From a5d39361ab0b53081fef5bdc6c722148716f175d Mon Sep 17 00:00:00 2001 From: mengnan Date: Thu, 29 Nov 2018 23:47:59 +0800 Subject: [PATCH] discovery/azure: Fail hard when Azure authentication parameters are missing (#4907) * discovery/azure: fail hard when client_id/client_secret is empty Signed-off-by: mengnan * discovery/azure: fail hard when authentication parameters are missing Signed-off-by: mengnan * add unit test Signed-off-by: mengnan * add unit test Signed-off-by: mengnan * format code Signed-off-by: mengnan --- config/config_test.go | 16 +++++++++++++++ .../testdata/azure_client_id_missing.bad.yml | 7 +++++++ .../azure_client_secret_missing.bad.yml | 7 +++++++ .../azure_subscription_id_missing.bad.yml | 7 +++++++ .../testdata/azure_tenant_id_missing.bad.yml | 7 +++++++ discovery/azure/azure.go | 20 +++++++++++++++++-- 6 files changed, 62 insertions(+), 2 deletions(-) create mode 100644 config/testdata/azure_client_id_missing.bad.yml create mode 100644 config/testdata/azure_client_secret_missing.bad.yml create mode 100644 config/testdata/azure_subscription_id_missing.bad.yml create mode 100644 config/testdata/azure_tenant_id_missing.bad.yml diff --git a/config/config_test.go b/config/config_test.go index 63ed95125..08a27d37e 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -751,6 +751,22 @@ var expectedErrors = []struct { filename: "section_key_dup.bad.yml", errMsg: "field scrape_configs already set in type config.plain", }, + { + filename: "azure_client_id_missing.bad.yml", + errMsg: "Azure SD configuration requires a client_id", + }, + { + filename: "azure_client_secret_missing.bad.yml", + errMsg: "Azure SD configuration requires a client_secret", + }, + { + filename: "azure_subscription_id_missing.bad.yml", + errMsg: "Azure SD configuration requires a subscription_id", + }, + { + filename: "azure_tenant_id_missing.bad.yml", + errMsg: "Azure SD configuration requires a tenant_id", + }, } func TestBadConfigs(t *testing.T) { diff --git a/config/testdata/azure_client_id_missing.bad.yml b/config/testdata/azure_client_id_missing.bad.yml new file mode 100644 index 000000000..f8da2ff9c --- /dev/null +++ b/config/testdata/azure_client_id_missing.bad.yml @@ -0,0 +1,7 @@ +scrape_configs: + - job_name: azure + azure_sd_configs: + - subscription_id: 11AAAA11-A11A-111A-A111-1111A1111A11 + tenant_id: BBBB222B-B2B2-2B22-B222-2BB2222BB2B2 + client_id: + client_secret: mysecret \ No newline at end of file diff --git a/config/testdata/azure_client_secret_missing.bad.yml b/config/testdata/azure_client_secret_missing.bad.yml new file mode 100644 index 000000000..1295c8ad5 --- /dev/null +++ b/config/testdata/azure_client_secret_missing.bad.yml @@ -0,0 +1,7 @@ +scrape_configs: + - job_name: azure + azure_sd_configs: + - subscription_id: 11AAAA11-A11A-111A-A111-1111A1111A11 + tenant_id: BBBB222B-B2B2-2B22-B222-2BB2222BB2B2 + client_id: 333333CC-3C33-3333-CCC3-33C3CCCCC33C + client_secret: \ No newline at end of file diff --git a/config/testdata/azure_subscription_id_missing.bad.yml b/config/testdata/azure_subscription_id_missing.bad.yml new file mode 100644 index 000000000..997613882 --- /dev/null +++ b/config/testdata/azure_subscription_id_missing.bad.yml @@ -0,0 +1,7 @@ +scrape_configs: + - job_name: azure + azure_sd_configs: + - subscription_id: + tenant_id: BBBB222B-B2B2-2B22-B222-2BB2222BB2B2 + client_id: 333333CC-3C33-3333-CCC3-33C3CCCCC33C + client_secret: mysecret \ No newline at end of file diff --git a/config/testdata/azure_tenant_id_missing.bad.yml b/config/testdata/azure_tenant_id_missing.bad.yml new file mode 100644 index 000000000..ac714d9b5 --- /dev/null +++ b/config/testdata/azure_tenant_id_missing.bad.yml @@ -0,0 +1,7 @@ +scrape_configs: + - job_name: azure + azure_sd_configs: + - subscription_id: 11AAAA11-A11A-111A-A111-1111A1111A11 + tenant_id: + client_id: 333333CC-3C33-3333-CCC3-33C3CCCCC33C + client_secret: mysecret \ No newline at end of file diff --git a/discovery/azure/azure.go b/discovery/azure/azure.go index 6a553af96..7c999382e 100644 --- a/discovery/azure/azure.go +++ b/discovery/azure/azure.go @@ -80,6 +80,13 @@ type SDConfig struct { RefreshInterval model.Duration `yaml:"refresh_interval,omitempty"` } +func validateAuthParam(param, name string) error { + if len(param) == 0 { + return fmt.Errorf("Azure SD configuration requires a %s", name) + } + return nil +} + // UnmarshalYAML implements the yaml.Unmarshaler interface. func (c *SDConfig) UnmarshalYAML(unmarshal func(interface{}) error) error { *c = DefaultSDConfig @@ -88,8 +95,17 @@ func (c *SDConfig) UnmarshalYAML(unmarshal func(interface{}) error) error { if err != nil { return err } - if c.SubscriptionID == "" { - return fmt.Errorf("Azure SD configuration requires a subscription_id") + if err = validateAuthParam(c.SubscriptionID, "subscription_id"); err != nil { + return err + } + if err = validateAuthParam(c.TenantID, "tenant_id"); err != nil { + return err + } + if err = validateAuthParam(c.ClientID, "client_id"); err != nil { + return err + } + if err = validateAuthParam(string(c.ClientSecret), "client_secret"); err != nil { + return err } return nil }