[13.1] Use WithHttpsCertificateConfiguration to configure tls cert for Otel Collector
#1058
Conversation
afscrome
changed the title
WithHttpsCertificateConfiguration to configure tls cert for the…WithHttpsCertificateConfiguration to configure tls cert for Otel Collector
martinjt
left a comment
martinjt
left a comment
There was a problem hiding this comment.
I don't think we need the TelemetryGen as part of this change.
|
I'll see what I can do tomorrow - reason I added telemetry generator is that I needed something that generated container from a container as I wanted to make sure the cert was being trusted both in |
There was a problem hiding this comment.
Pull request overview
This PR modernizes the OpenTelemetry Collector integration by adopting Aspire 13.1's new WithHttpsCertificateConfiguration API for TLS certificate management, replacing a custom dev certificate export implementation. The change simplifies the codebase by leveraging built-in Aspire functionality.
- Replaced custom dev certificate export logic with
WithHttpsCertificateConfigurationAPI - Removed
DevCertHostingExtensions.csshared utility file and associated tests - Enhanced the example app with telemetry generators to demonstrate container-to-container communication
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| src/CommunityToolkit.Aspire.Hosting.OpenTelemetryCollector/OpenTelemetryCollectorExtensions.cs | Refactored certificate configuration to use new Aspire 13.1 API instead of custom implementation |
| src/CommunityToolkit.Aspire.Hosting.OpenTelemetryCollector/CommunityToolkit.Aspire.Hosting.OpenTelemetryCollector.csproj | Removed reference to shared DevCertHostingExtensions.cs file |
| src/Shared/DevCertHostingExtensions.cs | Deleted entire custom dev certificate hosting extensions utility |
| tests/CommunityToolkit.Aspire.Hosting.OpenTelemetryCollector.Tests/ResourceCreationTests.cs | Removed tests specific to custom dev certificate export implementation |
| examples/opentelemetry-collector/CommunityToolkit.Aspire.Hosting.OpenTelemetryCollector.AppHost/AppHost.cs | Added telemetry generator containers to demonstrate collector functionality |
| var scheme = useHttpsForRecievers ? "https" : "http"; | ||
| resourceBuilder.WithEndpoint(targetPort: port, name: protocol, scheme: scheme); | ||
|
|
||
| if (!useHttpsForRecievers) |
There was a problem hiding this comment.
The variable name has a spelling error: "Recievers" should be "Receivers" (the 'i' and 'e' are transposed).
| return Task.CompletedTask; | ||
| }); | ||
| #pragma warning restore ASPIRECERTIFICATES001 // Type is for evaluation purposes only and is subject to change or removal in future updates. Suppress this diagnostic to proceed. | ||
| } |
There was a problem hiding this comment.
There is trailing whitespace after the closing brace. This should be removed for consistent code formatting.
| } | |
| } |
| .WithArgs(signal, | ||
| "--duration", "inf", | ||
| "--otlp-endpoint", collector.GetEndpoint("grpc").Property(EndpointProperty.HostAndPort)) | ||
| .WithArgs(args) |
There was a problem hiding this comment.
The variable args is not defined in the scope of the AddTelemetryGenerator method. This appears to be a bug as it references the command-line arguments from the Main method which are not accessible here. This line should likely be removed since the necessary arguments are already added on lines 21-23.
| .WithArgs(args) |
| if (!settings.ForceNonSecureReceiver && isHttpsEnabled && builder.ExecutionContext.IsRunMode) | ||
| { | ||
| resourceBuilder.RunWithHttpsDevCertificate(); | ||
| var useHttpsForRecievers = !settings.ForceNonSecureReceiver && url.StartsWith("https", StringComparison.OrdinalIgnoreCase); |
There was a problem hiding this comment.
The variable name has a spelling error: "Recievers" should be "Receivers" (the 'i' and 'e' are transposed).
|
|
||
| void ConfigureReceiver(int port, string protocol) | ||
| { | ||
| var scheme = useHttpsForRecievers ? "https" : "http"; |
There was a problem hiding this comment.
The variable name has a spelling error: "Recievers" should be "Receivers" (the 'i' and 'e' are transposed).
| ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}""")); | ||
| ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}""")); |
There was a problem hiding this comment.
Default 'ToString()': ReferenceExpression inherits 'ToString()' from 'Object', and so is not suitable for printing.
| ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}""")); | |
| ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}""")); | |
| ctx.Arguments.Add($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}"""); | |
| ctx.Arguments.Add($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}"""); |
There was a problem hiding this comment.
ReferenceExpression is absolutely required here as certificate and key paths cannot be resolve until after the app host starts.
| ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}""")); | ||
| ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}""")); |
There was a problem hiding this comment.
Default 'ToString()': ReferenceExpression inherits 'ToString()' from 'Object', and so is not suitable for printing.
| ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}""")); | |
| ctx.Arguments.Add(ReferenceExpression.Create($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}""")); | |
| ctx.Arguments.Add($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::cert_file: ""{ctx.CertificatePath}"""); | |
| ctx.Arguments.Add($@"--config=yaml:receivers::otlp::protocols::{protocol}::tls::key_file: ""{ctx.KeyPath}"""); |
There was a problem hiding this comment.
ReferenceExpression is absolutely required here as certificate and key paths cannot be resolve until after the app host starts.
Use the new `WithHttpsCertificateConfiguration` apis in 13.1 rather than the previous custom implementation of exporting the dev cert.
afscrome
force-pushed
the
otel-tls-injection2
branch
from
04e47c4 to
163148e
Compare
2 participants
Closes #981
Use the new
WithHttpsCertificateConfigurationapis in 13.1 rather than the previous custom implementation of exporting the dev cert.Added some telemetry generator resources to the otel collector's playground app to generate some dummy otel, as well as to test telemetry for container --> container.
PR Checklist
Other information