diff --git a/.changeset/empty-bees-fly.md b/.changeset/empty-bees-fly.md new file mode 100644 index 00000000000..55445ce2849 --- /dev/null +++ b/.changeset/empty-bees-fly.md @@ -0,0 +1,5 @@ +--- +"chainlink": patch +--- + +#updated chip-ingress client diff --git a/core/cmd/shell.go b/core/cmd/shell.go index 0284044a370..6b75cba28c7 100644 --- a/core/cmd/shell.go +++ b/core/cmd/shell.go @@ -113,7 +113,7 @@ func initGlobals(cfgProm config.Prometheus, cfgTracing config.Tracing, cfgTeleme AuthHeaders: beholderAuthHeaders, ChipIngressEmitterEnabled: cfgTelemetry.ChipIngressEndpoint() != "", ChipIngressEmitterGRPCEndpoint: cfgTelemetry.ChipIngressEndpoint(), - ChipIngressInsecureConnection: cfgTelemetry.InsecureConnection(), + ChipIngressInsecureConnection: cfgTelemetry.ChipIngressInsecureConnection(), LogStreamingEnabled: cfgTelemetry.LogStreamingEnabled(), } // note: due to the OTEL specification, all histogram buckets diff --git a/core/config/docs/core.toml b/core/config/docs/core.toml index cf3318829be..1b90af3122e 100644 --- a/core/config/docs/core.toml +++ b/core/config/docs/core.toml @@ -815,6 +815,9 @@ EmitterBatchProcessor = true # Default EmitterExportTimeout = '1s' # Default # ChipIngressEndpoint enables sending custom messages to CHIP Ingress. ChipIngressEndpoint = '' # Default +# ChipIngressInsecureConnection disables TLS when connecting to CHIP Ingress. +ChipIngressInsecureConnection = false # Default + # HeartbeatInterval is the interval at which a the application heartbeat is sent to telemetry backends. HeartbeatInterval = '1s' # Default # LogStreamingEnabled enables log streaming to the OTel log exporter diff --git a/core/config/telemetry_config.go b/core/config/telemetry_config.go index 517c93d760d..d25ca24931e 100644 --- a/core/config/telemetry_config.go +++ b/core/config/telemetry_config.go @@ -12,6 +12,7 @@ type Telemetry interface { EmitterBatchProcessor() bool EmitterExportTimeout() time.Duration ChipIngressEndpoint() string + ChipIngressInsecureConnection() bool HeartbeatInterval() time.Duration LogStreamingEnabled() bool } diff --git a/core/config/toml/types.go b/core/config/toml/types.go index ed3c2930735..662361b18e7 100644 --- a/core/config/toml/types.go +++ b/core/config/toml/types.go @@ -2269,17 +2269,18 @@ func (t *Tracing) ValidateConfig() (err error) { } type Telemetry struct { - Enabled *bool - CACertFile *string - Endpoint *string - InsecureConnection *bool - ResourceAttributes map[string]string `toml:",omitempty"` - TraceSampleRatio *float64 - EmitterBatchProcessor *bool - EmitterExportTimeout *commonconfig.Duration - ChipIngressEndpoint *string - HeartbeatInterval *commonconfig.Duration - LogStreamingEnabled *bool + Enabled *bool + CACertFile *string + Endpoint *string + InsecureConnection *bool + ResourceAttributes map[string]string `toml:",omitempty"` + TraceSampleRatio *float64 + EmitterBatchProcessor *bool + EmitterExportTimeout *commonconfig.Duration + ChipIngressEndpoint *string + ChipIngressInsecureConnection *bool + HeartbeatInterval *commonconfig.Duration + LogStreamingEnabled *bool } func (b *Telemetry) setFrom(f *Telemetry) { @@ -2310,6 +2311,9 @@ func (b *Telemetry) setFrom(f *Telemetry) { if v := f.ChipIngressEndpoint; v != nil { b.ChipIngressEndpoint = v } + if v := f.ChipIngressInsecureConnection; v != nil { + b.ChipIngressInsecureConnection = v + } if v := f.HeartbeatInterval; v != nil { b.HeartbeatInterval = v } diff --git a/core/scripts/cre/environment/configs/workflow-don.toml b/core/scripts/cre/environment/configs/workflow-don.toml index 8539baa3ede..295213d7d5a 