@@ -22,8 +22,10 @@ import (
2222 "fmt"
2323 "net/http"
2424
25+ "github.com/elastic/elastic-agent-libs/config"
2526 "github.com/elastic/elastic-agent-libs/logp"
26- "github.com/elastic/elastic-agent-libs/transport/tlscommon"
27+ "github.com/elastic/elastic-agent-libs/transport/httpcommon"
28+ "go.elastic.co/apm/module/apmelasticsearch/v2"
2729 "go.opentelemetry.io/collector/component"
2830 "go.opentelemetry.io/collector/extension"
2931 "go.opentelemetry.io/collector/extension/extensionauth"
@@ -35,32 +37,37 @@ var _ extensionauth.GRPCClient = (*authenticator)(nil)
3537var _ extension.Extension = (* authenticator )(nil )
3638
3739type authenticator struct {
38- cfg * Config
39- telemetry component. TelemetrySettings
40- tlsConfig * tlscommon. TLSConfig // set by Start
41- logger * logp. Logger
40+ telemetry component. TelemetrySettings
41+ httpSettings httpcommon. HTTPTransportSettings
42+ logger * logp. Logger
43+ client * http. Client
4244}
4345
4446func newAuthenticator (cfg * Config , telemetry component.TelemetrySettings ) (* authenticator , error ) {
4547 logger , err := logp .NewZapLogger (telemetry .Logger )
4648 if err != nil {
4749 return nil , err
4850 }
49- return & authenticator {cfg : cfg , telemetry : telemetry , logger : logger }, nil
51+
52+ parsedCfg , err := config .NewConfigFrom (cfg .BeatAuthconfig )
53+ if err != nil {
54+ return nil , fmt .Errorf ("failed creating config: %w" , err )
55+ }
56+
57+ beatAuthConfig := httpcommon.HTTPTransportSettings {}
58+ err = parsedCfg .Unpack (& beatAuthConfig )
59+ if err != nil {
60+ return nil , fmt .Errorf ("failed unpacking config: %w" , err )
61+ }
62+
63+ return & authenticator {httpSettings : beatAuthConfig , telemetry : telemetry , logger : logger }, nil
5064}
5165
5266func (a * authenticator ) Start (ctx context.Context , host component.Host ) error {
53- if a .cfg .TLS != nil {
54-
55- tlsConfig , err := tlscommon .LoadTLSConfig (& tlscommon.Config {
56- VerificationMode : tlsVerificationModes [a .cfg .TLS .VerificationMode ],
57- CATrustedFingerprint : a .cfg .TLS .CATrustedFingerprint ,
58- CASha256 : a .cfg .TLS .CASha256 ,
59- }, a .logger )
60- if err != nil {
61- return err
62- }
63- a .tlsConfig = tlsConfig
67+ var err error
68+ a .client , err = a .httpSettings .Client (a .getHTTPOptions ()... )
69+ if err != nil {
70+ return fmt .Errorf ("could not create http client: %w" , err )
6471 }
6572 return nil
6673}
@@ -70,36 +77,22 @@ func (a *authenticator) Shutdown(ctx context.Context) error {
7077}
7178
7279func (a * authenticator ) RoundTripper (base http.RoundTripper ) (http.RoundTripper , error ) {
73- // At the time of writing, client.Transport is guaranteed to always have type *http.Transport.
74- // If this assumption is ever broken, we would need to create and use our own transport, and
75- // ignore the one passed in.
76- httpTransport , ok := base .(* http.Transport )
77- if ! ok {
78- return nil , fmt .Errorf ("http.Roundripper is not of type *http.Transport" )
79- }
80- if err := a .configureTransport (httpTransport ); err != nil {
81- return nil , err
82- }
83- return httpTransport , nil
80+ return a .client .Transport , nil
8481}
8582
86- func (a * authenticator ) configureTransport (transport * http.Transport ) error {
87-
88- if a .tlsConfig != nil {
89-
90- // copy incoming CertPool into our tls config
91- // because ca_trusted_fingerprint will be appended to CertPool
92- tlsConfig := * a .tlsConfig // copy before updating, configureTransport may be called concurrently
93- tlsConfig .RootCAs = transport .TLSClientConfig .RootCAs
94-
95- beatTLSConfig := tlsConfig .BuildModuleClientConfig (transport .TLSClientConfig .ServerName )
96-
97- transport .TLSClientConfig .VerifyConnection = beatTLSConfig .VerifyConnection
98- transport .TLSClientConfig .InsecureSkipVerify = beatTLSConfig .InsecureSkipVerify
99-
83+ // getHTTPOptions returns a list of http transport options
84+ // these options are derived from beats codebase Ref: https://github.com/elastic/beats/blob/4dfef8b/libbeat/esleg/eslegclient/connection.go#L163-L171
85+ // httpcommon.WithIOStats(s.Observer) is omitted as we do not have access to observer here
86+ // httpcommon.WithHeaderRoundTripper with user-agent is also omitted as we continue to use ES exporter's user-agent
87+ func (a * authenticator ) getHTTPOptions () []httpcommon.TransportOption {
88+ return []httpcommon.TransportOption {
89+ httpcommon .WithLogger (a .logger ),
90+ httpcommon.WithKeepaliveSettings {IdleConnTimeout : a .httpSettings .IdleConnTimeout },
91+ httpcommon .WithModRoundtripper (func (rt http.RoundTripper ) http.RoundTripper {
92+ return apmelasticsearch .WrapRoundTripper (rt )
93+ }),
10094 }
10195
102- return nil
10396}
10497
10598func (a * authenticator ) PerRPCCredentials () (credentials.PerRPCCredentials , error ) {
0 commit comments