @@ func TestKoanfProvider(t *testing.T) { }) t.Run("mutator=hydrator", func(t *testing.T) { - a := mutate.NewMutatorHydrator(p, new(x.TestLoggerProvider), nil) + a := mutate.NewMutatorHydrator(p, new(x.TestLoggerProvider)) assert.True(t, p.MutatorIsEnabled(a.GetID())) require.NoError(t, a.Validate(nil)) }) diff --git a/driver/registry_memory.go b/driver/registry_memory.go index 3438e0173c..3f514d6fe2 100644 --- a/driver/registry_memory.go +++ b/driver/registry_memory.go @@ -67,8 +67,6 @@ type RegistryMemory struct { errors map[string]pe.Handler healthEventManager *health.DefaultHealthEventManager - - ruleRepositoryLock sync.Mutex } func (r *RegistryMemory) Init() { @@ -415,7 +413,7 @@ func (r *RegistryMemory) prepareMutators() { mutate.NewMutatorHeader(r.c), mutate.NewMutatorIDToken(r.c, r), mutate.NewMutatorNoop(r.c), - mutate.NewMutatorHydrator(r.c, r, r.Tracer()), + mutate.NewMutatorHydrator(r.c, r), } r.mutators = map[string]mutate.Mutator{} diff --git a/pipeline/mutate/mutator_hydrator.go b/pipeline/mutate/mutator_hydrator.go index 3763307565..e4dadba856 100644 --- a/pipeline/mutate/mutator_hydrator.go +++ b/pipeline/mutate/mutator_hydrator.go @@ -13,17 +13,14 @@ import ( "time" "github.com/dgraph-io/ristretto" + "github.com/pkg/errors" "go.opentelemetry.io/otel/trace" + "github.com/ory/oathkeeper/driver/configuration" + "github.com/ory/oathkeeper/pipeline" "github.com/ory/oathkeeper/pipeline/authn" "github.com/ory/oathkeeper/x" - "github.com/ory/x/httpx" - - "github.com/pkg/errors" - - "github.com/ory/oathkeeper/driver/configuration" - "github.com/ory/oathkeeper/pipeline" ) const ( @@ -42,8 +39,6 @@ type MutatorHydrator struct { d mutatorHydratorDependencies hydrateCache *ristretto.Cache - cacheTTL *time.Duration - tracer trace.Tracer } type BasicAuth struct { @@ -80,9 +75,10 @@ type MutatorHydratorConfig struct { type mutatorHydratorDependencies interface { x.RegistryLogger + Tracer() trace.Tracer } -func NewMutatorHydrator(c configuration.Provider, d mutatorHydratorDependencies, tracer trace.Tracer) *MutatorHydrator { +func NewMutatorHydrator(c configuration.Provider, d mutatorHydratorDependencies) *MutatorHydrator { cache, _ := ristretto.NewCache(&ristretto.Config{ // This will hold about 1000 unique mutation responses. NumCounters: 10000, @@ -95,7 +91,6 @@ func NewMutatorHydrator(c configuration.Provider, d mutatorHydratorDependencies, c: c, d: d, hydrateCache: cache, - tracer: tracer, } } @@ -173,32 +168,28 @@ func (a *MutatorHydrator) Mutate(r *http.Request, session *authn.AuthenticationS } req.Header.Set(contentTypeHeaderKey, contentTypeJSONHeaderValue) - var client *http.Client - maxRetryDelay := time.Second - giveUpAfter := time.Millisecond * 50 - + clientOpts := []httpx.ResilientOptions{httpx.ResilientClientWithTracer(a.d.Tracer())} if cfg.Api.Retry != nil { if len(cfg.Api.Retry.MaxDelay) > 0 { + maxRetryDelay := time.Second if d, err := time.ParseDuration(cfg.Api.Retry.MaxDelay); err != nil { a.d.Logger().WithError(err).Warn("Unable to parse max_delay in the Hydrator Mutator, falling pack to default.") } else { maxRetryDelay = d } + clientOpts = append(clientOpts, httpx.ResilientClientWithMaxRetryWait(maxRetryDelay)) } if len(cfg.Api.Retry.GiveUpAfter) > 0 { + giveUpAfter := time.Millisecond * 50 if d, err := time.ParseDuration(cfg.Api.Retry.GiveUpAfter); err != nil { a.d.Logger().WithError(err).Warn("Unable to parse max_delay in the Hydrator Mutator, falling pack to default.") } else { giveUpAfter = d } + clientOpts = append(clientOpts, httpx.ResilientClientWithConnectionTimeout(giveUpAfter)) } } - - client = httpx.NewResilientClient( - httpx.ResilientClientWithMaxRetryWait(maxRetryDelay), - httpx.ResilientClientWithConnectionTimeout(giveUpAfter), - httpx.ResilientClientWithTracer(a.tracer), - ).StandardClient() + client := httpx.NewResilientClient(clientOpts...).StandardClient() res, err := client.Do(req.WithContext(r.Context())) if err != nil { diff --git a/pipeline/mutate/mutator_hydrator_test.go b/pipeline/mutate/mutator_hydrator_test.go index 326cfad991..09abba87be 100644 --- a/pipeline/mutate/mutator_hydrator_test.go +++ b/pipeline/mutate/mutator_hydrator_test.go @@ -7,7 +7,7 @@ import ( "encoding/json" "errors" "fmt" - "io/ioutil" + "io" "net/http" "net/http/httptest" "net/url" @@ -64,7 +64,7 @@ func defaultRouterSetup(actions ...func(a *authn.AuthenticationSession)) routerS return func(t *testing.T) http.Handler { router := httprouter.New() router.POST("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { - body, err := ioutil.ReadAll(r.Body) + body, err := io.ReadAll(r.Body) require.NoError(t, err) var data authn.AuthenticationSession err = json.Unmarshal(body, &data) diff --git a/x/registry.go b/x/registry.go index 22ba0b9007..ec3b056978 100644 --- a/x/registry.go +++ b/x/registry.go @@ -4,6 +4,8 @@ package x import ( + "go.opentelemetry.io/otel/trace" + "github.com/ory/x/logrusx" "github.com/ory/herodot" @@ -15,6 +17,10 @@ func (lp *TestLoggerProvider) Logger() *logrusx.Logger { return logrusx.New("", "") } +func (lp *TestLoggerProvider) Tracer() trace.Tracer { + return nil +} + type RegistryLogger interface { Logger() *logrusx.Logger } From 9ec9bd6f5ee414d04920824c1f354cbfc40a3e58 Mon Sep 17 00:00:00 2001 From: David de Lucca Date: Fri, 6 Jan 2023 15:54:56 -0300 Subject: [PATCH 07/13] refactor: update oathkeeper json schema (#1051) --- spec/config.schema.json | 56 ++++++----------------------------------- 1 file changed, 7 insertions(+), 49 deletions(-) diff --git a/spec/config.schema.json b/spec/config.schema.json index 2409c777f5..7b6ce0a290 100644 --- a/spec/config.schema.json +++ b/spec/config.schema.json @@ -1915,69 +1915,27 @@ "sampling": { "type": "object", "propertyNames": { - "enum": ["type", "value", "server_url"] + "enum": ["server_url", "trace_id_ratio"] }, "allOf": [ - { - "oneOf": [ - { - "properties": { - "type": { - "description": "The type of the sampler you want to use.", - "const": "const" - }, - "value": { - "type": "integer", - "description": "The value passed to the sampler type that has been configured.", - "minimum": 0, - "maximum": 1 - } - } - }, - { - "properties": { - "type": { - "description": "The type of the sampler you want to use.", - "const": "rateLimiting" - }, - "value": { - "type": "integer", - "description": "The value passed to the sampler type that has been configured.", - "minimum": 0 - } - } - }, - { - "properties": { - "type": { - "description": "The type of the sampler you want to use.", - "const": "probabilistic" - }, - "value": { - "type": "number", - "description": "The value passed to the sampler type that has been configured.", - "minimum": 0, - "maximum": 1 - } - } - } - ] - }, { "properties": { "server_url": { "type": "string", "description": "The address of jaeger-agent's HTTP sampling server", "format": "uri" + }, + "trace_id_ratio": { + "type": "number", + "description": "The address of jaeger-agent's HTTP sampling server" } } } ], "examples": [ { - "type": "const", - "value": 1, - "server_url": "http://localhost:5778/sampling" + "server_url": "http://localhost:5778/sampling", + "trace_id_ratio": 1 } ] } From ab1c460218560c0a27c296f18605bf6917fa643f Mon Sep 17 00:00:00 2001 From: Arne Luenser Date: Mon, 9 Jan 2023 09:53:39 +0100 Subject: [PATCH 08/13] fix: revert test change --- pipeline/authn/authenticator_oauth2_introspection_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipeline/authn/authenticator_oauth2_introspection_test.go b/pipeline/authn/authenticator_oauth2_introspection_test.go index 8d475bbaba..417c08635f 100644 --- a/pipeline/authn/authenticator_oauth2_introspection_test.go +++ b/pipeline/authn/authenticator_oauth2_introspection_test.go @@ -705,7 +705,7 @@ func TestAuthenticatorOAuth2Introspection(t *testing.T) { assertHandlerWasCalled(t) t.Run("case=request succeeds and uses the cache", func(t *testing.T) { - config := setup(t, `{ "required_scope": ["scope-a"], "trusted_issuers": ["foo", "bar"], "target_audience": ["audience"] }`) + config := setup(t, `{ "trusted_issuers": ["foo", "bar"], "target_audience": ["audience"] }`) sess := new(AuthenticationSession) err = a.Authenticate(r, sess, config, nil) From e78b0d7f65886a8cf80505353132dcfd583480a6 Mon Sep 17 00:00:00 2001 From: Arne Luenser Date: Mon, 9 Jan 2023 09:54:46 +0100 Subject: [PATCH 09/13] chore: bump ory/x --- go.mod | 10 +++++----- go.sum | 20 ++++++++++---------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/go.mod b/go.mod index 7c97eeb123..d9ee35f1af 100644 --- a/go.mod +++ b/go.mod @@ -55,7 +55,7 @@ require ( github.com/ory/jsonschema/v3 v3.0.7 github.com/ory/ladon v1.1.0 github.com/ory/viper v1.7.5 - github.com/ory/x v0.0.524 + github.com/ory/x v0.0.529 github.com/pborman/uuid v1.2.1 github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2 github.com/pkg/errors v0.9.1 @@ -76,7 +76,7 @@ require ( gocloud.dev v0.20.0 golang.org/x/crypto v0.1.0 golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783 - golang.org/x/tools v0.4.0 + golang.org/x/tools v0.5.0 google.golang.org/api v0.84.0 google.golang.org/grpc v1.50.1 gopkg.in/square/go-jose.v2 v2.6.0 @@ -246,10 +246,10 @@ require ( go.opentelemetry.io/otel/sdk v1.11.1 // indirect go.opentelemetry.io/proto/otlp v0.18.0 // indirect golang.org/x/mod v0.7.0 // indirect - golang.org/x/net v0.3.0 // indirect + golang.org/x/net v0.5.0 // indirect golang.org/x/sync v0.1.0 // indirect - golang.org/x/sys v0.3.0 // indirect - golang.org/x/text v0.5.0 // indirect + golang.org/x/sys v0.4.0 // indirect + golang.org/x/text v0.6.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto v0.0.0-20221025140454-527a21cfbd71 // indirect diff --git a/go.sum b/go.sum index f2f948de86..a87ea4a871 100644 --- a/go.sum +++ b/go.sum @@ -1313,8 +1313,8 @@ github.com/ory/x v0.0.93/go.mod h1:lfcTaGXpTZs7IEQAW00r9EtTCOxD//SiP5uWtNiz31g= github.com/ory/x v0.0.110/go.mod h1:DJfkE3GdakhshNhw4zlKoRaL/ozg/lcTahA9OCih2BE= github.com/ory/x v0.0.128/go.mod h1:ykx1XOsl9taQtoW2yNvuxl/feEfTfrZTcbY1U7841tI= github.com/ory/x v0.0.162/go.mod h1:sj3z/MeCrAyNFFTfN6yK1nTmHXGSFnw+QwIIQ/Rowec= -github.com/ory/x v0.0.524 h1:U7JQKiaz+JpWWJvYYqdwVCqXcvI3W9uYO+4v7ew98Vk= -github.com/ory/x v0.0.524/go.mod h1:XBqhPZRppPHTxtsE0l0oI/B2Onf1QJtMRGPh3CpEpA0= +github.com/ory/x v0.0.529 h1:4E4i0XpIZaZxnkKZfzIZvXWhk+qAIPEpEy78tcyXeVM= +github.com/ory/x v0.0.529/go.mod h1:XBqhPZRppPHTxtsE0l0oI/B2Onf1QJtMRGPh3CpEpA0= github.com/parnurzeal/gorequest v0.2.15/go.mod h1:3Kh2QUMJoqw3icWAecsyzkpY7UzRfDhbRdTjtNwNiUE= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= @@ -1838,8 +1838,8 @@ golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.0.0-20221002022538-bcab6841153b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= -golang.org/x/net v0.3.0 h1:VWL6FNY2bEEmsGVKabSlHu5Irp34xmMRoqb/9lF9lxk= -golang.org/x/net v0.3.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= +golang.org/x/net v0.5.0 h1:GyT4nK/YDHSqa1c4753ouYCDajOYKTja9Xb/OHtgvSw= +golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181003184128-c57b0facaced/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -2013,8 +2013,8 @@ golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20221010170243-090e33056c14/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ= -golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.4.0 h1:Zr2JFtRQNX3BCZ8YtxRE9hNJYC8J6I1MVbMg6owUp18= +golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -2029,8 +2029,8 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.5.0 h1:OLmvp0KP+FVG99Ct/qFiL/Fhk4zp4QQnZ7b2U+5piUM= -golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.6.0 h1:3XmdazWV+ubf7QgHSTWeykHOci5oeekaGJBLkrkaw4k= +golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -2143,8 +2143,8 @@ golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.4.0 h1:7mTAgkunk3fr4GAloyyCasadO6h9zSsQZbwvcaIciV4= -golang.org/x/tools v0.4.0/go.mod h1:UE5sM2OK9E/d67R0ANs2xJizIymRP5gJU295PvKXxjQ= +golang.org/x/tools v0.5.0 h1:+bSpV5HIeWkuvgaMfI3UmKRThoTA5ODJTUd8T17NO+4= +golang.org/x/tools v0.5.0/go.mod h1:N+Kgy78s5I24c24dU8OfWNEotWjutIs8SnJvn5IDq+k= golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= From 6f0cf845e011c69a32ea70525fc943341cd69678 Mon Sep 17 00:00:00 2001 From: Arne Luenser Date: Wed, 11 Jan 2023 13:24:03 +0100 Subject: [PATCH 10/13] fix: typos and reorganize code --- pipeline/mutate/mutator_hydrator.go | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/pipeline/mutate/mutator_hydrator.go b/pipeline/mutate/mutator_hydrator.go index e4dadba856..5ff0fd2c33 100644 --- a/pipeline/mutate/mutator_hydrator.go +++ b/pipeline/mutate/mutator_hydrator.go @@ -14,6 +14,7 @@ import ( "github.com/dgraph-io/ristretto" "github.com/pkg/errors" + "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp" "go.opentelemetry.io/otel/trace" "github.com/ory/oathkeeper/driver/configuration" @@ -168,28 +169,33 @@ func (a *MutatorHydrator) Mutate(r *http.Request, session *authn.AuthenticationS } req.Header.Set(contentTypeHeaderKey, contentTypeJSONHeaderValue) - clientOpts := []httpx.ResilientOptions{httpx.ResilientClientWithTracer(a.d.Tracer())} + client := http.DefaultClient + if a.d.Tracer() != nil { + client = otelhttp.DefaultClient + } if cfg.Api.Retry != nil { + giveUpAfter := time.Second + maxRetryDelay := 100 * time.Millisecond if len(cfg.Api.Retry.MaxDelay) > 0 { - maxRetryDelay := time.Second if d, err := time.ParseDuration(cfg.Api.Retry.MaxDelay); err != nil { - a.d.Logger().WithError(err).Warn("Unable to parse max_delay in the Hydrator Mutator, falling pack to default.") + a.d.Logger().WithError(err).Warnf("Unable to parse max_delay in the Hydrator Mutator, falling back to default (%v).", maxRetryDelay) } else { maxRetryDelay = d } - clientOpts = append(clientOpts, httpx.ResilientClientWithMaxRetryWait(maxRetryDelay)) } if len(cfg.Api.Retry.GiveUpAfter) > 0 { - giveUpAfter := time.Millisecond * 50 if d, err := time.ParseDuration(cfg.Api.Retry.GiveUpAfter); err != nil { - a.d.Logger().WithError(err).Warn("Unable to parse max_delay in the Hydrator Mutator, falling pack to default.") + a.d.Logger().WithError(err).Warnf("Unable to parse give_up_after in the Hydrator Mutator, falling back to default (%v).", giveUpAfter) } else { giveUpAfter = d } - clientOpts = append(clientOpts, httpx.ResilientClientWithConnectionTimeout(giveUpAfter)) } + clientOpts := []httpx.ResilientOptions{ + httpx.ResilientClientWithTracer(a.d.Tracer()), + httpx.ResilientClientWithConnectionTimeout(giveUpAfter), + httpx.ResilientClientWithMaxRetryWait(maxRetryDelay)} + client = httpx.NewResilientClient(clientOpts...).StandardClient() } - client := httpx.NewResilientClient(clientOpts...).StandardClient() res, err := client.Do(req.WithContext(r.Context())) if err != nil { From 2ea63adaab7dc8829f479e9d1df813919882c246 Mon Sep 17 00:00:00 2001 From: Arne Luenser Date: Wed, 11 Jan 2023 13:33:59 +0100 Subject: [PATCH 11/13] fix: tracing config schema --- spec/config.schema.json | 31 ++++++++++++++----------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/spec/config.schema.json b/spec/config.schema.json index 7b6ce0a290..55eece7725 100644 --- a/spec/config.schema.json +++ b/spec/config.schema.json @@ -1914,24 +1914,21 @@ }, "sampling": { "type": "object", - "propertyNames": { - "enum": ["server_url", "trace_id_ratio"] - }, - "allOf": [ - { - "properties": { - "server_url": { - "type": "string", - "description": "The address of jaeger-agent's HTTP sampling server", - "format": "uri" - }, - "trace_id_ratio": { - "type": "number", - "description": "The address of jaeger-agent's HTTP sampling server" - } - } + "additionalProperties": false, + "properties": { + "server_url": { + "type": "string", + "description": "The address of jaeger-agent's HTTP sampling server.", + "format": "uri" + }, + "trace_id_ratio": { + "type": "number", + "description": "The initial sample ratio.", + "minimum": 0, + "maximum": 1, + "default": 1 } - ], + }, "examples": [ { "server_url": "http://localhost:5778/sampling", From 951200af0e57d2333b63fab5736dc6e8973b615c Mon Sep 17 00:00:00 2001 From: Arne Luenser Date: Thu, 12 Jan 2023 18:54:41 +0100 Subject: [PATCH 12/13] feat: import tracing config schema instead of specifying it here --- spec/config.schema.json | 99 +---------------------------------------- 1 file changed, 1 insertion(+), 98 deletions(-) diff --git a/spec/config.schema.json b/spec/config.schema.json index 55eece7725..a09b395228 100644 --- a/spec/config.schema.json +++ b/spec/config.schema.json @@ -1843,104 +1843,7 @@ } }, "tracing": { - "$schema": "http://json-schema.org/draft-07/schema#", - "$id": "ory://tracing-config", - "type": "object", - "additionalProperties": false, - "description": "Configure distributed tracing.", - "properties": { - "provider": { - "type": "string", - "description": "Set this to the tracing backend you wish to use. Supports Jaeger, Zipkin, DataDog, Elastic APM and OpenTelemetry. If omitted or empty, tracing will be disabled. Use environment variables to configure DataDog (see https://docs.datadoghq.com/tracing/setup/go/#configuration).", - "enum": ["zipkin", "jaeger", "datadog", "elastic-apm", "otel"], - "examples": ["zipkin"] - }, - "service_name": { - "type": "string", - "description": "Specifies the service name to use on the tracer.", - "examples": ["Ory Oathkeeper"] - }, - "providers": { - "type": "object", - "additionalProperties": false, - "properties": { - "zipkin": { - "type": "object", - "additionalProperties": false, - "description": "Configures the zipkin tracing backend.", - "properties": { - "server_url": { - "type": "string", - "description": "The address of Zipkin server where spans should be sent to.", - "format": "uri" - } - }, - "examples": [ - { - "server_url": "http://localhost:9411/api/v2/spans" - } - ] - }, - "jaeger": { - "type": "object", - "additionalProperties": false, - "description": "Configures the jaeger tracing backend.", - "properties": { - "local_agent_address": { - "type": "string", - "description": "The address of the jaeger-agent where spans should be sent to.", - "oneOf": [ - { - "pattern": "^\\[(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))]:([0-9]*)$" - }, - { - "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}:([0-9]*)$" - }, - { - "format": "uri" - } - ], - "examples": ["127.0.0.1:6831"] - }, - "propagation": { - "type": "string", - "description": "The tracing header format", - "examples": ["jaeger"] - }, - "max_tag_value_length": { - "type": "integer", - "description": "The value passed to the max tag value length that has been configured.", - "minimum": 0 - }, - "sampling": { - "type": "object", - "additionalProperties": false, - "properties": { - "server_url": { - "type": "string", - "description": "The address of jaeger-agent's HTTP sampling server.", - "format": "uri" - }, - "trace_id_ratio": { - "type": "number", - "description": "The initial sample ratio.", - "minimum": 0, - "maximum": 1, - "default": 1 - } - }, - "examples": [ - { - "server_url": "http://localhost:5778/sampling", - "trace_id_ratio": 1 - } - ] - } - } - } - } - } - } + "$ref": "https://raw.githubusercontent.com/ory/x/master/otelx/config.schema.json" }, "log": { "title": "Log", From ddda29c5fa0164192e05dfa3370842689c5dffa0 Mon Sep 17 00:00:00 2001 From: Arne Luenser Date: Fri, 13 Jan 2023 10:45:16 +0100 Subject: [PATCH 13/13] feat: copy in tracing schema --- go.mod | 4 +- go.sum | 8 +-- spec/config.schema.json | 145 +++++++++++++++++++++++++++++++++++++++- 3 files changed, 150 insertions(+), 7 deletions(-) diff --git a/go.mod b/go.mod index d9ee35f1af..66df715997 100644 --- a/go.mod +++ b/go.mod @@ -55,7 +55,7 @@ require ( github.com/ory/jsonschema/v3 v3.0.7 github.com/ory/ladon v1.1.0 github.com/ory/viper v1.7.5 - github.com/ory/x v0.0.529 + github.com/ory/x v0.0.532 github.com/pborman/uuid v1.2.1 github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2 github.com/pkg/errors v0.9.1 @@ -222,7 +222,7 @@ require ( github.com/spf13/viper v1.12.0 // indirect github.com/square/go-jose/v3 v3.0.0-20200630053402-0a67ce9b0693 // indirect github.com/stretchr/objx v0.5.0 // indirect - github.com/subosito/gotenv v1.4.1 // indirect + github.com/subosito/gotenv v1.4.2 // indirect github.com/tidwall/match v1.1.1 // indirect github.com/tidwall/pretty v1.2.1 // indirect github.com/toqueteos/webbrowser v1.2.0 // indirect diff --git a/go.sum b/go.sum index a87ea4a871..bbcef92b56 100644 --- a/go.sum +++ b/go.sum @@ -1313,8 +1313,8 @@ github.com/ory/x v0.0.93/go.mod h1:lfcTaGXpTZs7IEQAW00r9EtTCOxD//SiP5uWtNiz31g= github.com/ory/x v0.0.110/go.mod h1:DJfkE3GdakhshNhw4zlKoRaL/ozg/lcTahA9OCih2BE= github.com/ory/x v0.0.128/go.mod h1:ykx1XOsl9taQtoW2yNvuxl/feEfTfrZTcbY1U7841tI= github.com/ory/x v0.0.162/go.mod h1:sj3z/MeCrAyNFFTfN6yK1nTmHXGSFnw+QwIIQ/Rowec= -github.com/ory/x v0.0.529 h1:4E4i0XpIZaZxnkKZfzIZvXWhk+qAIPEpEy78tcyXeVM= -github.com/ory/x v0.0.529/go.mod h1:XBqhPZRppPHTxtsE0l0oI/B2Onf1QJtMRGPh3CpEpA0= +github.com/ory/x v0.0.532 h1:4KBm/CEJb+tkvVoZ6Sq7e9j/HO4y14+SSsvSytxXSe8= +github.com/ory/x v0.0.532/go.mod h1:XBqhPZRppPHTxtsE0l0oI/B2Onf1QJtMRGPh3CpEpA0= github.com/parnurzeal/gorequest v0.2.15/go.mod h1:3Kh2QUMJoqw3icWAecsyzkpY7UzRfDhbRdTjtNwNiUE= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= @@ -1533,8 +1533,8 @@ github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKs github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/subosito/gotenv v1.1.1/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= -github.com/subosito/gotenv v1.4.1 h1:jyEFiXpy21Wm81FBN71l9VoMMV8H8jG+qIK3GCpY6Qs= -github.com/subosito/gotenv v1.4.1/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= +github.com/subosito/gotenv v1.4.2 h1:X1TuBLAMDFbaTAChgCBLu3DU3UPyELpnF2jjJ2cz/S8= +github.com/subosito/gotenv v1.4.2/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/tidwall/gjson v1.3.2/go.mod h1:P256ACg0Mn+j1RXIDXoss50DeIABTYK1PULOJHhxOls= github.com/tidwall/gjson v1.14.2/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= diff --git a/spec/config.schema.json b/spec/config.schema.json index a09b395228..274c11ae7b 100644 --- a/spec/config.schema.json +++ b/spec/config.schema.json @@ -1843,7 +1843,150 @@ } }, "tracing": { - "$ref": "https://raw.githubusercontent.com/ory/x/master/otelx/config.schema.json" + "$schema": "http://json-schema.org/draft-07/schema#", + "$id": "ory://tracing-config", + "type": "object", + "additionalProperties": false, + "description": "Configure distributed tracing using OpenTelemetry", + "properties": { + "provider": { + "type": "string", + "description": "Set this to the tracing backend you wish to use. Supports Jaeger, Zipkin, and OTEL.", + "enum": ["jaeger", "otel", "zipkin"], + "examples": ["jaeger"] + }, + "service_name": { + "type": "string", + "description": "Specifies the service name to use on the tracer.", + "examples": ["Ory Oathkeeper"] + }, + "providers": { + "type": "object", + "additionalProperties": false, + "properties": { + "jaeger": { + "type": "object", + "additionalProperties": false, + "description": "Configures the jaeger tracing backend.", + "properties": { + "local_agent_address": { + "type": "string", + "description": "The address of the jaeger-agent where spans should be sent to.", + "anyOf": [ + { + "title": "IPv6 Address and Port", + "pattern": "^\\[(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))]:([0-9]*)$" + }, + { + "title": "IPv4 Address and Port", + "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}:([0-9]*)$" + }, + { + "title": "Hostname and Port", + "pattern": "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9]):([0-9]*)$" + } + ], + "examples": ["127.0.0.1:6831"] + }, + "sampling": { + "type": "object", + "propertyNames": { + "enum": ["server_url", "trace_id_ratio"] + }, + "additionalProperties": false, + "properties": { + "server_url": { + "type": "string", + "description": "The address of jaeger-agent's HTTP sampling server", + "format": "uri", + "examples": ["http://localhost:5778/sampling"] + }, + "trace_id_ratio": { + "type": "number", + "description": "Initial sampling ratio before contacting the sampling server.", + "minimum": 0, + "maximum": 1, + "default": 1, + "examples": [0.5] + } + } + } + } + }, + "zipkin": { + "type": "object", + "additionalProperties": false, + "description": "Configures the zipkin tracing backend.", + "properties": { + "server_url": { + "type": "string", + "description": "The address of the Zipkin server where spans should be sent to.", + "format": "uri", + "examples": ["http://localhost:9411/api/v2/spans"] + }, + "sampling": { + "type": "object", + "propertyNames": { + "enum": ["sampling_ratio"] + }, + "additionalProperties": false, + "properties": { + "sampling_ratio": { + "type": "number", + "description": "Sampling ratio for spans.", + "examples": [0.4] + } + } + } + } + }, + "otlp": { + "type": "object", + "additionalProperties": false, + "description": "Configures the OTLP tracing backend.", + "properties": { + "server_url": { + "type": "string", + "description": "The endpoint of the OTLP exporter (HTTP) where spans should be sent to.", + "anyOf": [ + { + "title": "IPv6 Address and Port", + "pattern": "^\\[(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))]:([0-9]*)$" + }, + { + "title": "IPv4 Address and Port", + "pattern": "^([0-9]{1,3}\\.){3}[0-9]{1,3}:([0-9]*)$" + }, + { + "title": "Hostname and Port", + "pattern": "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9]):([0-9]*)$" + } + ], + "examples": ["localhost:4318"] + }, + "insecure": { + "type": "boolean", + "description": "Will use HTTP if set to true; defaults to HTTPS." + }, + "sampling": { + "type": "object", + "propertyNames": { + "enum": ["sampling_ratio"] + }, + "additionalProperties": false, + "properties": { + "sampling_ratio": { + "type": "number", + "description": "Sampling ratio for spans.", + "examples": [0.4] + } + } + } + } + } + } + } + } }, "log": { "title": "Log",