100755 --- a/core/scripts/cre/environment/configs/workflow-don.toml +++ b/core/scripts/cre/environment/configs/workflow-don.toml @@ -76,6 +76,7 @@ Endpoint = 'host.docker.internal:4317' ChipIngressEndpoint = 'chip-ingress:50051' InsecureConnection = true + ChipIngressInsecureConnection = true TraceSampleRatio = 1 HeartbeatInterval = '30s' @@ -98,6 +99,7 @@ Enabled = true Endpoint = 'host.docker.internal:4317' ChipIngressEndpoint = 'chip-ingress:50051' + ChipIngressInsecureConnection = true InsecureConnection = true TraceSampleRatio = 1 HeartbeatInterval = '30s' @@ -121,6 +123,7 @@ Enabled = true Endpoint = 'host.docker.internal:4317' ChipIngressEndpoint = 'chip-ingress:50051' + ChipIngressInsecureConnection = true InsecureConnection = true TraceSampleRatio = 1 HeartbeatInterval = '30s' @@ -144,6 +147,7 @@ Enabled = true Endpoint = 'host.docker.internal:4317' ChipIngressEndpoint = 'chip-ingress:50051' + ChipIngressInsecureConnection = true InsecureConnection = true TraceSampleRatio = 1 HeartbeatInterval = '30s' @@ -167,6 +171,7 @@ Enabled = true Endpoint = 'host.docker.internal:4317' ChipIngressEndpoint = 'chip-ingress:50051' + ChipIngressInsecureConnection = true InsecureConnection = true TraceSampleRatio = 1 HeartbeatInterval = '30s' diff --git a/core/scripts/cre/environment/configs/workflow-gateway-capabilities-don.toml b/core/scripts/cre/environment/configs/workflow-gateway-capabilities-don.toml index fda0042fe9d..77786c218eb 100644 --- a/core/scripts/cre/environment/configs/workflow-gateway-capabilities-don.toml +++ b/core/scripts/cre/environment/configs/workflow-gateway-capabilities-don.toml @@ -72,6 +72,7 @@ Enabled = true Endpoint = 'host.docker.internal:4317' ChipIngressEndpoint = 'chip-ingress:50051' + ChipIngressInsecureConnection = true InsecureConnection = true TraceSampleRatio = 1 HeartbeatInterval = '30s' @@ -117,6 +118,7 @@ Enabled = true Endpoint = 'host.docker.internal:4317' ChipIngressEndpoint = 'chip-ingress:50051' + ChipIngressInsecureConnection = true InsecureConnection = true TraceSampleRatio = 1 HeartbeatInterval = '30s' @@ -160,6 +162,7 @@ Enabled = true Endpoint = 'host.docker.internal:4317' ChipIngressEndpoint = 'chip-ingress:50051' + ChipIngressInsecureConnection = true InsecureConnection = true TraceSampleRatio = 1 HeartbeatInterval = '30s' diff --git a/core/scripts/cre/environment/configs/workflow-gateway-don.toml b/core/scripts/cre/environment/configs/workflow-gateway-don.toml index 97b41333972..6d8e5388dcd 100644 --- a/core/scripts/cre/environment/configs/workflow-gateway-don.toml +++ b/core/scripts/cre/environment/configs/workflow-gateway-don.toml @@ -71,6 +71,7 @@ Enabled = true Endpoint = 'host.docker.internal:4317' ChipIngressEndpoint = 'chip-ingress:50051' + ChipIngressInsecureConnection = true InsecureConnection = true TraceSampleRatio = 1 HeartbeatInterval = '30s' @@ -114,6 +115,7 @@ Enabled = true Endpoint = 'host.docker.internal:4317' ChipIngressEndpoint = 'chip-ingress:50051' + ChipIngressInsecureConnection = true InsecureConnection = true TraceSampleRatio = 1 HeartbeatInterval = '30s' diff --git a/core/services/chainlink/config_telemetry.go b/core/services/chainlink/config_telemetry.go index 8a8f222f49d..66e5630a4d3 100644 --- a/core/services/chainlink/config_telemetry.go +++ b/core/services/chainlink/config_telemetry.go @@ -89,6 +89,13 @@ func (b *telemetryConfig) ChipIngressEndpoint() string { return *b.s.ChipIngressEndpoint } +func (b *telemetryConfig) ChipIngressInsecureConnection() bool { + if b.s.ChipIngressInsecureConnection == nil { + return false + } + return *b.s.ChipIngressInsecureConnection +} + func (b *telemetryConfig) HeartbeatInterval() time.Duration { if b.s.HeartbeatInterval == nil || b.s.HeartbeatInterval.Duration() <= 0 { return defaultHeartbeatInterval diff --git a/core/services/chainlink/config_telemetry_test.go b/core/services/chainlink/config_telemetry_test.go index fc817434c0d..c133c8821e8 100644 --- a/core/services/chainlink/config_telemetry_test.go +++ b/core/services/chainlink/config_telemetry_test.go @@ -199,6 +199,24 @@ func TestTelemetryConfig_ChipIngressEndpoint(t *testing.T) { } } +func TestTelemetryConfig_ChipIngressInsecureConnection(t *testing.T) { + tests := []struct { + name string + telemetry toml.Telemetry + expected bool + }{ + {"ChipIngressInsecureConnectionTrue", toml.Telemetry{ChipIngressInsecureConnection: ptr(true)}, true}, + {"ChipIngressInsecureConnectionFalse", toml.Telemetry{ChipIngressInsecureConnection: ptr(false)}, false}, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + tc := telemetryConfig{s: tt.telemetry} + assert.Equal(t, tt.expected, tc.ChipIngressInsecureConnection()) + }) + } +} + func ptrDuration(d time.Duration) *config.Duration { return config.MustNewDuration(d) } diff --git a/core/services/chainlink/config_test.go b/core/services/chainlink/config_test.go index 4f833f9689e..59f1b98a8a0 100644 --- a/core/services/chainlink/config_test.go +++ b/core/services/chainlink/config_test.go @@ -582,17 +582,18 @@ func TestConfig_Marshal(t *testing.T) { Release: ptr("v1.2.3"), } full.Telemetry = toml.Telemetry{ - Enabled: ptr(true), - CACertFile: ptr("cert-file"), - Endpoint: ptr("example.com/collector"), - InsecureConnection: ptr(true), - ResourceAttributes: map[string]string{"Baz": "test", "Foo": "bar"}, - TraceSampleRatio: ptr(0.01), - EmitterBatchProcessor: ptr(true), - EmitterExportTimeout: commoncfg.MustNewDuration(1 * time.Second), - ChipIngressEndpoint: ptr("example.com/chip-ingress"), - HeartbeatInterval: commoncfg.MustNewDuration(1 * time.Second), - LogStreamingEnabled: ptr(false), + Enabled: ptr(true), + CACertFile: ptr("cert-file"), + Endpoint: ptr("example.com/collector"), + InsecureConnection: ptr(true), + ResourceAttributes: map[string]string{"Baz": "test", "Foo": "bar"}, + TraceSampleRatio: ptr(0.01), + EmitterBatchProcessor: ptr(true), + EmitterExportTimeout: commoncfg.MustNewDuration(1 * time.Second), + ChipIngressEndpoint: ptr("example.com/chip-ingress"), + ChipIngressInsecureConnection: ptr(false), + HeartbeatInterval: commoncfg.MustNewDuration(1 * time.Second), + LogStreamingEnabled: ptr(false), } full.CRE = toml.CreConfig{ Streams: &toml.StreamsConfig{ diff --git a/core/services/chainlink/testdata/config-empty-effective.toml b/core/services/chainlink/testdata/config-empty-effective.toml index 573eab9980d..5291679c21b 100644 --- a/core/services/chainlink/testdata/config-empty-effective.toml +++ b/core/services/chainlink/testdata/config-empty-effective.toml @@ -335,6 +335,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/core/services/chainlink/testdata/config-full.toml b/core/services/chainlink/testdata/config-full.toml index c97374d98c3..55474b3121b 100644 --- a/core/services/chainlink/testdata/config-full.toml +++ b/core/services/chainlink/testdata/config-full.toml @@ -345,6 +345,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = 'example.com/chip-ingress' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/core/services/chainlink/testdata/config-multi-chain-effective.toml b/core/services/chainlink/testdata/config-multi-chain-effective.toml index 876a56367b7..d32aae5d0f0 