fluent-logger 0.8.2 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +4 -20
  3. data/ChangeLog +4 -0
  4. data/README.md +43 -0
  5. data/lib/fluent/logger/fluent_logger.rb +39 -0
  6. data/lib/fluent/logger/version.rb +1 -1
  7. data/spec/fluent_logger_spec.rb +47 -0
  8. data/spec/support/dummy_fluentd.rb +18 -2
  9. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7be5ae39c39ebb27bdeeaa66b1d103cb6e7d8f7d6f0f5073ff5320c333345c37
4
- data.tar.gz: 6f226c613086aff26729786e088a2923552fd02a8e28ebe88654d1dda068b98f
3
+ metadata.gz: 00161d7e89f54b0c1627bb5b0ce36a7689405b84da319db5c4052e585c09f6a7
4
+ data.tar.gz: fc7229efbe7fb40412fe22080aa974156f49f7d5e4257c0071d82eb7359cca72
5
5
  SHA512:
6
- metadata.gz: 53da0192645010cd5fe3ddc739ff4a6c5784ceb5ddbb8216b25ccd562a176606abfeeb5a9e164d0734e53467b69de749075136c07aebfa02e1da9babfb3f5e1b
7
- data.tar.gz: db4c2283dc26641cdf4ac727ebb8815fa0e9ce3c0672b0e5bb98030aa83538005d653547551fa1ac954e591013ff1aaefbf1556905e5e4445479492e5b07b6a0
6
+ metadata.gz: 1066053b93cf4173b29e063659d7f80bb42b77a116b85b2a18f3d43cf19c54538359336b4b120d0ff43b65cc58110ae8a3357a52f417a0379ea09c306e27b808
7
+ data.tar.gz: 8c7839a41b615ccf34ebcd656c1719ba99245c39abe9981969b8cb7d1a9cf57ad972dfb8276ebffe4c8c132d95d2a1dfc1db5b354bfc720b4a7c569722688a33
data/.travis.yml CHANGED
@@ -1,15 +1,12 @@
1
1
  rvm:
2
- - 2.1
3
- - 2.2
4
- - 2.3.7
5
- - 2.4.5
6
- - 2.5.3
7
- - 2.6.0
2
+ - 2.4.10
3
+ - 2.5
4
+ - 2.6
5
+ - 2.7
8
6
  - ruby-head
9
7
 
10
8
  gemfile:
11
9
  - Gemfile
12
- - Gemfile.v0.12
13
10
 
14
11
  before_install: gem update bundler
15
12
  script: bundle exec rake spec
@@ -19,16 +16,3 @@ sudo: false
19
16
  matrix:
20
17
  allow_failures:
21
18
  - rvm: ruby-head
22
- exclude:
23
- - rvm: 2.2
24
- gemfile: Gemfile.v0.12
25
- - rvm: 2.3.7
26
- gemfile: Gemfile.v0.12
27
- - rvm: 2.4.5
28
- gemfile: Gemfile.v0.12
29
- - rvm: 2.5.3
30
- gemfile: Gemfile.v0.12
31
- - rvm: 2.6.0
32
- gemfile: Gemfile.v0.12
33
- - rvm: ruby-head
34
- gemfile: Gemfile.v0.12
data/ChangeLog CHANGED
@@ -1,3 +1,7 @@
1
+ Release 0.9.0 - 2020/09/04
2
+
3
+ * FluentLogger supports TLS
4
+
1
5
  Release 0.8.2 - 2019/08/21
2
6
 
