logstash-output-scalyr 0.2.6 → 0.2.7.beta
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/README.md +12 -25
- data/lib/logstash/outputs/scalyr.rb +13 -8
- data/lib/scalyr/common/client.rb +7 -37
- data/lib/scalyr/constants.rb +6 -7
- data/logstash-output-scalyr.gemspec +1 -1
- data/spec/logstash/outputs/fixtures/example_com.pem +41 -0
- data/spec/logstash/outputs/scalyr_integration_spec.rb +44 -63
- metadata +6 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: '098686f8c748dbe1d02cec87e92aa49df5db05049ff0d87ccd6fbb6271ccd797'
|
4
|
+
data.tar.gz: '0073297594f936703190252584559ae60cd81a7b3807f1b2685b6966fece5610'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 507ddc7c825ae4612907c4ad451597bf516732b389b5a628598f8eec12e8cdc1f7c4b5b71533803665d1fd18b3fce43a0aa3989729192eea26b2948273f9d267
|
7
|
+
data.tar.gz: 310a452e0df0b74081a061030322b3f2a013bad233ba99b424fcea428af336f86370cb76bda62c06c5edcbee81731e5a498e137daf4f7d42a843ef988a8664df
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,15 @@
|
|
1
1
|
# Beta
|
2
2
|
|
3
|
+
## 0.2.7.beta
|
4
|
+
|
5
|
+
* SSL cert validation code has been simplified. Now ``ssl_ca_bundle_path`` config option
|
6
|
+
defaults to the CA bundle path which is vendored / bundled with the RubyGem and includes CA
|
7
|
+
certs of the authorities which are used for DataSet API endpoint certificates.
|
8
|
+
|
9
|
+
In addition to that, ``append_builtin_cert`` config option has been removed and the code now
|
10
|
+
throws error in case invalid / inexistent path is specified for the ``ssl_ca_bundle_path``
|
11
|
+
config option - this represents a fatal config error.
|
12
|
+
|
3
13
|
## 0.2.6.beta, 0.2.6
|
4
14
|
|
5
15
|
* Update default value of ``ssl_ca_bundle_path`` config option to
|
data/README.md
CHANGED
@@ -132,42 +132,23 @@ set on the event object to prevent API from rejecting an invalid request.
|
|
132
132
|
|
133
133
|
## Note On Server SSL Certificate Validation
|
134
134
|
|
135
|
-
By default when validating DataSet endpoint server SSL certificate, logstash
|
136
|
-
|
137
|
-
of
|
138
|
-
to issue / sign server certificates used by the DataSet API endpoint.
|
135
|
+
By default when validating DataSet endpoint server SSL certificate, logstash uses CA certificate
|
136
|
+
bundles which is vendored / bundled with the RubyGem / plugin. This bundle includes CA certificate
|
137
|
+
files of authoried which are used to issue DataSet API endpoint certificates.
|
139
138
|
|
140
|
-
|
141
|
-
|
139
|
+
If you want to use system CA bundle, you should update ``ssl_ca_bundle_path`` to system CA bundle
|
140
|
+
path (e.g. ``/etc/ssl/certs/ca-certificates.crt``), as shown in the example below:
|
142
141
|
|
143
142
|
```
|
144
143
|
output {
|
145
144
|
scalyr {
|
146
145
|
api_write_token => 'SCALYR_API_KEY'
|
147
146
|
...
|
148
|
-
# You only need to set this config option in case default CA bundle path on your system is
|
149
|
-
# different
|
150
147
|
ssl_ca_bundle_path => "/etc/ssl/certs/ca-certificates.crt"
|
151
|
-
append_builtin_cert => false
|
152
148
|
}
|
153
149
|
}
|
154
150
|
```
|
155
151
|
|
156
|
-
In case you want to use only root CA certs which are bundled with the plugin (not use system CA
|
157
|
-
certs bundle), you can do that by using the following config options:
|
158
|
-
|
159
|
-
```
|
160
|
-
output {
|
161
|
-
scalyr {
|
162
|
-
api_write_token => 'SCALYR_API_KEY'
|
163
|
-
...
|
164
|
-
# You only need to set this config option in case default CA bundle path on your system is
|
165
|
-
# different
|
166
|
-
ssl_ca_bundle_path => nil
|
167
|
-
append_builtin_cert => true
|
168
|
-
}
|
169
|
-
}
|
170
|
-
```
|
171
152
|
|
172
153
|
## Options
|
173
154
|
|
@@ -185,7 +166,7 @@ output {
|
|
185
166
|
|
186
167
|
- Path to SSL CA bundle file which is used to verify the server certificate.
|
187
168
|
|
188
|
-
`config :ssl_ca_bundle_path, :validate => :string, :default =>
|
169
|
+
`config :ssl_ca_bundle_path, :validate => :string, :default => CA_CERTS_PATH`
|
189
170
|
|
190
171
|
If for some reason you need to disable server cert validation (you are strongly recommended to
|
191
172
|
not disable it unless specifically instructed to do so or have a valid reason for it), you can do
|
@@ -460,6 +441,12 @@ Or to run a single test function defined on line XXX
|
|
460
441
|
bundle exec rspec spec/scalyr/common/util_spec.rb:XXX
|
461
442
|
```
|
462
443
|
|
444
|
+
Or using more verbose output mode:
|
445
|
+
|
446
|
+
```bash
|
447
|
+
bundle exec rspec -fd spec/scalyr/common/util_spec.rb
|
448
|
+
```
|
449
|
+
|
463
450
|
## Instrumentation and metrics
|
464
451
|
|
465
452
|
By default, plugin logs a special line with metrics to Scalyr every 5 minutes. This line contains
|
@@ -133,13 +133,14 @@ class LogStash::Outputs::Scalyr < LogStash::Outputs::Base
|
|
133
133
|
# Whether or not to verify the connection to Scalyr, only set to false for debugging.
|
134
134
|
config :ssl_verify_peer, :validate => :boolean, :default => true
|
135
135
|
|
136
|
-
# Path to SSL bundle file.
|
137
|
-
#
|
138
|
-
#
|
139
|
-
|
136
|
+
# Path to SSL bundle file used to validate remote / server SSL certificate. By default, path to
|
137
|
+
# the CA bundled which is vendored / bundled with the RubyGem is used.
|
138
|
+
# If user has a specific reason to change this value (e.g. to a system ca bundle such as
|
139
|
+
# /etc/ssl/certs/ca-certificates.crt, they can update this option).
|
140
|
+
config :ssl_ca_bundle_path, :validate => :string, :default => CA_CERTS_PATH
|
140
141
|
|
141
|
-
#
|
142
|
-
config :append_builtin_cert, :validate => :boolean, :default =>
|
142
|
+
# Unused since v0.2.7, left here for backward compatibility reasons
|
143
|
+
config :append_builtin_cert, :validate => :boolean, :default => false
|
143
144
|
|
144
145
|
config :max_request_buffer, :validate => :number, :default => 5500000 # echee TODO: eliminate?
|
145
146
|
config :force_message_encoding, :validate => :string, :default => nil
|
@@ -261,6 +262,10 @@ class LogStash::Outputs::Scalyr < LogStash::Outputs::Base
|
|
261
262
|
end
|
262
263
|
end
|
263
264
|
|
265
|
+
if not @append_builtin_cert.nil?
|
266
|
+
@logger.warn "append_builtin_cert config option has been deprecated and is unused in versions 0.2.7 and above"
|
267
|
+
end
|
268
|
+
|
264
269
|
@dlq_writer = dlq_enabled? ? execution_context.dlq_writer : nil
|
265
270
|
|
266
271
|
@message_encoding = nil
|
@@ -352,7 +357,7 @@ class LogStash::Outputs::Scalyr < LogStash::Outputs::Base
|
|
352
357
|
@running = true
|
353
358
|
@client_session = Scalyr::Common::Client::ClientSession.new(
|
354
359
|
@logger, @add_events_uri,
|
355
|
-
@compression_type, @compression_level, @ssl_verify_peer, @ssl_ca_bundle_path,
|
360
|
+
@compression_type, @compression_level, @ssl_verify_peer, @ssl_ca_bundle_path,
|
356
361
|
@record_stats_for_status, @flush_quantile_estimates_on_status_send,
|
357
362
|
@http_connect_timeout, @http_socket_timeout, @http_request_timeout, @http_pool_max, @http_pool_max_per_route
|
358
363
|
)
|
@@ -378,7 +383,7 @@ class LogStash::Outputs::Scalyr < LogStash::Outputs::Base
|
|
378
383
|
# This way we don't need to keep idle long running connection open.
|
379
384
|
initial_send_status_client_session = Scalyr::Common::Client::ClientSession.new(
|
380
385
|
@logger, @add_events_uri,
|
381
|
-
@compression_type, @compression_level, @ssl_verify_peer, @ssl_ca_bundle_path,
|
386
|
+
@compression_type, @compression_level, @ssl_verify_peer, @ssl_ca_bundle_path,
|
382
387
|
@record_stats_for_status, @flush_quantile_estimates_on_status_send,
|
383
388
|
@http_connect_timeout, @http_socket_timeout, @http_request_timeout, @http_pool_max, @http_pool_max_per_route
|
384
389
|
)
|
data/lib/scalyr/common/client.rb
CHANGED
@@ -57,7 +57,7 @@ end
|
|
57
57
|
class ClientSession
|
58
58
|
|
59
59
|
def initialize(logger, add_events_uri, compression_type, compression_level,
|
60
|
-
ssl_verify_peer, ssl_ca_bundle_path,
|
60
|
+
ssl_verify_peer, ssl_ca_bundle_path,
|
61
61
|
record_stats_for_status, flush_quantile_estimates_on_status_send,
|
62
62
|
connect_timeout, socket_timeout, request_timeout, pool_max, pool_max_per_route)
|
63
63
|
@logger = logger
|
@@ -66,7 +66,6 @@ class ClientSession
|
|
66
66
|
@compression_level = compression_level
|
67
67
|
@ssl_verify_peer = ssl_verify_peer
|
68
68
|
@ssl_ca_bundle_path = ssl_ca_bundle_path
|
69
|
-
@append_builtin_cert = append_builtin_cert
|
70
69
|
@record_stats_for_status = record_stats_for_status
|
71
70
|
@flush_quantile_estimates_on_status_send = flush_quantile_estimates_on_status_send
|
72
71
|
@connect_timeout = connect_timeout
|
@@ -75,9 +74,6 @@ class ClientSession
|
|
75
74
|
@pool_max = pool_max
|
76
75
|
@pool_max_per_route = pool_max_per_route
|
77
76
|
|
78
|
-
# A cert to use by default to avoid issues caused by the OpenSSL library not validating certs according to standard
|
79
|
-
@cert_string = CA_CERT_STRING
|
80
|
-
|
81
77
|
# Request statistics are accumulated across multiple threads and must be accessed through a mutex
|
82
78
|
@stats_lock = Mutex.new
|
83
79
|
@latency_stats = get_new_latency_stats
|
@@ -120,41 +116,15 @@ class ClientSession
|
|
120
116
|
# verify peers to prevent potential MITM attacks
|
121
117
|
if @ssl_verify_peer
|
122
118
|
c[:ssl][:verify] = :strict
|
119
|
+
@logger.info("Using CA bundle from #{@ssl_ca_bundle_path} to validate the server side certificate")
|
123
120
|
|
124
|
-
if not @
|
125
|
-
|
126
|
-
@logger.info("Using CA bundle from #{@ssl_ca_bundle_path} to validate the server side certificate")
|
127
|
-
@ca_cert_path = @ssl_ca_bundle_path
|
128
|
-
|
129
|
-
if not File.file?(@ssl_ca_bundle_path)
|
130
|
-
# TODO: For now we don't throw to keep code backward compatible. In the future in case
|
131
|
-
# file doesn't exist, we should throw instead of write empty CA cert file and pass that
|
132
|
-
# to Manticore which will eventually fail and throw on cert validation
|
133
|
-
#raise Errno::ENOENT.new("ssl_ca_bundle_path config option to an invalid file path which doesn't exist - #{@ssl_ca_bundle_path}")
|
134
|
-
@ca_cert = Tempfile.new("ca_cert")
|
135
|
-
@ca_cert_path = @ca_cert.path
|
136
|
-
end
|
137
|
-
else
|
138
|
-
@ca_cert = Tempfile.new("ca_cert")
|
139
|
-
|
140
|
-
if File.file?(@ssl_ca_bundle_path)
|
141
|
-
@ca_cert.write(File.read(@ssl_ca_bundle_path))
|
142
|
-
@ca_cert.flush
|
143
|
-
else
|
144
|
-
@logger.warn("CA bundle (#{@ssl_ca_bundle_path}) doesn't exist, using only bundled CA certificates")
|
145
|
-
end
|
146
|
-
|
147
|
-
open(@ca_cert.path, "a") do |f|
|
148
|
-
f.puts @cert_string
|
149
|
-
end
|
150
|
-
|
151
|
-
@ca_cert.flush
|
152
|
-
@ca_cert_path = @ca_cert.path
|
153
|
-
|
154
|
-
@logger.info("Using CA bundle from #{@ssl_ca_bundle_path} combined with bundled certificates to validate the server side certificate (#{@ca_cert_path})")
|
121
|
+
if not File.file?(@ssl_ca_bundle_path)
|
122
|
+
raise Errno::ENOENT.new("Invalid path for ssl_ca_bundle_path config option - file doesn't exist or is not readable")
|
155
123
|
end
|
156
|
-
|
124
|
+
|
125
|
+
c[:ssl][:ca_file] = @ssl_ca_bundle_path
|
157
126
|
else
|
127
|
+
@logger.warn("SSL certificate validation has been disabled. You are strongly encouraged to enable it to prevent possible MITM and similar attacks.")
|
158
128
|
c[:ssl][:verify] = :disable
|
159
129
|
end
|
160
130
|
|
data/lib/scalyr/constants.rb
CHANGED
@@ -1,15 +1,14 @@
|
|
1
1
|
# encoding: utf-8
|
2
2
|
|
3
|
-
PLUGIN_VERSION = "v0.2.
|
3
|
+
PLUGIN_VERSION = "v0.2.7.beta"
|
4
4
|
|
5
5
|
# Special event level attribute name which can be used for setting event level serverHost attribute
|
6
6
|
EVENT_LEVEL_SERVER_HOST_ATTRIBUTE_NAME = '__origServerHost'
|
7
7
|
|
8
8
|
# Path to the bundled root CA certs used to sign server cert
|
9
|
-
|
9
|
+
CA_CERTS_PATH = File.expand_path(File.join(File.dirname(__FILE__), + "/certs/ca_certs.crt"))
|
10
10
|
|
11
|
-
#
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
CA_CERT_STRING = File.read(CA_CERT_PATH)
|
11
|
+
# Additional check on import to catch this issue early (in case of a invalid path or similar)
|
12
|
+
if not File.file?(CA_CERTS_PATH)
|
13
|
+
raise Errno::ENOENT.new("Invalid path specified for CA_CERTS_PATH module constant (likely a developer error).")
|
14
|
+
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
s.name = 'logstash-output-scalyr'
|
3
|
-
s.version = '0.2.
|
3
|
+
s.version = '0.2.7.beta'
|
4
4
|
s.licenses = ['Apache-2.0']
|
5
5
|
s.summary = "Scalyr output plugin for Logstash"
|
6
6
|
s.description = "Sends log data collected by Logstash to Scalyr (https://www.scalyr.com)"
|
@@ -0,0 +1,41 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIHQDCCBiigAwIBAgIQD9B43Ujxor1NDyupa2A4/jANBgkqhkiG9w0BAQsFADBN
|
3
|
+
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
|
4
|
+
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTI4MDAwMDAwWhcN
|
5
|
+
MjAxMjAyMTIwMDAwWjCBpTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju
|
6
|
+
aWExFDASBgNVBAcTC0xvcyBBbmdlbGVzMTwwOgYDVQQKEzNJbnRlcm5ldCBDb3Jw
|
7
|
+
b3JhdGlvbiBmb3IgQXNzaWduZWQgTmFtZXMgYW5kIE51bWJlcnMxEzARBgNVBAsT
|
8
|
+
ClRlY2hub2xvZ3kxGDAWBgNVBAMTD3d3dy5leGFtcGxlLm9yZzCCASIwDQYJKoZI
|
9
|
+
hvcNAQEBBQADggEPADCCAQoCggEBANDwEnSgliByCGUZElpdStA6jGaPoCkrp9vV
|
10
|
+
rAzPpXGSFUIVsAeSdjF11yeOTVBqddF7U14nqu3rpGA68o5FGGtFM1yFEaogEv5g
|
11
|
+
rJ1MRY/d0w4+dw8JwoVlNMci+3QTuUKf9yH28JxEdG3J37Mfj2C3cREGkGNBnY80
|
12
|
+
eyRJRqzy8I0LSPTTkhr3okXuzOXXg38ugr1x3SgZWDNuEaE6oGpyYJIBWZ9jF3pJ
|
13
|
+
QnucP9vTBejMh374qvyd0QVQq3WxHrogy4nUbWw3gihMxT98wRD1oKVma1NTydvt
|
14
|
+
hcNtBfhkp8kO64/hxLHrLWgOFT/l4tz8IWQt7mkrBHjbd2XLVPkCAwEAAaOCA8Ew
|
15
|
+
ggO9MB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBRm
|
16
|
+
mGIC4AmRp9njNvt2xrC/oW2nvjCBgQYDVR0RBHoweIIPd3d3LmV4YW1wbGUub3Jn
|
17
|
+
ggtleGFtcGxlLmNvbYILZXhhbXBsZS5lZHWCC2V4YW1wbGUubmV0ggtleGFtcGxl
|
18
|
+
Lm9yZ4IPd3d3LmV4YW1wbGUuY29tgg93d3cuZXhhbXBsZS5lZHWCD3d3dy5leGFt
|
19
|
+
cGxlLm5ldDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
|
20
|
+
AQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv
|
21
|
+
bS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5j
|
22
|
+
b20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgG
|
23
|
+
CCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAEC
|
24
|
+
AjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2lj
|
25
|
+
ZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29t
|
26
|
+
L0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMIIB
|
27
|
+
fwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb
|
28
|
+
37jjd80OyA3cEAAAAWdcMZVGAAAEAwBIMEYCIQCEZIG3IR36Gkj1dq5L6EaGVycX
|
29
|
+
sHvpO7dKV0JsooTEbAIhALuTtf4wxGTkFkx8blhTV+7sf6pFT78ORo7+cP39jkJC
|
30
|
+
AHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFnXDGWFQAABAMA
|
31
|
+
RzBFAiBvqnfSHKeUwGMtLrOG3UGLQIoaL3+uZsGTX3MfSJNQEQIhANL5nUiGBR6g
|
32
|
+
l0QlCzzqzvorGXyB/yd7nttYttzo8EpOAHYAb1N2rDHwMRnYmQCkURX/dxUcEdkC
|
33
|
+
wQApBo2yCJo32RMAAAFnXDGWnAAABAMARzBFAiEA5Hn7Q4SOyqHkT+kDsHq7ku7z
|
34
|
+
RDuM7P4UDX2ft2Mpny0CIE13WtxJAUr0aASFYZ/XjSAMMfrB0/RxClvWVss9LHKM
|
35
|
+
MA0GCSqGSIb3DQEBCwUAA4IBAQBzcIXvQEGnakPVeJx7VUjmvGuZhrr7DQOLeP4R
|
36
|
+
8CmgDM1pFAvGBHiyzvCH1QGdxFl6cf7wbp7BoLCRLR/qPVXFMwUMzcE1GLBqaGZM
|
37
|
+
v1Yh2lvZSLmMNSGRXdx113pGLCInpm/TOhfrvr0TxRImc8BdozWJavsn1N2qdHQu
|
38
|
+
N+UBO6bQMLCD0KHEdSGFsuX6ZwAworxTg02/1qiDu7zW7RyzHvFYA4IAjpzvkPIa
|
39
|
+
X6KjBtpdvp/aXabmL95YgBjT8WJ7pqOfrqhpcmOBZa6Cg6O1l4qbIFH/Gj9hQB5I
|
40
|
+
0Gs4+eH6F9h3SojmPTYkT+8KuZ9w84Mn+M8qBXUQoYoKgIjN
|
41
|
+
-----END CERTIFICATE-----
|
@@ -10,6 +10,8 @@ require 'webmock/rspec'
|
|
10
10
|
gem 'json', '1.8.6'
|
11
11
|
require 'json'
|
12
12
|
|
13
|
+
EXAMPLE_COME_CA_CERTS_PATH = File.expand_path(File.join(File.dirname(__FILE__), + "/fixtures/example_com.pem"))
|
14
|
+
|
13
15
|
WebMock.allow_net_connect!
|
14
16
|
|
15
17
|
RSpec.configure do |rspec|
|
@@ -64,50 +66,35 @@ describe LogStash::Outputs::Scalyr do
|
|
64
66
|
end
|
65
67
|
end
|
66
68
|
|
67
|
-
context "when pointing at
|
68
|
-
it "throws an
|
69
|
+
context "when pointing at an invalid location (doesnt exist) without any valid certs" do
|
70
|
+
it "throws an Errno::ENOENT error" do
|
69
71
|
plugin = LogStash::Outputs::Scalyr.new({
|
70
72
|
'api_write_token' => '1234',
|
71
73
|
'perform_connectivity_check' => false,
|
72
74
|
'ssl_ca_bundle_path' => '/fakepath/nocerts',
|
73
|
-
'append_builtin_cert' => false,
|
74
75
|
'max_retries' => 2,
|
75
76
|
'retry_max_interval' => 2,
|
76
77
|
'retry_initial_interval' => 0.2,
|
77
78
|
})
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
expect(plugin.instance_variable_get(:@logger)).to have_received(:warn).with("Error uploading to Scalyr (will backoff-retry)",
|
83
|
-
{
|
84
|
-
:error_class=>"Manticore::UnknownException",
|
85
|
-
:batch_num=>1,
|
86
|
-
:message=>"Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty",
|
87
|
-
#:message=>"java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty",
|
88
|
-
:payload_size=>737,
|
89
|
-
:record_count=>3,
|
90
|
-
:total_batches=>1,
|
91
|
-
:url=>"https://agent.scalyr.com/addEvents",
|
92
|
-
:will_retry_in_seconds=>0.4
|
93
|
-
}
|
94
|
-
)
|
79
|
+
|
80
|
+
expect {
|
81
|
+
plugin.register
|
82
|
+
}.to raise_error(Errno::ENOENT, /Invalid path for ssl_ca_bundle_path config option - file doesn't exist or is not readable/)
|
95
83
|
end
|
96
84
|
end
|
97
85
|
|
98
|
-
context "when
|
86
|
+
context "when pointing to an empty certs file" do
|
99
87
|
it "throws an SSLError" do
|
100
|
-
|
101
|
-
`sudo mv #{OpenSSL::X509::DEFAULT_CERT_DIR} /tmp/system_certs`
|
88
|
+
temp_file = file = Tempfile.new('emot_certs_file')
|
102
89
|
|
103
90
|
begin
|
104
91
|
plugin = LogStash::Outputs::Scalyr.new({
|
105
92
|
'api_write_token' => '1234',
|
106
93
|
'perform_connectivity_check' => false,
|
107
|
-
'append_builtin_cert' => false,
|
108
94
|
'max_retries' => 2,
|
109
95
|
'retry_max_interval' => 2,
|
110
96
|
'retry_initial_interval' => 0.2,
|
97
|
+
'ssl_ca_bundle_path' => temp_file.path
|
111
98
|
})
|
112
99
|
plugin.register
|
113
100
|
plugin.instance_variable_set(:@running, false)
|
@@ -127,9 +114,8 @@ describe LogStash::Outputs::Scalyr do
|
|
127
114
|
}
|
128
115
|
)
|
129
116
|
end
|
130
|
-
|
131
|
-
|
132
|
-
`sudo mv /tmp/system_cert.pem #{OpenSSL::X509::DEFAULT_CERT_FILE}`
|
117
|
+
ensure
|
118
|
+
temp_file.unlink
|
133
119
|
end
|
134
120
|
end
|
135
121
|
|
@@ -180,23 +166,22 @@ describe LogStash::Outputs::Scalyr do
|
|
180
166
|
end
|
181
167
|
end
|
182
168
|
|
183
|
-
context "when an error occurs with retries at 15" do
|
184
|
-
it "exits after
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
end
|
169
|
+
context "when an error occurs with retries at 15 and invalid example_com cert" do
|
170
|
+
it "exits after 15 retries and emits a log" do
|
171
|
+
plugin = LogStash::Outputs::Scalyr.new({
|
172
|
+
'api_write_token' => '1234',
|
173
|
+
'perform_connectivity_check' => false,
|
174
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
175
|
+
'max_retries' => 15,
|
176
|
+
'retry_max_interval' => 0.2,
|
177
|
+
'retry_initial_interval' => 0.1,
|
178
|
+
})
|
179
|
+
plugin.register
|
180
|
+
allow(plugin.instance_variable_get(:@logger)).to receive(:error)
|
181
|
+
plugin.multi_receive(sample_events)
|
182
|
+
expect(plugin.instance_variable_get(:@logger)).to have_received(:error).with("Failed to send 3 events after 15 tries.", anything
|
183
|
+
)
|
184
|
+
end
|
200
185
|
end
|
201
186
|
end
|
202
187
|
|
@@ -209,11 +194,10 @@ describe LogStash::Outputs::Scalyr do
|
|
209
194
|
plugin = LogStash::Outputs::Scalyr.new({
|
210
195
|
'api_write_token' => '1234',
|
211
196
|
'perform_connectivity_check' => false,
|
212
|
-
'ssl_ca_bundle_path' =>
|
213
|
-
'append_builtin_cert' => false,
|
197
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
214
198
|
'max_retries' => 2,
|
215
|
-
'retry_max_interval' => 2,
|
216
|
-
'retry_initial_interval' => 0.
|
199
|
+
'retry_max_interval' => 0.2,
|
200
|
+
'retry_initial_interval' => 0.1,
|
217
201
|
})
|
218
202
|
plugin.register
|
219
203
|
plugin.instance_variable_set(:@running, false)
|
@@ -230,7 +214,7 @@ describe LogStash::Outputs::Scalyr do
|
|
230
214
|
:record_count=>3,
|
231
215
|
:total_batches=>1,
|
232
216
|
:url=>"https://agent.scalyr.com/addEvents",
|
233
|
-
:will_retry_in_seconds=>0.
|
217
|
+
:will_retry_in_seconds=>0.2,
|
234
218
|
:body=>"stubbed response"
|
235
219
|
}
|
236
220
|
)
|
@@ -245,11 +229,10 @@ describe LogStash::Outputs::Scalyr do
|
|
245
229
|
plugin = LogStash::Outputs::Scalyr.new({
|
246
230
|
'api_write_token' => '1234',
|
247
231
|
'perform_connectivity_check' => false,
|
248
|
-
'ssl_ca_bundle_path' =>
|
249
|
-
'append_builtin_cert' => false,
|
232
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
250
233
|
'max_retries' => 2,
|
251
|
-
'retry_max_interval' => 2,
|
252
|
-
'retry_initial_interval' => 0.
|
234
|
+
'retry_max_interval' => 0.2,
|
235
|
+
'retry_initial_interval' => 0.1,
|
253
236
|
})
|
254
237
|
plugin.register
|
255
238
|
plugin.instance_variable_set(:@running, false)
|
@@ -266,7 +249,7 @@ describe LogStash::Outputs::Scalyr do
|
|
266
249
|
:record_count=>3,
|
267
250
|
:total_batches=>1,
|
268
251
|
:url=>"https://agent.scalyr.com/addEvents",
|
269
|
-
:will_retry_in_seconds=>0.
|
252
|
+
:will_retry_in_seconds=>0.2,
|
270
253
|
:body=>"stubbed response"
|
271
254
|
}
|
272
255
|
)
|
@@ -281,11 +264,10 @@ describe LogStash::Outputs::Scalyr do
|
|
281
264
|
plugin = LogStash::Outputs::Scalyr.new({
|
282
265
|
'api_write_token' => '1234',
|
283
266
|
'perform_connectivity_check' => false,
|
284
|
-
'ssl_ca_bundle_path' =>
|
285
|
-
'append_builtin_cert' => false,
|
267
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
286
268
|
'max_retries' => 2,
|
287
|
-
'retry_max_interval' => 2,
|
288
|
-
'retry_initial_interval' => 0.
|
269
|
+
'retry_max_interval' => 0.2,
|
270
|
+
'retry_initial_interval' => 0.1,
|
289
271
|
})
|
290
272
|
plugin.register
|
291
273
|
plugin.instance_variable_set(:@running, false)
|
@@ -302,7 +284,7 @@ describe LogStash::Outputs::Scalyr do
|
|
302
284
|
:record_count=>3,
|
303
285
|
:total_batches=>1,
|
304
286
|
:url=>"https://agent.scalyr.com/addEvents",
|
305
|
-
:will_retry_in_seconds=>0.
|
287
|
+
:will_retry_in_seconds=>0.2,
|
306
288
|
:body=>("0123456789" * 50) + "012345678..."
|
307
289
|
}
|
308
290
|
)
|
@@ -318,11 +300,10 @@ describe LogStash::Outputs::Scalyr do
|
|
318
300
|
plugin = LogStash::Outputs::Scalyr.new({
|
319
301
|
'api_write_token' => '1234',
|
320
302
|
'perform_connectivity_check' => false,
|
321
|
-
'ssl_ca_bundle_path' =>
|
322
|
-
'append_builtin_cert' => false,
|
303
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
323
304
|
'max_retries' => 2,
|
324
|
-
'retry_max_interval' => 2,
|
325
|
-
'retry_initial_interval' => 0.
|
305
|
+
'retry_max_interval' => 0.2,
|
306
|
+
'retry_initial_interval' => 0.1,
|
326
307
|
})
|
327
308
|
plugin.register
|
328
309
|
plugin.instance_variable_set(:@running, false)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-output-scalyr
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.7.beta
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Edward Chee
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-08-
|
11
|
+
date: 2022-08-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
@@ -171,6 +171,7 @@ files:
|
|
171
171
|
- spec/benchmarks/metrics_overhead.rb
|
172
172
|
- spec/benchmarks/set_session_level_serverhost_on_events.rb
|
173
173
|
- spec/benchmarks/util.rb
|
174
|
+
- spec/logstash/outputs/fixtures/example_com.pem
|
174
175
|
- spec/logstash/outputs/scalyr_integration_spec.rb
|
175
176
|
- spec/logstash/outputs/scalyr_spec.rb
|
176
177
|
- spec/scalyr/common/util_spec.rb
|
@@ -191,9 +192,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
191
192
|
version: '0'
|
192
193
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
193
194
|
requirements:
|
194
|
-
- - "
|
195
|
+
- - ">"
|
195
196
|
- !ruby/object:Gem::Version
|
196
|
-
version:
|
197
|
+
version: 1.3.1
|
197
198
|
requirements: []
|
198
199
|
rubyforge_project:
|
199
200
|
rubygems_version: 2.7.10
|
@@ -207,6 +208,7 @@ test_files:
|
|
207
208
|
- spec/benchmarks/metrics_overhead.rb
|
208
209
|
- spec/benchmarks/set_session_level_serverhost_on_events.rb
|
209
210
|
- spec/benchmarks/util.rb
|
211
|
+
- spec/logstash/outputs/fixtures/example_com.pem
|
210
212
|
- spec/logstash/outputs/scalyr_integration_spec.rb
|
211
213
|
- spec/logstash/outputs/scalyr_spec.rb
|
212
214
|
- spec/scalyr/common/util_spec.rb
|