Add Bearer Token Authentication to Instrumentation Exporter #3390
Labels
area:auto-instrumentation
Issues for auto-instrumentation
enhancement
New feature or request
needs triage
Comments
|
The SDK only supports I think the following setup might work: apiVersion: opentelemetry.io/v1alpha1
kind: Instrumentation
metadata:
name: instrumentation
spec:
exporter:
endpoint: http://my-collector:4317
env:
- name: TOKEN
valueFrom:
secretKeyRef:
name: my-secret
key: token
- name: OTEL_EXPORTER_OTLP_HEADERS
value: Authorization=Bearer $(TOKEN) |
|
Okey, it means the secret must be in the same namespace as the instrumented applications, because if it is in another namespace the pod could'n find it. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Component(s)
auto-instrumentation
Is your feature request related to a problem? Please describe.
I have an open telemetry collector which has bearertokenauth for receivers, I need that in the Instrumentation I can configurate the bearertokenauth for the exporter (preferably reading it from a secret) in order to send the appropiate OTEL_EXPORTER_OTLP_HEADERS=Authorization=Bearer ${OTEL_COLLECTOR_TOKEN} when an application is instrumented.
Describe the solution you'd like
I'd like to have something like this in the CRD:
apiVersion: opentelemetry.io/v1alpha1
kind: Instrumentation
metadata:
name: instrumentation
spec:
exporter:
endpoint: http://${OTEL_COLLECTOR_ENDPOINT}:4317
auth:
bearertokenauth:
token: ${OTEL_COLLECTOR_TOKEN}
And also that the token can be read from a secret that will not be mounted in the pod since the secret is only in the instrumentation namespace.
Describe alternatives you've considered
Only read the token from a secret to use it to authentication, not mount it since it can cause problems for the namespace.
Additional context
No response
The text was updated successfully, but these errors were encountered: