From fc3a4091646ebb969e4999195718327f36e16478 Mon Sep 17 00:00:00 2001
From: Sheen Capadngan <sheensantoscapadngan@gmail.com>
Date: Wed, 12 Jun 2024 01:39:06 +0800
Subject: [PATCH] misc: added support for more config options

---
 .env.example                                 |  7 ++-
 backend/src/lib/config/env.ts                |  6 ++-
 backend/src/lib/telemetry/instrumentation.ts | 57 ++++++++++++++------
 backend/src/main.ts                          | 10 +++-
 otel-collector-config.yaml                   | 22 +++++---
 prometheus.yml                               |  3 ++
 6 files changed, 78 insertions(+), 27 deletions(-)

diff --git a/.env.example b/.env.example
index 9c254a017b..044613856e 100644
--- a/.env.example
+++ b/.env.example
@@ -68,5 +68,10 @@ CAPTCHA_SECRET=
 
 NEXT_PUBLIC_CAPTCHA_SITE_KEY=
 
-OTEL_COLLECTOR_OTLP_URL=
 OTEL_TELEMETRY_COLLECTION_ENABLED=
+OTEL_EXPORT_TYPE=
+OTEL_EXPORT_OTLP_ENDPOINT=
+OTEL_OTLP_PUSH_INTERVAL=
+
+OTEL_COLLECTOR_BASIC_AUTH_USERNAME=
+OTEL_COLLECTOR_BASIC_AUTH_PASSWORD=
diff --git a/backend/src/lib/config/env.ts b/backend/src/lib/config/env.ts
index 502a22c4ee..76defa597c 100644
--- a/backend/src/lib/config/env.ts
+++ b/backend/src/lib/config/env.ts
@@ -125,7 +125,11 @@ const envSchema = z
     MAINTENANCE_MODE: zodStrBool.default("false"),
     CAPTCHA_SECRET: zpStr(z.string().optional()),
     OTEL_TELEMETRY_COLLECTION_ENABLED: zodStrBool.default("false"),
-    OTEL_COLLECTOR_OTLP_URL: zpStr(z.string().optional())
+    OTEL_EXPORT_OTLP_ENDPOINT: zpStr(z.string().optional()),
+    OTEL_OTLP_PUSH_INTERVAL: z.coerce.number().default(30000),
+    OTEL_COLLECTOR_BASIC_AUTH_USERNAME: zpStr(z.string().optional()),
+    OTEL_COLLECTOR_BASIC_AUTH_PASSWORD: zpStr(z.string().optional()),
+    OTEL_EXPORT_TYPE: z.enum(["prometheus", "otlp"]).optional()
   })
   .transform((data) => ({
     ...data,
diff --git a/backend/src/lib/telemetry/instrumentation.ts b/backend/src/lib/telemetry/instrumentation.ts
index 67f295361f..631b0028d9 100644
--- a/backend/src/lib/telemetry/instrumentation.ts
+++ b/backend/src/lib/telemetry/instrumentation.ts
@@ -1,4 +1,4 @@
-import opentelemetry from "@opentelemetry/api";
+import opentelemetry, { diag, DiagConsoleLogger, DiagLogLevel } from "@opentelemetry/api";
 import { getNodeAutoInstrumentations } from "@opentelemetry/auto-instrumentations-node";
 import { OTLPMetricExporter } from "@opentelemetry/exporter-metrics-otlp-proto";
 import { PrometheusExporter } from "@opentelemetry/exporter-prometheus";
@@ -7,7 +7,21 @@ import { Resource } from "@opentelemetry/resources";
 import { AggregationTemporality, MeterProvider, PeriodicExportingMetricReader } from "@opentelemetry/sdk-metrics";
 import { SEMRESATTRS_SERVICE_NAME, SEMRESATTRS_SERVICE_VERSION } from "@opentelemetry/semantic-conventions";
 
-export const initTelemetry = async ({ otlpURL }: { otlpURL?: string }) => {
+export const initTelemetryInstrumentation = async ({
+  exportType,
+  otlpURL,
+  otlpUser,
+  otlpPassword,
+  otlpPushInterval
+}: {
+  exportType?: string;
+  otlpURL?: string;
+  otlpUser?: string;
+  otlpPassword?: string;
+  otlpPushInterval?: number;
+}) => {
+  diag.setLogger(new DiagConsoleLogger(), DiagLogLevel.DEBUG);
+
   const resource = Resource.default().merge(
     new Resource({
       [SEMRESATTRS_SERVICE_NAME]: "infisical-server",
@@ -16,21 +30,30 @@ export const initTelemetry = async ({ otlpURL }: { otlpURL?: string }) => {
   );
 
   const metricReaders = [];
-  if (otlpURL) {
-    const otlpExporter = new OTLPMetricExporter({
-      url: `${otlpURL}/v1/metrics`,
-      temporalityPreference: AggregationTemporality.DELTA
-    });
-
-    metricReaders.push(
-      new PeriodicExportingMetricReader({
-        exporter: otlpExporter,
-        exportIntervalMillis: 30000
-      })
-    );
-  } else {
-    const promExporter = new PrometheusExporter();
-    metricReaders.push(promExporter);
+  switch (exportType) {
+    case "prometheus": {
+      const promExporter = new PrometheusExporter();
+      metricReaders.push(promExporter);
+      break;
+    }
+    case "otlp": {
+      const otlpExporter = new OTLPMetricExporter({
+        url: `${otlpURL}/v1/metrics`,
+        headers: {
+          Authorization: `Basic ${btoa(`${otlpUser}:${otlpPassword}`)}`
+        },
+        temporalityPreference: AggregationTemporality.DELTA
+      });
+      metricReaders.push(
+        new PeriodicExportingMetricReader({
+          exporter: otlpExporter,
+          exportIntervalMillis: otlpPushInterval
+        })
+      );
+      break;
+    }
+    default:
+      throw new Error("Invalid OTEL export type");
   }
 
   const meterProvider = new MeterProvider({
diff --git a/backend/src/main.ts b/backend/src/main.ts
index 3513e31705..c0b9b24c5e 100644
--- a/backend/src/main.ts
+++ b/backend/src/main.ts
@@ -4,7 +4,7 @@ import { initDbConnection } from "./db";
 import { keyStoreFactory } from "./keystore/keystore";
 import { formatSmtpConfig, initEnvConfig } from "./lib/config/env";
 import { initLogger } from "./lib/logger";
-import { initTelemetry } from "./lib/telemetry/instrumentation";
+import { initTelemetryInstrumentation } from "./lib/telemetry/instrumentation";
 import { queueServiceFactory } from "./queue";
 import { main } from "./server/app";
 import { bootstrapCheck } from "./server/boot-strap-check";
@@ -16,7 +16,13 @@ const run = async () => {
   const appCfg = initEnvConfig(logger);
 
   if (appCfg.OTEL_TELEMETRY_COLLECTION_ENABLED) {
-    await initTelemetry({ otlpURL: appCfg.OTEL_COLLECTOR_OTLP_URL });
+    await initTelemetryInstrumentation({
+      otlpURL: appCfg.OTEL_EXPORT_OTLP_ENDPOINT,
+      otlpUser: appCfg.OTEL_COLLECTOR_BASIC_AUTH_USERNAME,
+      otlpPassword: appCfg.OTEL_COLLECTOR_BASIC_AUTH_PASSWORD,
+      otlpPushInterval: appCfg.OTEL_OTLP_PUSH_INTERVAL,
+      exportType: appCfg.OTEL_EXPORT_TYPE
+    });
   }
 
   const db = initDbConnection({
diff --git a/otel-collector-config.yaml b/otel-collector-config.yaml
index 54e810867b..ba609fdcc5 100644
--- a/otel-collector-config.yaml
+++ b/otel-collector-config.yaml
@@ -1,8 +1,20 @@
+extensions:
+  health_check:
+  pprof:
+  zpages:
+  basicauth/server:
+    htpasswd:
+      inline: |
+        infisical:infisical
+
 receivers:
   otlp:
     protocols:
       http:
         endpoint: 0.0.0.0:4318
+        auth:
+          authenticator: basicauth/server
+
   prometheus:
     config:
       scrape_configs:
@@ -19,17 +31,15 @@ processors:
 exporters:
   prometheus:
     endpoint: "0.0.0.0:8889"
+    auth:
+      authenticator: basicauth/server
     resource_to_telemetry_conversion:
       enabled: true
-extensions:
-  health_check:
-  pprof:
-  zpages:
 
 service:
-  extensions: [health_check, pprof, zpages]
+  extensions: [basicauth/server, health_check, pprof, zpages]
   pipelines:
     metrics:
-      receivers: [otlp, prometheus]
+      receivers: [otlp]
       processors: [batch]
       exporters: [prometheus]
diff --git a/prometheus.yml b/prometheus.yml
index 3d37639383..31b50314c7 100644
--- a/prometheus.yml
+++ b/prometheus.yml
@@ -3,3 +3,6 @@ scrape_configs:
     scrape_interval: 30s
     static_configs:
       - targets: ["otel-collector:8889"]
+    basic_auth:
+      username: infisical
+      password: infisical