diff --git a/CHANGELOG.md b/CHANGELOG.md index 13b24bdcd4..ac53c46a81 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -58,9 +58,11 @@ v1.2.0-rc.0 - Added `scrape_protocols` option to `prometheus.scrape`, which allows to control the preferred order of scrape protocols. (@thampiotr) - + - Add support for configuring CPU profile's duration scraped by `pyroscope.scrape`. (@hainenber) +- `prometheus.exporter.snowflake`: Add support for RSA key-pair authentication. (@Caleb-Hurshman) + - Improved filesystem error handling when working with `loki.source.file` and `local.file_match`, which removes some false-positive error log messages on Windows (@thampiotr) @@ -188,6 +190,7 @@ v1.1.0 ### Enhancements - Update `prometheus.exporter.kafka` with the following functionalities (@wildum): + * GSSAPI config * enable/disable PA_FX_FAST * set a TLS server name @@ -269,6 +272,7 @@ v1.1.0 Modern container runtimes allow binding to unprivileged ports as non-root. (@BlackDex) - Upgrading from OpenTelemetry v0.96.0 to v0.99.0. + - `otelcol.processor.batch`: Prevent starting unnecessary goroutines. https://github.com/open-telemetry/opentelemetry-collector/issues/9739 - `otelcol.exporter.otlp`: Checks for port in the config validation for the otlpexporter. diff --git a/docs/sources/reference/components/prometheus.exporter.snowflake.md b/docs/sources/reference/components/prometheus.exporter.snowflake.md index 1319520d59..fdbdf39265 100644 --- a/docs/sources/reference/components/prometheus.exporter.snowflake.md +++ b/docs/sources/reference/components/prometheus.exporter.snowflake.md @@ -11,27 +11,60 @@ The `prometheus.exporter.snowflake` component embeds ## Usage +### Password Authentication + +```alloy +prometheus.exporter.snowflake "LABEL" { + account_name = + username = + password = + warehouse = +} +``` + +Replace the following: + +- _``_: The Snowflake account name you are collecting metrics from. +- _``_: The username used to query metrics. +- _``_: The password for the user used to query metrics. +- _``_: The virtual warehouse to use when querying metrics. + +### RSA Authentication + ```alloy prometheus.exporter.snowflake "LABEL" { - account_name = ACCOUNT_NAME - username = USERNAME - password = PASSWORD - warehouse = WAREHOUSE + account_name = + username = + private_key_path = + private_key_password = + warehouse = } ``` +Replace the following: + +- _``_: The Snowflake account name you are collecting metrics from. +- _``_: The username used to query metrics. +- _``_: The path to the user's RSA private key file. +- _``_: The password for the user's RSA private key. +- _``_: The virtual warehouse to use when querying metrics. + ## Arguments The following arguments can be used to configure the exporter's behavior. Omitted fields take their default values. - -| Name | Type | Description | Default | Required | -| -------------- | -------- | ----------------------------------------------------- | ---------------- | -------- | -| `account_name` | `string` | The account to collect metrics for. | | yes | -| `username` | `string` | The username for the user used when querying metrics. | | yes | -| `password` | `secret` | The password for the user used when querying metrics. | | yes | -| `role` | `string` | The role to use when querying metrics. | `"ACCOUNTADMIN"` | no | -| `warehouse` | `string` | The warehouse to use when querying metrics. | | yes | +One of `password` or `private_key_path` must be specified to authenticate. +Users with an encrypted private key will also need to provide a `private_key_password`. + +| Name | Type | Description | Default | Required | +| ---------------------- | -------- | ------------------------------------------------------------------------------------------------- | ---------------- | -------- | +| `account_name` | `string` | The account to collect metrics from. | | yes | +| `username` | `string` | The username for the user used when querying metrics. | | yes | +| `password` | `secret` | The password for the user used when querying metrics (required for password authentication). | | no | +| `private_key_path` | `secret` | The path to the user's RSA private key file (required for RSA key-pair authentication). | | no | +| `private_key_password` | `secret` | The password for the user's RSA private key (required for encrypted RSA key-pair authentication). | | no | +| `role` | `string` | The role to use when querying metrics. | `"ACCOUNTADMIN"` | no | +| `warehouse` | `string` | The warehouse to use when querying metrics. | | yes | ## Blocks @@ -79,11 +112,11 @@ prometheus.scrape "demo" { prometheus.remote_write "demo" { endpoint { - url = PROMETHEUS_REMOTE_WRITE_URL + url = basic_auth { - username = USERNAME - password = PASSWORD + username = + password = } } } @@ -91,9 +124,9 @@ prometheus.remote_write "demo" { Replace the following: -- `PROMETHEUS_REMOTE_WRITE_URL`: The URL of the Prometheus remote_write-compatible server to send metrics to. -- `USERNAME`: The username to use for authentication to the remote_write API. -- `PASSWORD`: The password to use for authentication to the remote_write API. +- _``_: The URL of the Prometheus remote_write-compatible server to send metrics to. +- _``_: The username to use for authentication to the remote_write API. +- _``_: The password to use for authentication to the remote_write API. [scrape]: ../prometheus.scrape/ diff --git a/internal/component/prometheus/exporter/snowflake/snowflake.go b/internal/component/prometheus/exporter/snowflake/snowflake.go index e2d5fd43f7..08f19f0bfc 100644 --- a/internal/component/prometheus/exporter/snowflake/snowflake.go +++ b/internal/component/prometheus/exporter/snowflake/snowflake.go @@ -33,11 +33,13 @@ var DefaultArguments = Arguments{ // Arguments controls the snowflake exporter. type Arguments struct { - AccountName string `alloy:"account_name,attr"` - Username string `alloy:"username,attr"` - Password alloytypes.Secret `alloy:"password,attr"` - Role string `alloy:"role,attr,optional"` - Warehouse string `alloy:"warehouse,attr"` + AccountName string `alloy:"account_name,attr"` + Username string `alloy:"username,attr"` + Password alloytypes.Secret `alloy:"password,attr,optional"` + PrivateKeyPath string `alloy:"private_key_path,attr,optional"` + PrivateKeyPassword alloytypes.Secret `alloy:"private_key_password,attr,optional"` + Role string `alloy:"role,attr,optional"` + Warehouse string `alloy:"warehouse,attr"` } // SetToDefault implements syntax.Defaulter. @@ -47,10 +49,12 @@ func (a *Arguments) SetToDefault() { func (a *Arguments) Convert() *snowflake_exporter.Config { return &snowflake_exporter.Config{ - AccountName: a.AccountName, - Username: a.Username, - Password: config_util.Secret(a.Password), - Role: a.Role, - Warehouse: a.Warehouse, + AccountName: a.AccountName, + Username: a.Username, + Password: config_util.Secret(a.Password), + PrivateKeyPath: a.PrivateKeyPath, + PrivateKeyPassword: config_util.Secret(a.PrivateKeyPassword), + Role: a.Role, + Warehouse: a.Warehouse, } } diff --git a/internal/component/prometheus/exporter/snowflake/snowflake_test.go b/internal/component/prometheus/exporter/snowflake/snowflake_test.go index 5d658892f3..396d15850c 100644 --- a/internal/component/prometheus/exporter/snowflake/snowflake_test.go +++ b/internal/component/prometheus/exporter/snowflake/snowflake_test.go @@ -12,11 +12,13 @@ import ( func TestAlloyUnmarshal(t *testing.T) { alloyConfig := ` - account_name = "some_account" - username = "some_user" - password = "some_password" - role = "some_role" - warehouse = "some_warehouse" + account_name = "some_account" + username = "some_user" + password = "some_password" + private_key_path = "/some/path/rsa_key.p8" + private_key_password = "some_password" + role = "some_role" + warehouse = "some_warehouse" ` var args Arguments @@ -24,11 +26,13 @@ func TestAlloyUnmarshal(t *testing.T) { require.NoError(t, err) expected := Arguments{ - AccountName: "some_account", - Username: "some_user", - Password: alloytypes.Secret("some_password"), - Role: "some_role", - Warehouse: "some_warehouse", + AccountName: "some_account", + Username: "some_user", + Password: alloytypes.Secret("some_password"), + PrivateKeyPath: "/some/path/rsa_key.p8", + PrivateKeyPassword: alloytypes.Secret("some_password"), + Role: "some_role", + Warehouse: "some_warehouse", } require.Equal(t, expected, args) @@ -36,10 +40,12 @@ func TestAlloyUnmarshal(t *testing.T) { func TestConvert(t *testing.T) { alloyConfig := ` - account_name = "some_account" - username = "some_user" - password = "some_password" - warehouse = "some_warehouse" + account_name = "some_account" + username = "some_user" + password = "some_password" + private_key_path = "/some/path/rsa_key.p8" + private_key_password = "some_password" + warehouse = "some_warehouse" ` var args Arguments err := syntax.Unmarshal([]byte(alloyConfig), &args) @@ -48,11 +54,13 @@ func TestConvert(t *testing.T) { res := args.Convert() expected := snowflake_exporter.Config{ - AccountName: "some_account", - Username: "some_user", - Password: config_util.Secret("some_password"), - Role: DefaultArguments.Role, - Warehouse: "some_warehouse", + AccountName: "some_account", + Username: "some_user", + Password: config_util.Secret("some_password"), + PrivateKeyPath: "/some/path/rsa_key.p8", + PrivateKeyPassword: config_util.Secret("some_password"), + Role: DefaultArguments.Role, + Warehouse: "some_warehouse", } require.Equal(t, expected, *res) } diff --git a/internal/static/integrations/snowflake_exporter/snowflake_exporter.go b/internal/static/integrations/snowflake_exporter/snowflake_exporter.go index 6013e07f4b..8c6e2d7a00 100644 --- a/internal/static/integrations/snowflake_exporter/snowflake_exporter.go +++ b/internal/static/integrations/snowflake_exporter/snowflake_exporter.go @@ -16,20 +16,24 @@ var DefaultConfig = Config{ // Config is the configuration for the snowflake integration type Config struct { - AccountName string `yaml:"account_name,omitempty"` - Username string `yaml:"username,omitempty"` - Password config_util.Secret `yaml:"password,omitempty"` - Role string `yaml:"role,omitempty"` - Warehouse string `yaml:"warehouse,omitempty"` + AccountName string `yaml:"account_name,omitempty"` + Username string `yaml:"username,omitempty"` + Password config_util.Secret `yaml:"password,omitempty"` + PrivateKeyPath string `yaml:"private_key_path,omitempty"` + PrivateKeyPassword config_util.Secret `yaml:"private_key_password,omitempty"` + Role string `yaml:"role,omitempty"` + Warehouse string `yaml:"warehouse,omitempty"` } func (c *Config) exporterConfig() *collector.Config { return &collector.Config{ - AccountName: c.AccountName, - Username: c.Username, - Password: string(c.Password), - Role: c.Role, - Warehouse: c.Warehouse, + AccountName: c.AccountName, + Username: c.Username, + Password: string(c.Password), + PrivateKeyPath: c.PrivateKeyPath, + PrivateKeyPassword: string(c.PrivateKeyPassword), + Role: c.Role, + Warehouse: c.Warehouse, } }