-
Notifications
You must be signed in to change notification settings - Fork 69
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add OpAMP connection settings capability to the example #174
Add OpAMP connection settings capability to the example #174
Conversation
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## main #174 +/- ##
==========================================
- Coverage 76.11% 75.61% -0.51%
==========================================
Files 24 24
Lines 1834 1923 +89
==========================================
+ Hits 1396 1454 +58
- Misses 326 352 +26
- Partials 112 117 +5
☔ View full report in Codecov by Sentry. |
54300ea
to
f63265c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@srikanthccv thanks for reviewing.
This change demonstrates OpAMP Connection Setting Offer Flow from OpAMP spec (see https://github.com/open-telemetry/opamp-spec/blob/main/specification.md#opamp-connection-setting-offer-flow) - The example agent and server now use TLS for OpAMP connection. - The server's certificate is signed by a CA authority. The CA authority's certificate is self-generated (can be re-generated using examples/certs/generate.sh). - The server may generate and offer a client-side certificate to the agent. The generated certificate is signed by the same CA. - The client can accept the certificate and use it for future connections. - Server UI now allows the user to generate a certificate to offer to the agent (for the first time or to rotate). The flows are described in the OpAMP spec, see https://github.com/open-telemetry/opamp-spec/blob/main/specification.md#trust-on-first-use WARNING: all included certificate files are examples only and MUST NOT be used in production. How to test: 1. Run the server. 2. Run the agent. 3. Go to http://localhost:4321/ 4. Find the connected agent in the list and click it 5. Scroll down and click "Accept and Offer Client Certificate" button.
f63265c
to
c45862c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for addressing comments
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me.
@andykellr OK to merge this or you would like to review? |
open-telemetry#174 enabled TLS on the server and non-TLS connections are no longer accepted. This PR updates the Supervisor to use TLS connection (with InsecureSkipVerify=true flag).
#174 enabled TLS on the server and non-TLS connections are no longer accepted. This PR updates the Supervisor to use TLS connection (with InsecureSkipVerify=true flag).
This change demonstrates OpAMP Connection Setting Offer Flow from OpAMP spec (see https://github.com/open-telemetry/opamp-spec/blob/main/specification.md#opamp-connection-setting-offer-flow)
WARNING: all included certificate files are examples only and MUST NOT
be used in production.
How to test: