daos icon indicating copy to clipboard operation
daos copied to clipboard
verified publisher icon daos-stack

DAOS-9825 control: Update Telemetry Endpoint to use HTTPS

Open ravalsam opened this issue 1 year ago • 6 comments

  • Adding new option for telemetry config in server, control and agent yaml file.
  • Telemetry endpoint can have option to run in both secure (https) and insecure (http) mode. telemetry_config: allow_insecure: false server_cert: /etc/daos/certs/telemetryserver.crt server_key: /etc/daos/certs/telemetryserver.key ca_cert: /etc/daos/certs/daosTelemetryCA.crt
  • Telemetry old configuration option is supported bur recommend to use the new options.
  • Updated dmg to create the correct prometheus config install based on telemetry is insecure mode or not. # cat /root/.prometheus.yml scheme: https tls_config: ca_file: /etc/daos/certs/daosTelemetryCA.crt

Features: control telemetry

Required-githooks: true

Before requesting gatekeeper:

  • [ ] Two review approvals and any prior change requests have been resolved.
  • [ ] Testing is complete and all tests passed or there is a reason documented in the PR why it should be force landed and forced-landing tag is set.
  • [ ] Features: (or Test-tag*) commit pragma was used or there is a reason documented that there are no appropriate tags for this PR.
  • [ ] Commit messages follows the guidelines outlined here.
  • [ ] Any tests skipped by the ticket being addressed have been run and passed in the PR.

Gatekeeper:

  • [ ] You are the appropriate gatekeeper to be landing the patch.
  • [ ] The PR has 2 reviews by people familiar with the code, including appropriate owners.
  • [ ] Githooks were used. If not, request that user install them and check copyright dates.
  • [ ] Checkpatch issues are resolved. Pay particular attention to ones that will show up on future PRs.
  • [ ] All builds have passed. Check non-required builds for any new compiler warnings.
  • [ ] Sufficient testing is done. Check feature pragmas and test tags and that tests skipped for the ticket are run and now pass with the changes.
  • [ ] If applicable, the PR has addressed any potential version compatibility issues.
  • [ ] Check the target branch. If it is master branch, should the PR go to a feature branch? If it is a release branch, does it have merge approval in the JIRA ticket.
  • [ ] Extra checks if forced landing is requested
    • [ ] Review comments are sufficiently resolved, particularly by prior reviewers that requested changes.
    • [ ] No new NLT or valgrind warnings. Check the classic view.
    • [ ] Quick-build or Quick-functional is not used.
  • [ ] Fix the commit message upon landing. Check the standard here. Edit it to create a single commit. If necessary, ask submitter for a new summary.

ravalsam avatar Sep 27 '24 20:09 ravalsam

Ticket title is 'Update Telemetry Endpoint to use HTTPS' Status is 'In Review' Labels: 'Checkmarx,scrubbed_2.8' https://daosio.atlassian.net/browse/DAOS-9825

github-actions[bot] avatar Sep 27 '24 20:09 github-actions[bot]

Test stage Test RPMs on EL 8.6 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-15216/1/execution/node/1169/log

daosbuild1 avatar Sep 27 '24 22:09 daosbuild1

Test stage Functional Hardware Medium completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-15216/5/execution/node/1507/log

daosbuild1 avatar Oct 01 '24 02:10 daosbuild1

Test stage Functional Hardware Medium completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-15216/6/execution/node/1438/log

daosbuild1 avatar Oct 01 '24 11:10 daosbuild1

Test stage Functional Hardware Medium completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-15216/9/execution/node/1520/log

daosbuild1 avatar Oct 08 '24 17:10 daosbuild1

Test stage Functional Hardware Medium Verbs Provider completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-15216/9/execution/node/1566/log

daosbuild1 avatar Oct 08 '24 21:10 daosbuild1

Test stage NLT on EL 8.8 completed with status UNSTABLE. https://build.hpdd.intel.com/job/daos-stack/job/daos//view/change-requests/job/PR-15216/10/testReport/

daosbuild1 avatar Nov 19 '24 20:11 daosbuild1

Test stage Functional on EL 8.8 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-15216/12/execution/node/1210/log

daosbuild1 avatar Dec 04 '24 08:12 daosbuild1

Test stage Functional on EL 8.8 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-15216/16/execution/node/1211/log

daosbuild1 avatar Dec 05 '24 09:12 daosbuild1

Test stage Test RPMs on EL 8.6 completed with status FAILURE. https://build.hpdd.intel.com/job/daos-stack/job/daos/job/PR-15216/18/display/redirect

daosbuild1 avatar Dec 06 '24 02:12 daosbuild1

Test stage Functional Hardware Medium completed with status UNSTABLE. https://build.hpdd.intel.com/job/daos-stack/job/daos//view/change-requests/job/PR-15216/24/testReport/

daosbuild1 avatar Dec 14 '24 11:12 daosbuild1

need to resolve conflicts

tanabarr avatar Dec 18 '24 10:12 tanabarr

Test stage Functional on EL 8.8 completed with status UNSTABLE. https://build.hpdd.intel.com/job/daos-stack/job/daos//view/change-requests/job/PR-15216/28/testReport/

daosbuild1 avatar Dec 19 '24 22:12 daosbuild1

We can ignore copyright complaints about the 2024 Intel copyright since those files were modified in 2024, not 2025

daltonbohning avatar Jan 07 '25 18:01 daltonbohning

Test stage Functional on EL 8.8 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-15216/32/execution/node/1221/log

daosbuild1 avatar Jan 08 '25 12:01 daosbuild1

You'll probably also want to update the copyrights with the new HPE information.

FWIW, I've been told we technically don't need to update copyrights to 2025 for work done in 2024. So if the file hasn't changed since 2024, we can ignore the copyright GHA failure. Though updating the copyright should be okay too

daltonbohning avatar Jan 09 '25 19:01 daltonbohning

Test stage Functional on EL 8.8 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-15216/39/execution/node/1175/log

daosbuild1 avatar Feb 23 '25 01:02 daosbuild1

Test stage Functional on EL 8.8 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-15216/41/execution/node/1175/log

daosbuild1 avatar Feb 23 '25 11:02 daosbuild1

Test stage NLT on EL 8.8 completed with status UNSTABLE. https://build.hpdd.intel.com/job/daos-stack/job/daos//view/change-requests/job/PR-15216/42/testReport/

daosbuild1 avatar Feb 23 '25 18:02 daosbuild1

Test stage Functional Hardware Medium completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-15216/42/execution/node/1488/log

daosbuild1 avatar Feb 24 '25 04:02 daosbuild1

Test stage Functional on EL 8.8 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-15216/46/execution/node/1174/log

daosbuild1 avatar Feb 25 '25 00:02 daosbuild1