100644 --- a/core/services/chainlink/testdata/config-multi-chain-effective.toml +++ b/core/services/chainlink/testdata/config-multi-chain-effective.toml @@ -335,6 +335,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/core/web/resolver/testdata/config-empty-effective.toml b/core/web/resolver/testdata/config-empty-effective.toml index 573eab9980d..5291679c21b 100644 --- a/core/web/resolver/testdata/config-empty-effective.toml +++ b/core/web/resolver/testdata/config-empty-effective.toml @@ -335,6 +335,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/core/web/resolver/testdata/config-full.toml b/core/web/resolver/testdata/config-full.toml index f817b7ed7b6..36dba53e7fc 100644 --- a/core/web/resolver/testdata/config-full.toml +++ b/core/web/resolver/testdata/config-full.toml @@ -345,6 +345,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = 'example.com/chip-ingress' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/core/web/resolver/testdata/config-multi-chain-effective.toml b/core/web/resolver/testdata/config-multi-chain-effective.toml index 3755bc373e0..0d327521c35 100644 --- a/core/web/resolver/testdata/config-multi-chain-effective.toml +++ b/core/web/resolver/testdata/config-multi-chain-effective.toml @@ -335,6 +335,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/docs/CONFIG.md b/docs/CONFIG.md index 08cb1e1edf8..f61ebe2930a 100644 --- a/docs/CONFIG.md +++ b/docs/CONFIG.md @@ -2228,6 +2228,7 @@ TraceSampleRatio = 0.01 # Default EmitterBatchProcessor = true # Default EmitterExportTimeout = '1s' # Default ChipIngressEndpoint = '' # Default +ChipIngressInsecureConnection = false # Default HeartbeatInterval = '1s' # Default LogStreamingEnabled = false # Default ``` @@ -2285,6 +2286,12 @@ ChipIngressEndpoint = '' # Default ``` ChipIngressEndpoint enables sending custom messages to CHIP Ingress. +### ChipIngressInsecureConnection +```toml +ChipIngressInsecureConnection = false # Default +``` +ChipIngressInsecureConnection disables TLS when connecting to CHIP Ingress. + ### HeartbeatInterval ```toml HeartbeatInterval = '1s' # Default diff --git a/plugins/loop_registry.go b/plugins/loop_registry.go index c28384f31cd..8ba0c8bad53 100644 --- a/plugins/loop_registry.go +++ b/plugins/loop_registry.go @@ -127,6 +127,7 @@ func (m *LoopRegistry) Register(id string) (*RegisteredLoop, error) { envCfg.TelemetryEmitterExportTimeout = m.cfgTelemetry.EmitterExportTimeout() envCfg.TelemetryAuthPubKeyHex = m.telemetryAuthPubKeyHex envCfg.ChipIngressEndpoint = m.cfgTelemetry.ChipIngressEndpoint() + envCfg.ChipIngressInsecureConnection = m.cfgTelemetry.ChipIngressInsecureConnection() envCfg.TelemetryLogStreamingEnabled = m.cfgTelemetry.LogStreamingEnabled() } m.lggr.Debugf("Registered loopp %q with port %d", id, envCfg.PrometheusPort) diff --git a/plugins/loop_registry_test.go b/plugins/loop_registry_test.go index 8cdbf7e64cd..63d34a1f346 100644 --- a/plugins/loop_registry_test.go +++ b/plugins/loop_registry_test.go @@ -66,6 +66,8 @@ func (m mockCfgTelemetry) EmitterExportTimeout() time.Duration { return 1 * time func (m mockCfgTelemetry) ChipIngressEndpoint() string { return "example.com/chip-ingress" } +func (m mockCfgTelemetry) ChipIngressInsecureConnection() bool { return false } + func (m mockCfgTelemetry) HeartbeatInterval() time.Duration { return 5 * time.Second } diff --git a/testdata/scripts/config/merge_raw_configs.txtar b/testdata/scripts/config/merge_raw_configs.txtar index 51627785418..f171a0272c7 100644 --- a/testdata/scripts/config/merge_raw_configs.txtar +++ b/testdata/scripts/config/merge_raw_configs.txtar @@ -482,6 +482,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/testdata/scripts/node/validate/default.txtar b/testdata/scripts/node/validate/default.txtar index 12346e77d03..0a14a4b32ab 100644 --- a/testdata/scripts/node/validate/default.txtar +++ b/testdata/scripts/node/validate/default.txtar @@ -347,6 +347,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/testdata/scripts/node/validate/defaults-override.txtar b/testdata/scripts/node/validate/defaults-override.txtar index a9195013017..c17cb9862d0 100644 --- a/testdata/scripts/node/validate/defaults-override.txtar +++ b/testdata/scripts/node/validate/defaults-override.txtar @@ -408,6 +408,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/testdata/scripts/node/validate/disk-based-logging-disabled.txtar b/testdata/scripts/node/validate/disk-based-logging-disabled.txtar index e3f7d794a82..e61c12a755b 100644 --- a/testdata/scripts/node/validate/disk-based-logging-disabled.txtar +++ b/testdata/scripts/node/validate/disk-based-logging-disabled.txtar @@ -391,6 +391,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/testdata/scripts/node/validate/disk-based-logging-no-dir.txtar b/testdata/scripts/node/validate/disk-based-logging-no-dir.txtar index ca1b833786d..892e9167f37 100644 --- a/testdata/scripts/node/validate/disk-based-logging-no-dir.txtar +++ b/testdata/scripts/node/validate/disk-based-logging-no-dir.txtar @@ -391,6 +391,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/testdata/scripts/node/validate/disk-based-logging.txtar b/testdata/scripts/node/validate/disk-based-logging.txtar index d215d1fd0b5..565cd18b9cb 100644 --- a/testdata/scripts/node/validate/disk-based-logging.txtar +++ b/testdata/scripts/node/validate/disk-based-logging.txtar @@ -391,6 +391,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/testdata/scripts/node/validate/fallback-override.txtar b/testdata/scripts/node/validate/fallback-override.txtar index 002ec723b33..1909e2160b9 100644 --- a/testdata/scripts/node/validate/fallback-override.txtar +++ b/testdata/scripts/node/validate/fallback-override.txtar @@ -489,6 +489,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/testdata/scripts/node/validate/invalid-ocr-p2p.txtar b/testdata/scripts/node/validate/invalid-ocr-p2p.txtar index fb0d0db4b82..e60c724e1be 100644 --- a/testdata/scripts/node/validate/invalid-ocr-p2p.txtar +++ b/testdata/scripts/node/validate/invalid-ocr-p2p.txtar @@ -376,6 +376,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/testdata/scripts/node/validate/invalid.txtar b/testdata/scripts/node/validate/invalid.txtar index aa7049b49cc..26c3380f750 100644 --- a/testdata/scripts/node/validate/invalid.txtar +++ b/testdata/scripts/node/validate/invalid.txtar @@ -387,6 +387,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/testdata/scripts/node/validate/valid.txtar b/testdata/scripts/node/validate/valid.txtar index d35b95d7b27..51dd3d6f23a 100644 --- a/testdata/scripts/node/validate/valid.txtar +++ b/testdata/scripts/node/validate/valid.txtar @@ -388,6 +388,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false diff --git a/testdata/scripts/node/validate/warnings.txtar b/testdata/scripts/node/validate/warnings.txtar index 23bfe49edd2..6dba083a6e7 100644 --- a/testdata/scripts/node/validate/warnings.txtar +++ b/testdata/scripts/node/validate/warnings.txtar @@ -370,6 +370,7 @@ TraceSampleRatio = 0.01 EmitterBatchProcessor = true EmitterExportTimeout = '1s' ChipIngressEndpoint = '' +ChipIngressInsecureConnection = false HeartbeatInterval = '1s' LogStreamingEnabled = false