fluent-logger 0.8.2 → 0.9.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7be5ae39c39ebb27bdeeaa66b1d103cb6e7d8f7d6f0f5073ff5320c333345c37
-  data.tar.gz: 6f226c613086aff26729786e088a2923552fd02a8e28ebe88654d1dda068b98f
+  metadata.gz: 460c4365ba58c7558db145e551b806ee8b2afb764454bfbba35e6f6290093317
+  data.tar.gz: 5166f31570a03e934c217464a2d16706f82bd650581f43d83ee87c53e0952da8
 SHA512:
-  metadata.gz: 53da0192645010cd5fe3ddc739ff4a6c5784ceb5ddbb8216b25ccd562a176606abfeeb5a9e164d0734e53467b69de749075136c07aebfa02e1da9babfb3f5e1b
-  data.tar.gz: db4c2283dc26641cdf4ac727ebb8815fa0e9ce3c0672b0e5bb98030aa83538005d653547551fa1ac954e591013ff1aaefbf1556905e5e4445479492e5b07b6a0
+  metadata.gz: 443b59cb242dc22e0d7ec6e711aefc2274452b5ea19d04af73db8250683f27da15b731af24b137213d91ea1f9c91873e7c5b85302c461c3f312b5d19e4bed2b7
+  data.tar.gz: 3e1d99bb86d51e2e589621e73ad763de5928e19aa1a15d470fa7adc616a749674df69356b8bd431d07804a8f5925bcb8742c98a560e99f6ff35abf2f423c439e

data/.github/workflows/linux.yml

@@ -0,0 +1,30 @@
+name: linux
+on:
+  - push
+  - pull_request
+jobs:
+  build:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby:
+          - '2.7'
+          - '3.0'
+          - '3.1'
+          - '3.2'
+        os:
+          - ubuntu-latest
+    name: Ruby ${{ matrix.ruby }} unit testing on ${{ matrix.os }}
+    steps:
+    - uses: actions/checkout@v3
+    - uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby }}
+    - name: unit testing
+      env:
+        CI: true
+      run: |
+        gem install bundler rake
+        bundle install --jobs 4 --retry 3
+        bundle exec rake spec

data/ChangeLog

@@ -1,3 +1,11 @@
+Release 0.9.1 - 2023/12/20
+
+  * Fix invalid message polluting subsequent message
+
+Release 0.9.0 - 2020/09/04
+
+  * FluentLogger supports TLS
+
 Release 0.8.2 - 2019/08/21
 
   * Block timeout during IO#write to avoid writing invalid bytes

data/README.md

@@ -1,6 +1,6 @@
 # Fluent logger
 
-[![Build Status](https://travis-ci.org/fluent/fluent-logger-ruby.svg?branch=master)](https://travis-ci.org/fluent/fluent-logger-ruby)
+[![Build Status](https://github.com/fluent/fluent-logger-ruby/actions/workflows/linux.yml/badge.svg?branch=master)](https://github.com/fluent/fluent-logger-ruby/actions/workflows/linux.yml)
 
 A structured event logger
 
@@ -82,6 +82,36 @@ end
 # output: myapp.access {"agent":"foo"}
 ```
 
+### TLS setting
+
+```ruby
+require 'fluent-logger'
+
+tls_opts = {
+  :ca   => '/path/to/cacert.pem',
+  :cert => '/path/to/client-cert.pem',
+  :key  => '/path/to/client-key.pem',
+  :key_passphrase => 'test'
+}
+log = Fluent::Logger::FluentLogger.new(nil, :host => 'localhost', :port => 24224, :tls_options => tls_opts)
+```
+
+`in_forward` config example:
+
+```
+<source>
+  @type forward
+  <transport tls>
+    version TLS1_2
+    ca_path /path/to/cacert.pem
+    cert_path /path/to/server-cert.pem
+    private_key_path /path/to/server-key.pem
+    private_key_passphrase test
+    client_cert_auth true
+  </transport>
+</source>
+```
+
 ### Singleton
 ```ruby
 require 'fluent-logger'
@@ -122,6 +152,19 @@ If `false`, `Logger#post` raises an error when nonblocking write gets `EAGAIN` (
 
 Pass callback for handling buffer overflow with pending data. See "Buffer overflow" section.
 
+#### tls_options (Hash)
+
+Pass TLS related options.
+
+- use_default_ca: Set `true` if you want to use default CA
+- ca: CA file path
+- cert: Certificate file path
+- key: Private key file path
+- key_passphrase: Private key passphrase
+- version: TLS version. Default is `OpenSSL::SSL::TLS1_2_VERSION`
+- ciphers: The list of cipher suites. Default is `ALL:!aNULL:!eNULL:!SSLv2`
+- insecure: Set `true` when `in_forward` uses `insecure true`
+
 ### Standard ::Logger compatible interface
 
 #### Example1
@@ -202,7 +245,7 @@ Fluent::Logger::NullLogger.open
 
 To send events with nanosecond-precision time (Fluent 0.14 and up), specify `nanosecond_precision` to `FluentLogger` constructor.
 
-```rb
+```ruby
 log = Fluent::Logger::FluentLogger.new(nil, :host => 'localhost', :port => 24224, :nanosecond_precision => true)
 # Use nanosecond time instead
 log.post("myapp.access", {"agent" => "foo"})
@@ -216,7 +259,7 @@ You can inject your own custom proc to handle buffer overflow in the event of co
 Your proc must accept a single argument, which will be the internal buffer of messages from the logger. A typical use-case for this would be writing to disk or possibly writing to Redis.
 
 ##### Example
-```
+```ruby
 class BufferOverflowHandler
   attr_accessor :buffer
 

data/fluent-logger.gemspec

@@ -27,4 +27,5 @@ Gem::Specification.new do |gem|
   gem.add_development_dependency 'rspec-its', '>= 1.1.0'
   gem.add_development_dependency 'simplecov', '>= 0.5.4'
   gem.add_development_dependency 'timecop', '>= 0.3.0'
+  gem.add_development_dependency 'webrick'
 end

data/lib/fluent/logger/fluent_logger.rb

@@ -18,6 +18,7 @@
 require 'timeout'
 require 'msgpack'
 require 'socket'
+require 'openssl'
 require 'monitor'
 require 'logger'
 require 'json'
@@ -84,6 +85,7 @@ module Fluent
         @socket_path = options[:socket_path]
         @nanosecond_precision = options[:nanosecond_precision]
         @use_nonblock = options[:use_nonblock]
+        @tls_options = options[:tls_options]
 
         @factory = MessagePack::Factory.new
         if @nanosecond_precision
@@ -169,6 +171,33 @@ module Fluent
           @con = UNIXSocket.new(@socket_path)
         else
           @con = TCPSocket.new(@host, @port)
+          if @tls_options
+            context = OpenSSL::SSL::SSLContext.new
+            if @tls_options[:insecure]
+              context.verify_mode = OpenSSL::SSL::VERIFY_NONE
+            else
+              context.set_params({})
+              context.verify_mode = OpenSSL::SSL::VERIFY_PEER
+              cert_store = OpenSSL::X509::Store.new
+              if @tls_options[:use_default_ca]
+                cert_store.set_default_paths
+              end
+              if @tls_options[:ca]
+                cert_store.add_file(@tls_options[:ca])
+              end
+
+              context.cert = OpenSSL::X509::Certificate.new(File.read(@tls_options[:cert])) if @tls_options[:cert]
+              context.key = OpenSSL::PKey::read(File.read(@tls_options[:key]), @tls_options[:key_passphrase]) if @tls_options[:key]
+              context.ciphers = @tls_options[:ciphers] || "ALL:!aNULL:!eNULL:!SSLv2".freeze
+              context.cert_store = cert_store
+            end
+            set_tls_version(context)
+
+            @con = OpenSSL::SSL::SSLSocket.new(@con, context)
+            @con.sync_close = true
+            @con.connect
+          end
+          @con
         end
       end
 
@@ -186,14 +215,25 @@ module Fluent
 
       private
 
+      def set_tls_version(context)
+        if context.respond_to?(:min_version=)
+          ver = @tls_options[:version] || OpenSSL::SSL::TLS1_2_VERSION
+          context.min_version = ver
+          context.max_version = ver
+        else
+          context.ssl_version = @tls_options[:version] || :'TLSv1_2'
+        end
+      end
+
       def to_msgpack(msg)
         @mon.synchronize {
           res = begin
                   @packer.pack(msg).to_s
                 rescue NoMethodError
                   JSON.parse(JSON.generate(msg)).to_msgpack
+                ensure
+                  @packer.clear
                 end
-          @packer.clear
           res
         }
       end

data/lib/fluent/logger/version.rb

@@ -1,5 +1,5 @@
 module Fluent
   module Logger
-    VERSION = '0.8.2'
+    VERSION = '0.9.1'
   end
 end

data/spec/fluent_logger_spec.rb

@@ -205,6 +205,10 @@ describe Fluent::Logger::FluentLogger do
         expect(fluentd.queue.last).to be_nil
         logger_io.rewind
         logger_io.read =~ /FluentLogger: Can't convert to msgpack:/
+
+        logger.post('tag', { 'a' => 'b' })
+        fluentd.wait_transfer
+        expect(fluentd.queue.last).to eq ['logger-test.tag', { 'a' => 'b' }]
       }
 
