diff --git a/extensions/opentelemetry/deployment/src/main/java/io/quarkus/opentelemetry/deployment/exporter/otlp/OtlpExporterProcessor.java b/extensions/opentelemetry/deployment/src/main/java/io/quarkus/opentelemetry/deployment/exporter/otlp/OtlpExporterProcessor.java
index b73a77d3ac387..4365478d1183c 100644
--- a/extensions/opentelemetry/deployment/src/main/java/io/quarkus/opentelemetry/deployment/exporter/otlp/OtlpExporterProcessor.java
+++ b/extensions/opentelemetry/deployment/src/main/java/io/quarkus/opentelemetry/deployment/exporter/otlp/OtlpExporterProcessor.java
@@ -24,6 +24,7 @@
import io.quarkus.opentelemetry.runtime.config.runtime.exporter.OtlpExporterRuntimeConfig;
import io.quarkus.opentelemetry.runtime.exporter.otlp.LateBoundBatchSpanProcessor;
import io.quarkus.opentelemetry.runtime.exporter.otlp.OTelExporterRecorder;
+import io.quarkus.tls.TlsConfigurationRegistry;
import io.quarkus.tls.TlsRegistryBuildItem;
import io.quarkus.vertx.core.deployment.CoreVertxBuildItem;
@@ -64,6 +65,7 @@ void createBatchSpanProcessor(OTelExporterRecorder recorder,
.unremovable()
.addInjectionPoint(ParameterizedType.create(DotName.createSimple(Instance.class),
new Type[] { ClassType.create(DotName.createSimple(SpanExporter.class.getName())) }, null))
+ .addInjectionPoint(ClassType.create(DotName.createSimple(TlsConfigurationRegistry.class)))
.createWith(recorder.batchSpanProcessorForOtlp(otelRuntimeConfig, exporterRuntimeConfig,
vertxBuildItem.getVertx()))
.done());
diff --git a/extensions/opentelemetry/runtime/src/main/java/io/quarkus/opentelemetry/runtime/config/runtime/exporter/OtlpExporterTracesConfig.java b/extensions/opentelemetry/runtime/src/main/java/io/quarkus/opentelemetry/runtime/config/runtime/exporter/OtlpExporterTracesConfig.java
index 91a84e735ab07..e815230ac4fd2 100644
--- a/extensions/opentelemetry/runtime/src/main/java/io/quarkus/opentelemetry/runtime/config/runtime/exporter/OtlpExporterTracesConfig.java
+++ b/extensions/opentelemetry/runtime/src/main/java/io/quarkus/opentelemetry/runtime/config/runtime/exporter/OtlpExporterTracesConfig.java
@@ -74,6 +74,15 @@ public interface OtlpExporterTracesConfig {
@WithName("trust-cert")
TrustCert trustCert();
+ /**
+ * The name of the TLS configuration to use.
+ *
+ * If not set and the default TLS configuration is configured ({@code quarkus.tls.*}) then that will be used.
+ * If a name is configured, it uses the configuration from {@code quarkus.tls..*}
+ * If a name is configured, but no TLS configuration is found with that name then an error will be thrown.
+ */
+ Optional tlsConfigurationName();
+
/**
* Set proxy options
*/
diff --git a/extensions/opentelemetry/runtime/src/main/java/io/quarkus/opentelemetry/runtime/exporter/otlp/OTelExporterRecorder.java b/extensions/opentelemetry/runtime/src/main/java/io/quarkus/opentelemetry/runtime/exporter/otlp/OTelExporterRecorder.java
index 36f56a76cd4d9..4ba8a52a6e6b9 100644
--- a/extensions/opentelemetry/runtime/src/main/java/io/quarkus/opentelemetry/runtime/exporter/otlp/OTelExporterRecorder.java
+++ b/extensions/opentelemetry/runtime/src/main/java/io/quarkus/opentelemetry/runtime/exporter/otlp/OTelExporterRecorder.java
@@ -24,7 +24,6 @@
import io.opentelemetry.sdk.trace.export.BatchSpanProcessor;
import io.opentelemetry.sdk.trace.export.BatchSpanProcessorBuilder;
import io.opentelemetry.sdk.trace.export.SpanExporter;
-import io.quarkus.arc.Arc;
import io.quarkus.arc.SyntheticCreationalContext;
import io.quarkus.opentelemetry.runtime.config.runtime.OTelRuntimeConfig;
import io.quarkus.opentelemetry.runtime.config.runtime.exporter.CompressionType;
@@ -35,7 +34,6 @@
import io.quarkus.tls.TlsConfigurationRegistry;
import io.vertx.core.Vertx;
import io.vertx.core.http.HttpClientOptions;
-import io.vertx.core.net.KeyCertOptions;
import io.vertx.core.net.PemKeyCertOptions;
import io.vertx.core.net.PemTrustOptions;
import io.vertx.core.net.ProxyOptions;
@@ -63,7 +61,10 @@ public LateBoundBatchSpanProcessor apply(
}
try {
- var spanExporter = createSpanExporter(exporterRuntimeConfig, vertx.get(), baseUri);
+ TlsConfigurationRegistry tlsConfigurationRegistry = context
+ .getInjectedReference(TlsConfigurationRegistry.class);
+ var spanExporter = createSpanExporter(exporterRuntimeConfig, vertx.get(), baseUri,
+ tlsConfigurationRegistry);
BatchSpanProcessorBuilder processorBuilder = BatchSpanProcessor.builder(spanExporter);
@@ -80,7 +81,9 @@ public LateBoundBatchSpanProcessor apply(
}
private SpanExporter createSpanExporter(OtlpExporterRuntimeConfig exporterRuntimeConfig,
- Vertx vertx, final URI baseUri) {
+ Vertx vertx,
+ URI baseUri,
+ TlsConfigurationRegistry tlsConfigurationRegistry) {
OtlpExporterTracesConfig tracesConfig = exporterRuntimeConfig.traces();
if (tracesConfig.protocol().isEmpty()) {
throw new IllegalStateException("No OTLP protocol specified. " +
@@ -89,9 +92,9 @@ private SpanExporter createSpanExporter(OtlpExporterRuntimeConfig exporterRuntim
String protocol = tracesConfig.protocol().get();
if (GRPC.equals(protocol)) {
- return createOtlpGrpcSpanExporter(exporterRuntimeConfig, vertx, baseUri);
+ return createOtlpGrpcSpanExporter(exporterRuntimeConfig, vertx, baseUri, tlsConfigurationRegistry);
} else if (HTTP_PROTOBUF.equals(protocol)) {
- return createHttpSpanExporter(exporterRuntimeConfig, vertx, baseUri, protocol);
+ return createHttpSpanExporter(exporterRuntimeConfig, vertx, baseUri, protocol, tlsConfigurationRegistry);
}
throw new IllegalArgumentException(String.format("Unsupported OTLP protocol %s specified. " +
@@ -99,7 +102,8 @@ private SpanExporter createSpanExporter(OtlpExporterRuntimeConfig exporterRuntim
}
private SpanExporter createOtlpGrpcSpanExporter(OtlpExporterRuntimeConfig exporterRuntimeConfig,
- Vertx vertx, final URI baseUri) {
+ Vertx vertx, final URI baseUri,
+ TlsConfigurationRegistry tlsConfigurationRegistry) {
OtlpExporterTracesConfig tracesConfig = exporterRuntimeConfig.traces();
@@ -111,13 +115,14 @@ private SpanExporter createOtlpGrpcSpanExporter(OtlpExporterRuntimeConfig export
determineCompression(tracesConfig),
tracesConfig.timeout(),
populateTracingExportHttpHeaders(tracesConfig),
- new HttpClientOptionsConsumer(tracesConfig, baseUri),
+ new HttpClientOptionsConsumer(tracesConfig, baseUri, tlsConfigurationRegistry),
vertx);
}
private SpanExporter createHttpSpanExporter(OtlpExporterRuntimeConfig exporterRuntimeConfig, Vertx vertx,
- URI baseUri, String protocol) {
+ URI baseUri, String protocol,
+ TlsConfigurationRegistry tlsConfigurationRegistry) {
OtlpExporterTracesConfig tracesConfig = exporterRuntimeConfig.traces();
@@ -132,7 +137,7 @@ private SpanExporter createHttpSpanExporter(OtlpExporterRuntimeConfig exporterRu
tracesConfig.timeout(),
populateTracingExportHttpHeaders(tracesConfig),
exportAsJson ? "application/json" : "application/x-protobuf",
- new HttpClientOptionsConsumer(tracesConfig, baseUri),
+ new HttpClientOptionsConsumer(tracesConfig, baseUri, tlsConfigurationRegistry),
vertx),
MeterProvider::noop,
exportAsJson));
@@ -193,10 +198,15 @@ private static boolean excludeDefaultEndpoint(String endpoint) {
static class HttpClientOptionsConsumer implements Consumer {
private final OtlpExporterTracesConfig tracesConfig;
private final URI baseUri;
+ private final Optional maybeTlsConfiguration;
+ private final TlsConfigurationRegistry tlsConfigurationRegistry;
- public HttpClientOptionsConsumer(OtlpExporterTracesConfig tracesConfig, URI baseUri) {
+ public HttpClientOptionsConsumer(OtlpExporterTracesConfig tracesConfig, URI baseUri,
+ TlsConfigurationRegistry tlsConfigurationRegistry) {
this.tracesConfig = tracesConfig;
this.baseUri = baseUri;
+ this.maybeTlsConfiguration = TlsConfiguration.from(tlsConfigurationRegistry, tracesConfig.tlsConfigurationName());
+ this.tlsConfigurationRegistry = tlsConfigurationRegistry;
}
@Override
@@ -208,24 +218,22 @@ public void accept(HttpClientOptions options) {
}
private void configureTLS(HttpClientOptions options) {
- // TODO: this can reuse existing stuff when /~https://github.com/quarkusio/quarkus/pull/33228 is in
- options.setKeyCertOptions(toPemKeyCertOptions());
- options.setPemTrustOptions(toPemTrustOptions());
+ configureKeyCertOptions(options);
+ configureTrustOptions(options);
if (OTelExporterUtil.isHttps(baseUri)) {
options.setSsl(true);
options.setUseAlpn(true);
}
- boolean globalTrustAll = false;
- if (Arc.container() != null) {
- TlsConfigurationRegistry registry = Arc.container().select(TlsConfigurationRegistry.class).orNull();
- if (registry != null) {
- globalTrustAll = registry.getDefault().map(TlsConfiguration::isTrustAll).orElse(false);
- }
- }
-
- if (globalTrustAll) {
+ boolean trustAll = maybeTlsConfiguration.map(TlsConfiguration::isTrustAll).orElseGet(
+ new Supplier<>() {
+ @Override
+ public Boolean get() {
+ return tlsConfigurationRegistry.getDefault().map(TlsConfiguration::isTrustAll).orElse(false);
+ }
+ });
+ if (trustAll) {
options.setTrustAll(true);
options.setVerifyHost(false);
}
@@ -279,10 +287,15 @@ private void configureProxyOptionsFromJDKSysProps(HttpClientOptions options) {
}
}
- private KeyCertOptions toPemKeyCertOptions() {
+ private void configureKeyCertOptions(HttpClientOptions options) {
+ if (maybeTlsConfiguration.isPresent()) {
+ options.setKeyCertOptions(maybeTlsConfiguration.get().getKeyStoreOptions());
+ return;
+ }
+
OtlpExporterTracesConfig.KeyCert keyCert = tracesConfig.keyCert();
if (keyCert.certs().isEmpty() && keyCert.keys().isEmpty()) {
- return null;
+ return;
}
PemKeyCertOptions pemKeyCertOptions = new PemKeyCertOptions();
@@ -296,10 +309,15 @@ private KeyCertOptions toPemKeyCertOptions() {
pemKeyCertOptions.addKeyPath(cert);
}
}
- return pemKeyCertOptions;
+ options.setKeyCertOptions(pemKeyCertOptions);
}
- private PemTrustOptions toPemTrustOptions() {
+ private void configureTrustOptions(HttpClientOptions options) {
+ if (maybeTlsConfiguration.isPresent()) {
+ options.setTrustOptions(maybeTlsConfiguration.get().getTrustStoreOptions());
+ return;
+ }
+
OtlpExporterTracesConfig.TrustCert trustCert = tracesConfig.trustCert();
if (trustCert.certs().isPresent()) {
List certs = trustCert.certs().get();
@@ -308,10 +326,9 @@ private PemTrustOptions toPemTrustOptions() {
for (String cert : trustCert.certs().get()) {
pemTrustOptions.addCertPath(cert);
}
- return pemTrustOptions;
+ options.setPemTrustOptions(pemTrustOptions);
}
}
- return null;
}
}
}
diff --git a/extensions/opentelemetry/runtime/src/test/java/io/quarkus/opentelemetry/runtime/exporter/otlp/HttpClientOptionsConsumerTest.java b/extensions/opentelemetry/runtime/src/test/java/io/quarkus/opentelemetry/runtime/exporter/otlp/HttpClientOptionsConsumerTest.java
index be2057f2e97e4..16b7a6c815499 100644
--- a/extensions/opentelemetry/runtime/src/test/java/io/quarkus/opentelemetry/runtime/exporter/otlp/HttpClientOptionsConsumerTest.java
+++ b/extensions/opentelemetry/runtime/src/test/java/io/quarkus/opentelemetry/runtime/exporter/otlp/HttpClientOptionsConsumerTest.java
@@ -15,6 +15,8 @@
import io.quarkus.opentelemetry.runtime.config.runtime.exporter.CompressionType;
import io.quarkus.opentelemetry.runtime.config.runtime.exporter.OtlpExporterTracesConfig;
+import io.quarkus.tls.TlsConfiguration;
+import io.quarkus.tls.TlsConfigurationRegistry;
import io.vertx.core.http.HttpClientOptions;
class HttpClientOptionsConsumerTest {
@@ -23,7 +25,8 @@ class HttpClientOptionsConsumerTest {
void testNoProxy() {
OTelExporterRecorder.HttpClientOptionsConsumer consumer = new OTelExporterRecorder.HttpClientOptionsConsumer(
createExporterConfig(false),
- URI.create("http://localhost:4317"));
+ URI.create("http://localhost:4317"),
+ new NoopTlsConfigurationRegistry());
HttpClientOptions httpClientOptions = new HttpClientOptions();
consumer.accept(httpClientOptions);
@@ -34,7 +37,8 @@ void testNoProxy() {
void testWithProxy() {
OTelExporterRecorder.HttpClientOptionsConsumer consumer = new OTelExporterRecorder.HttpClientOptionsConsumer(
createExporterConfig(true),
- URI.create("http://localhost:4317"));
+ URI.create("http://localhost:4317"),
+ new NoopTlsConfigurationRegistry());
HttpClientOptions httpClientOptions = new HttpClientOptions();
consumer.accept(httpClientOptions);
@@ -102,6 +106,11 @@ public Optional> certs() {
};
}
+ @Override
+ public Optional tlsConfigurationName() {
+ return Optional.empty();
+ }
+
@Override
public ProxyConfig proxyOptions() {
return new ProxyConfig() {
@@ -133,4 +142,21 @@ public Optional host() {
}
};
}
+
+ private static class NoopTlsConfigurationRegistry implements TlsConfigurationRegistry {
+ @Override
+ public Optional get(String name) {
+ return Optional.empty();
+ }
+
+ @Override
+ public Optional getDefault() {
+ return Optional.empty();
+ }
+
+ @Override
+ public void register(String name, TlsConfiguration configuration) {
+
+ }
+ }
}
diff --git a/extensions/opentelemetry/runtime/src/test/java/io/quarkus/opentelemetry/runtime/exporter/otlp/OtlpExporterProviderTest.java b/extensions/opentelemetry/runtime/src/test/java/io/quarkus/opentelemetry/runtime/exporter/otlp/OtlpExporterProviderTest.java
index f666ca71b1911..b3391b3aa932e 100644
--- a/extensions/opentelemetry/runtime/src/test/java/io/quarkus/opentelemetry/runtime/exporter/otlp/OtlpExporterProviderTest.java
+++ b/extensions/opentelemetry/runtime/src/test/java/io/quarkus/opentelemetry/runtime/exporter/otlp/OtlpExporterProviderTest.java
@@ -136,6 +136,11 @@ public Optional> certs() {
};
}
+ @Override
+ public Optional tlsConfigurationName() {
+ return Optional.empty();
+ }
+
@Override
public ProxyConfig proxyOptions() {
return new ProxyConfig() {
diff --git a/extensions/tls-registry/runtime/src/main/java/io/quarkus/tls/TlsConfiguration.java b/extensions/tls-registry/runtime/src/main/java/io/quarkus/tls/TlsConfiguration.java
index 01daca0c6fb46..2046ec9d8caad 100644
--- a/extensions/tls-registry/runtime/src/main/java/io/quarkus/tls/TlsConfiguration.java
+++ b/extensions/tls-registry/runtime/src/main/java/io/quarkus/tls/TlsConfiguration.java
@@ -15,6 +15,17 @@
*/
public interface TlsConfiguration {
+ static Optional from(TlsConfigurationRegistry registry, Optional name) {
+ if (name.isPresent()) {
+ Optional maybeConfiguration = registry.get(name.get());
+ if (maybeConfiguration.isEmpty()) {
+ throw new IllegalStateException("Unable to find the TLS configuration for name " + name + ".");
+ }
+ return maybeConfiguration;
+ }
+ return Optional.empty();
+ }
+
/**
* Returns the key store.
