Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bearer token auth extension picks up the updated token from file but exporter still uses old one #37282

Open
tjuchniewicz opened this issue Jan 17, 2025 · 1 comment
Open

Bearer token auth extension picks up the updated token from file but exporter still uses old one #37282

tjuchniewicz opened this issue Jan 17, 2025 · 1 comment
Labels
bug Something isn't working extension/bearertokenauth needs triage New item requiring triage

Comments

@tjuchniewicz
Copy link

tjuchniewicz commented Jan 17, 2025
edited
Loading

Component(s)

extension/bearertokenauth

What happened?

Hi,

Looks like extension monitors for file changes but later exported does not use it?

Looks like pretty much the same as #17031

Collector version

v0.117.0

Environment information

Environment

OS: Windows 10 and Ubuntu Linux AMD64 (WSL2 on Windows)
Binary: https://github.com/open-telemetry/opentelemetry-collector-releases/releases/download/v0.117.0/otelcol-otlp_0.117.0_windows_amd64.tar.gz

OpenTelemetry Collector configuration

extensions:
  bearertokenauth:
    filename: "${env:ACCESS_TOKEN_FILE}"
receivers:
  # Data sources: metrics
  hostmetrics:
    collection_interval: 60s
    scrapers:
      cpu:
        metrics:
          system.cpu.utilization:
            enabled: true
      disk:
      filesystem:
      load:
        metrics:
          system.cpu.load_average.1m:
            enabled: true
      memory:
        metrics:
          system.memory.utilization:
            enabled: true
      network:
      process:
      paging:
  otlp:
    protocols:
      grpc:
        endpoint: "${env:HOST_IP}:4317"
      http:
        endpoint: "${env:HOST_IP}:4318"
processors:
  resourcedetection:
    detectors: [env, system]
    timeout: 10s
    override: false
    system:
      hostname_sources: ["os"]
  cumulativetodelta:
  attributes:
    actions:
      - key: "env"
        value: "${env:ENVIRONMENT}"
        action: upsert
      - key: "region"
        value: "${env:REGION}"
        action: upsert
  resource:
    attributes:
      - key: env
        value: ${env:ENVIRONMENT}
        action: upsert
      - key: geo
        value: ${env:GEO}
        action: upsert
      - key: host
        value: ${env:HOSTNAME}
        action: upsert
exporters:
  debug:
    verbosity: ${env:EXPORTERS_DEBUG_VERBOSITY}
  otlp:
    endpoint: ...
    auth:
      authenticator: bearertokenauth
service:
  extensions: [bearertokenauth]
  telemetry:
    metrics:
      address: '${env:HOST_IP}:8888'
    logs:
      level: ${env:LOG_LEVEL}
  pipelines:
    traces:
      receivers: [otlp]
      processors: [attributes, resource]
      exporters: [debug,otlp]
    metrics:
      receivers: [otlp, hostmetrics]
      processors: [attributes, resource]
      exporters: [debug,otlp]
    logs:
      receivers: [otlp]
      processors: [attributes, resource]
      exporters: [debug,otlp]

Log output

2025-01-17T17:56:16.620+0100    info    [email protected]/bearertokenauth.go:133        refresh token   {"kind": "extension", "name": "bearertokenauth", "filename": "/root/access-token"}
2025-01-17T17:56:16.621+0100    info    [email protected]/bearertokenauth.go:133        refresh token   {"kind": "extension", "name": "bearertokenauth", "filename": "/root/access-token"}
2025-01-17T17:56:39.372+0100    info    Metrics {"kind": "exporter", "data_type": "metrics", "name": "debug", "resource metrics": 59, "metrics": 232, "data points": 591}
2025-01-17T17:56:39.417+0100    error   internal/queue_sender.go:103    Exporting failed. Dropping data.        {"kind": "exporter", "data_type": "metrics", "name": "otlp", "error": "not retryable error: Permanent error: rpc error: code = Unauthenticated desc = failed to verify token: oidc: token is expired (Token Expiry: 2025-01-17 15:19:21 +0000 UTC)", "dropped_items": 591}
go.opentelemetry.io/collector/exporter/exporterhelper/internal.NewQueueSender.func1
        go.opentelemetry.io/collector/[email protected]/exporterhelper/internal/queue_sender.go:103
go.opentelemetry.io/collector/exporter/internal/queue.(*Consumers[...]).Start.func1
        go.opentelemetry.io/collector/[email protected]/internal/queue/consumers.go:43

but token is valid for sure:

jwt `cat /root/access-token`

To verify on jwt.io:

https://jwt.io/#id_token=eyJhbGciOiJSUzI1NiI...

...
   iat: 1737133037 1/17/2025, 5:57:17 PM
   exp: 1737136637 1/17/2025, 6:57:17 PM

and it works just after restart.

Additional context

No response
@tjuchniewicz tjuchniewicz added bug Something isn't working needs triage New item requiring triage labels Jan 17, 2025
@github-actions GitHub Actions
Copy link
Contributor

Pinging code owners:

See Adding Labels via Comments if you do not have permissions to add labels yourself.

@tjuchniewicz tjuchniewicz changed the title [extension/bearertokenauth] Bearer token auth extension picks up the updated token from file but exporter still uses old one Bearer token auth extension picks up the updated token from file but exporter still uses old one Jan 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working extension/bearertokenauth needs triage New item requiring triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tjuchniewicz