3
7
  * Block timeout during IO#write to avoid writing invalid bytes
data/README.md CHANGED
@@ -82,6 +82,36 @@ end
82
82
  # output: myapp.access {"agent":"foo"}
83
83
  ```
84
84
 
85
+ ### TLS setting
86
+
87
+ ```ruby
88
+ require 'fluent-logger'
89
+
90
+ tls_opts = {
91
+ :ca => '/path/to/cacert.pem',
92
+ :cert => '/path/to/client-cert.pem',
93
+ :key => '/path/to/client-key.pem',
94
+ :key_passphrase => 'test'
95
+ }
96
+ log = Fluent::Logger::FluentLogger.new(nil, :host => 'localhost', :port => 24224, :tls_options => tls_opts)
97
+ ```
98
+
99
+ `in_forward` config example:
100
+
101
+ ```
102
+ <source>
103
+ @type forward
104
+ <transport tcp>
105
+ version TLS1_2
106
+ ca_path /path/to/cacert.pem
107
+ cert_path /path/to/server-cert.pem
108
+ private_key_path /path/to/server-key.pem
109
+ private_key_passphrase test
110
+ client_cert_auth true
111
+ </transport>
112
+ </source>
113
+ ```
114
+
85
115
  ### Singleton
86
116
  ```ruby
87
117
  require 'fluent-logger'
@@ -122,6 +152,19 @@ If `false`, `Logger#post` raises an error when nonblocking write gets `EAGAIN` (
122
152
 
123
153
  Pass callback for handling buffer overflow with pending data. See "Buffer overflow" section.
124
154
 
155
+ #### tls_options (Hash)
156
+
157
+ Pass TLS related options.
158
+
159
+ - use_default_ca: Set `true` if you want to use default CA
160
+ - ca: CA file path
161
+ - cert: Certificate file path
162
+ - key: Private key file path
163
+ - key_passphrase: Private key passphrase
164
+ - version: TLS version. Default is `OpenSSL::SSL::TLS1_2_VERSION`
165
+ - ciphers: The list of cipher suites. Default is `ALL:!aNULL:!eNULL:!SSLv2`
166
+ - insecure: Set `true` when `in_forward` uses `insecure true`
167
+
125
168
  ### Standard ::Logger compatible interface
126
169
 
127
170
  #### Example1
data/lib/fluent/logger/fluent_logger.rb CHANGED
@@ -18,6 +18,7 @@
18
18
  require 'timeout'
19
19
  require 'msgpack'
20
20
  require 'socket'
21
+ require 'openssl'
21
22
  require 'monitor'
22
23
  require 'logger'
23
24
  require 'json'
@@ -84,6 +85,7 @@ module Fluent
84
85
  @socket_path = options[:socket_path]
85
86
  @nanosecond_precision = options[:nanosecond_precision]
86
87
  @use_nonblock = options[:use_nonblock]
88
+ @tls_options = options[:tls_options]
87
89
 
88
90
  @factory = MessagePack::Factory.new
89
91
  if @nanosecond_precision
@@ -169,6 +171,33 @@ module Fluent
169
171
  @con = UNIXSocket.new(@socket_path)
170
172
  else
171
173
  @con = TCPSocket.new(@host, @port)
174
+ if @tls_options
175
+ context = OpenSSL::SSL::SSLContext.new
176
+ if @tls_options[:insecure]
177
+ context.verify_mode = OpenSSL::SSL::VERIFY_NONE
178
+ else
179
+ context.set_params({})
180
+ context.verify_mode = OpenSSL::SSL::VERIFY_PEER
181
+ cert_store = OpenSSL::X509::Store.new
182
+ if @tls_options[:use_default_ca]
183
+ cert_store.set_default_paths
184
+ end
185
+ if @tls_options[:ca]
186
+ cert_store.add_file(@tls_options[:ca])
187
+ end
188
+
189
+ context.cert = OpenSSL::X509::Certificate.new(File.read(@tls_options[:cert])) if @tls_options[:cert]
190
+ context.key = OpenSSL::PKey::read(File.read(@tls_options[:key]), @tls_options[:key_passphrase]) if @tls_options[:key]
191
+ context.ciphers = @tls_options[:ciphers] || "ALL:!aNULL:!eNULL:!SSLv2".freeze
192
+ context.cert_store = cert_store
193
+ end
194
+ set_tls_version(context)
195
+
196
+ @con = OpenSSL::SSL::SSLSocket.new(@con, context)
197
+ @con.sync_close = true
198
+ @con.connect
199
+ end
200
+ @con
172
201
  end
173
202
  end
174
203
 