       it ('should raise an error when second argument is non hash object') {
@@ -373,4 +377,61 @@ describe Fluent::Logger::FluentLogger do
       end
     end
   end
+
+  context "running fluentd with TLS" do
+    before(:all) do
+      @serverengine = DummyServerengine.new
+      @serverengine.startup
+    end
+
+    before(:each) do
+      fluentd.startup(true)
+      # Make sure to wait TLS server since preparing it takes longer time than
+      # non-TLS so that it might be too early especially on CI environment
+      3.times do
+        begin
+          TCPSocket.open('localhost', fluentd.port) {}
+          break
+        rescue
+          fluentd.wait_transfer
+        end
+      end
+    end
+
+    after(:each) do
+      fluentd.shutdown
+    end
+
+    after(:all) do
+      @serverengine.shutdown
+    end
+
+    let(:logger_config) {
+      {
+        :host   => 'localhost',
+        :port   => fluentd.port,
+        :logger => internal_logger,
+        :buffer_overflow_handler => buffer_overflow_handler,
+        :tls_options => {:insecure => true}
+      }
+    }
+
+    context('post') do
+      it ('success') {
+        expect(logger.pending_bytesize).to eq 0
+        expect(logger.post('tag', {'a' => 'b'})).to be true
+        fluentd.wait_transfer
+        expect(fluentd.queue.last).to eq ['logger-test.tag', {'a' => 'b'}]
+        expect(logger.pending_bytesize).to eq 0
+      }
+
+      it ('success with nanosecond') {
+        expect(logger_with_nanosec.pending_bytesize).to eq 0
+        expect(logger_with_nanosec.post('tag', {'a' => 'b'})).to be true
+        fluentd.wait_transfer
+        expect(fluentd.queue.last).to eq ['logger-test.tag', {'a' => 'b'}]
+        expect(fluentd.output.emits.first[1]).to be_a_kind_of(Fluent::EventTime)
+      }
+    end
+  end
 end

data/spec/support/dummy_fluentd.rb

@@ -51,8 +51,22 @@ class DummyFluentd
     queue
   end
 
-  def startup
-    config = Fluent::Config.parse(<<EOF, '(logger-spec)', '(logger-spec-dir)', true)
+  def startup(with_tls = false)
+    if with_tls
+      config = Fluent::Config.parse(<<EOF, '(logger-spec)', '(logger-spec-dir)', true)
+<source>
+  type forward
+  port #{port}
+  <transport tls>
+    insecure true
+  </transport>
+</source>
+<match logger-test.**>
+  type test
+</match>
+EOF
+    else
+      config = Fluent::Config.parse(<<EOF, '(logger-spec)', '(logger-spec-dir)', true)
 <source>
   type forward
   port #{port}
@@ -61,6 +75,8 @@ class DummyFluentd
   type test
 </match>
 EOF
+    end
+
     Fluent::Test.setup
     Fluent::Engine.run_configure(config)
     @coolio_default_loop = nil

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: fluent-logger
 version: !ruby/object:Gem::Version
-  version: 0.8.2
+  version: 0.9.1
 platform: ruby
 authors:
 - Sadayuki Furuhashi
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-08-21 00:00:00.000000000 Z
+date: 2023-12-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: msgpack
@@ -100,6 +100,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 0.3.0
+- !ruby/object:Gem::Dependency
+  name: webrick
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: fluent logger for ruby
 email: frsyuki@gmail.com
 executables:
@@ -107,9 +121,9 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/linux.yml"
 - ".gitignore"
 - ".rspec"
-- ".travis.yml"
 - AUTHORS
 - COPYING
 - ChangeLog
@@ -161,20 +175,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.4.1
 signing_key: 
 specification_version: 4
 summary: fluent logger for ruby
-test_files:
-- spec/console_logger_spec.rb
-- spec/fluent_logger_spec.rb
-- spec/level_fluent_logger_spec.rb
-- spec/logger_base_spec.rb
-- spec/logger_spec.rb
-- spec/null_logger_spec.rb
-- spec/plugin/out_test.rb
-- spec/spec_helper.rb
-- spec/support/dummy_fluentd.rb
-- spec/support/dummy_serverengine.rb
-- spec/support/timecop.rb
-- spec/test_logger_spec.rb
+test_files: []

data/.travis.yml

@@ -1,34 +0,0 @@
-rvm:
- - 2.1
- - 2.2
- - 2.3.7
- - 2.4.5
- - 2.5.3
- - 2.6.0
- - ruby-head
-
-gemfile:
- - Gemfile
- - Gemfile.v0.12
-
-before_install: gem update bundler
-script: bundle exec rake spec
-
-sudo: false
-
-matrix:
-  allow_failures:
-    - rvm: ruby-head
-  exclude:
-    - rvm: 2.2
-      gemfile: Gemfile.v0.12
-    - rvm: 2.3.7
-      gemfile: Gemfile.v0.12
-    - rvm: 2.4.5
-      gemfile: Gemfile.v0.12
-    - rvm: 2.5.3
-      gemfile: Gemfile.v0.12
-    - rvm: 2.6.0
-      gemfile: Gemfile.v0.12
-    - rvm: ruby-head
-      gemfile: Gemfile.v0.12