*
diff --git a/integration-tests/opentelemetry-vertx-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/exporter/OtelCollectorLifecycleManager.java b/integration-tests/opentelemetry-vertx-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/exporter/OtelCollectorLifecycleManager.java
index 51b2900a7a428..1c2df7c6a0df1 100644
--- a/integration-tests/opentelemetry-vertx-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/exporter/OtelCollectorLifecycleManager.java
+++ b/integration-tests/opentelemetry-vertx-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/exporter/OtelCollectorLifecycleManager.java
@@ -50,6 +50,7 @@ public class OtelCollectorLifecycleManager implements QuarkusTestResourceLifecyc
private boolean enableTLS = false;
private boolean preventTrustCert = false;
private boolean enableCompression = false;
+ private String tlsRegistryName = null;
private Vertx vertx;
private HttpServer server;
@@ -77,6 +78,10 @@ public void init(Map initArgs) {
if (initArgs.containsKey("protocol")) {
protocol = initArgs.get("protocol");
}
+
+ if (initArgs.containsKey("tlsRegistryName")) {
+ tlsRegistryName = initArgs.get("tlsRegistryName");
+ }
}
@Override
@@ -130,11 +135,21 @@ public Map start() {
if (enableTLS) {
result.put("quarkus.otel.exporter.otlp.traces.endpoint",
"https://" + collector.getHost() + ":" + collector.getMappedPort(secureEndpointPort));
- if (!preventTrustCert) {
- result.put("quarkus.otel.exporter.otlp.traces.trust-cert.certs", serverTls.certificatePath());
+ if (tlsRegistryName != null) {
+ result.put("quarkus.otel.exporter.otlp.traces.tls-configuration-name", tlsRegistryName);
+ if (!preventTrustCert) {
+ result.put(String.format("quarkus.tls.%s.trust-store.pem.certs", tlsRegistryName),
+ serverTls.certificatePath());
+ }
+ result.put(String.format("quarkus.tls.%s.key-store.pem.0.cert", tlsRegistryName), clientTlS.certificatePath());
+ result.put(String.format("quarkus.tls.%s.key-store.pem.0.key", tlsRegistryName), clientTlS.privateKeyPath());
+ } else {
+ if (!preventTrustCert) {
+ result.put("quarkus.otel.exporter.otlp.traces.trust-cert.certs", serverTls.certificatePath());
+ }
+ result.put("quarkus.otel.exporter.otlp.traces.key-cert.certs", clientTlS.certificatePath());
+ result.put("quarkus.otel.exporter.otlp.traces.key-cert.keys", clientTlS.privateKeyPath());
}
- result.put("quarkus.otel.exporter.otlp.traces.key-cert.certs", clientTlS.certificatePath());
- result.put("quarkus.otel.exporter.otlp.traces.key-cert.keys", clientTlS.privateKeyPath());
} else {
result.put("quarkus.otel.exporter.otlp.traces.endpoint",
"http://" + collector.getHost() + ":" + collector.getMappedPort(inSecureEndpointPort));
diff --git a/integration-tests/opentelemetry-vertx-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/exporter/http/HttpWithTLSWithCompressionUsingRegistryTest.java b/integration-tests/opentelemetry-vertx-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/exporter/http/HttpWithTLSWithCompressionUsingRegistryTest.java
new file mode 100644
index 0000000000000..e00d9ca008237
--- /dev/null
+++ b/integration-tests/opentelemetry-vertx-exporter/src/test/java/io/quarkus/it/opentelemetry/vertx/exporter/http/HttpWithTLSWithCompressionUsingRegistryTest.java
@@ -0,0 +1,18 @@
+package io.quarkus.it.opentelemetry.vertx.exporter.http;
+
+import io.quarkus.it.opentelemetry.vertx.exporter.AbstractExporterTest;
+import io.quarkus.it.opentelemetry.vertx.exporter.OtelCollectorLifecycleManager;
+import io.quarkus.test.common.QuarkusTestResource;
+import io.quarkus.test.common.ResourceArg;
+import io.quarkus.test.junit.QuarkusTest;
+
+@QuarkusTest
+@QuarkusTestResource(value = OtelCollectorLifecycleManager.class, initArgs = {
+ @ResourceArg(name = "enableTLS", value = "true"),
+ @ResourceArg(name = "enableCompression", value = "true"),
+ @ResourceArg(name = "protocol", value = "http/protobuf"),
+ @ResourceArg(name = "tlsRegistryName", value = "otel")
+}, restrictToAnnotatedClass = true)
+public class HttpWithTLSWithCompressionUsingRegistryTest extends AbstractExporterTest {
+
+}