@@ -186,6 +215,16 @@ module Fluent
186
215
 
187
216
  private
188
217
 
218
+ def set_tls_version(context)
219
+ if context.respond_to?(:min_version=)
220
+ ver = @tls_options[:version] || OpenSSL::SSL::TLS1_2_VERSION
221
+ context.min_version = ver
222
+ context.max_version = ver
223
+ else
224
+ context.ssl_version = @tls_options[:version] || :'TLSv1_2'
225
+ end
226
+ end
227
+
189
228
  def to_msgpack(msg)
190
229
  @mon.synchronize {
191
230
  res = begin
data/lib/fluent/logger/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Fluent
2
2
  module Logger
3
- VERSION = '0.8.2'
3
+ VERSION = '0.9.0'
4
4
  end
5
5
  end
data/spec/fluent_logger_spec.rb CHANGED
@@ -373,4 +373,51 @@ describe Fluent::Logger::FluentLogger do
373
373
  end
374
374
  end
375
375
  end
376
+
377
+ context "running fluentd with TLS" do
378
+ before(:all) do
379
+ @serverengine = DummyServerengine.new
380
+ @serverengine.startup
381
+ end
382
+
383
+ before(:each) do
384
+ fluentd.startup(true)
385
+ end
386
+
387
+ after(:each) do
388
+ fluentd.shutdown
389
+ end
390
+
391
+ after(:all) do
392
+ @serverengine.shutdown
393
+ end
394
+
395
+ let(:logger_config) {
396
+ {
397
+ :host => 'localhost',
398
+ :port => fluentd.port,
399
+ :logger => internal_logger,
400
+ :buffer_overflow_handler => buffer_overflow_handler,
401
+ :tls_options => {:insecure => true}
402
+ }
403
+ }
404
+
405
+ context('post') do
406
+ it ('success') {
407
+ expect(logger.pending_bytesize).to eq 0
408
+ expect(logger.post('tag', {'a' => 'b'})).to be true
409
+ fluentd.wait_transfer
410
+ expect(fluentd.queue.last).to eq ['logger-test.tag', {'a' => 'b'}]
411
+ expect(logger.pending_bytesize).to eq 0
412
+ }
413
+
414
+ it ('success with nanosecond') {
415
+ expect(logger_with_nanosec.pending_bytesize).to eq 0
416
+ expect(logger_with_nanosec.post('tag', {'a' => 'b'})).to be true
417
+ fluentd.wait_transfer
418
+ expect(fluentd.queue.last).to eq ['logger-test.tag', {'a' => 'b'}]
419
+ expect(fluentd.output.emits.first[1]).to be_a_kind_of(Fluent::EventTime)
420
+ }
421
+ end
422
+ end
376
423
  end
data/spec/support/dummy_fluentd.rb CHANGED
@@ -51,8 +51,22 @@ class DummyFluentd
51
51
  queue
52
52
  end
53
53
 
54
- def startup
55
- config = Fluent::Config.parse(<<EOF, '(logger-spec)', '(logger-spec-dir)', true)
54
+ def startup(with_tls = false)
55
+ if with_tls
56
+ config = Fluent::Config.parse(<<EOF, '(logger-spec)', '(logger-spec-dir)', true)
57
+ <source>
58
+ type forward
59
+ port #{port}
60
+ <transport tls>
61
+ insecure true
62
+ </transport>
63
+ </source>
64
+ <match logger-test.**>
65
+ type test
66
+ </match>
67
+ EOF
68
+ else
69
+ config = Fluent::Config.parse(<<EOF, '(logger-spec)', '(logger-spec-dir)', true)
56
70
  <source>
57
71
  type forward
58
72
  port #{port}
@@ -61,6 +75,8 @@ class DummyFluentd
61
75
  type test
62
76
  </match>
63
77
  EOF
78
+ end
79
+
64
80
  Fluent::Test.setup
65
81
  Fluent::Engine.run_configure(config)
66
82
  @coolio_default_loop = nil
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fluent-logger
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.2
4
+ version: 0.9.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sadayuki Furuhashi
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-08-21 00:00:00.000000000 Z
11
+ date: 2020-09-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: msgpack
@@ -161,7 +161,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
161
161
  - !ruby/object:Gem::Version
162
162
  version: '0'
163
163
  requirements: []
164
- rubygems_version: 3.0.3
164
+ rubygems_version: 3.1.2
165
165
  signing_key:
166
166
  specification_version: 4
167
167
  summary: fluent logger for ruby