diff --git a/.changeset/nine-ways-applaud.md b/.changeset/nine-ways-applaud.md new file mode 100644 index 00000000..a5676efa --- /dev/null +++ b/.changeset/nine-ways-applaud.md @@ -0,0 +1,5 @@ +--- +"@hyperdx/otel-collector": patch +--- + +feat: add OTLP auth token support for standalone mode diff --git a/docker/otel-collector/Dockerfile b/docker/otel-collector/Dockerfile index f4e71f69..3c135938 100644 --- a/docker/otel-collector/Dockerfile +++ b/docker/otel-collector/Dockerfile @@ -43,6 +43,7 @@ LABEL org.opencontainers.image.vendor="HyperDX" \ COPY --chown=10001:10001 ./config.yaml /etc/otelcol-contrib/config.yaml COPY --chown=10001:10001 ./config.standalone.yaml /etc/otelcol-contrib/standalone-config.yaml +COPY --chown=10001:10001 ./config.standalone.auth.yaml /etc/otelcol-contrib/standalone-auth-config.yaml COPY --chown=10001:10001 ./supervisor_docker.yaml.tmpl /etc/otel/supervisor.yaml.tmpl COPY --chown=10001:10001 ./schema /etc/otel/schema @@ -61,6 +62,7 @@ LABEL org.opencontainers.image.vendor="HyperDX" \ COPY --chown=10001:10001 ./config.yaml /etc/otelcol-contrib/config.yaml COPY --chown=10001:10001 ./config.standalone.yaml /etc/otelcol-contrib/standalone-config.yaml +COPY --chown=10001:10001 ./config.standalone.auth.yaml /etc/otelcol-contrib/standalone-auth-config.yaml COPY --chown=10001:10001 ./supervisor_docker.yaml.tmpl /etc/otel/supervisor.yaml.tmpl COPY --chown=10001:10001 ./schema /etc/otel/schema diff --git a/docker/otel-collector/config.standalone.auth.yaml b/docker/otel-collector/config.standalone.auth.yaml new file mode 100644 index 00000000..32eece30 --- /dev/null +++ b/docker/otel-collector/config.standalone.auth.yaml @@ -0,0 +1,21 @@ +# This configuration enables bearer token authentication for the OTLP receiver +# Only included when OTLP_AUTH_TOKEN environment variable is set + +extensions: + bearertokenauth/hyperdx: + scheme: "" + tokens: + - ${env:OTLP_AUTH_TOKEN} + +receivers: + otlp/hyperdx: + protocols: + grpc: + auth: + authenticator: bearertokenauth/hyperdx + http: + auth: + authenticator: bearertokenauth/hyperdx + +service: + extensions: [health_check, bearertokenauth/hyperdx] diff --git a/docker/otel-collector/entrypoint.sh b/docker/otel-collector/entrypoint.sh index 53b654ce..6e96546e 100644 --- a/docker/otel-collector/entrypoint.sh +++ b/docker/otel-collector/entrypoint.sh @@ -105,6 +105,12 @@ if [ -z "$OPAMP_SERVER_URL" ]; then # Build collector arguments with multiple config files COLLECTOR_ARGS="--config /etc/otelcol-contrib/config.yaml --config /etc/otelcol-contrib/standalone-config.yaml" + # Add bearer token auth config if OTLP_AUTH_TOKEN is specified (only used in standalone mode) + if [ -n "$OTLP_AUTH_TOKEN" ]; then + echo "OTLP_AUTH_TOKEN is configured, enabling bearer token authentication" + COLLECTOR_ARGS="$COLLECTOR_ARGS --config /etc/otelcol-contrib/standalone-auth-config.yaml" + fi + # Add custom config file if specified if [ -n "$CUSTOM_OTELCOL_CONFIG_FILE" ]; then echo "Including custom config: $CUSTOM_OTELCOL_CONFIG_FILE"