Skip to content

[9.1](backport #45092) [Elasticsearch] Allow Env Injected Auth#45094

Merged
pickypg merged 1 commit into9.1from
mergify/bp/9.1/pr-45092
Jun 27, 2025
Merged

[9.1](backport #45092) [Elasticsearch] Allow Env Injected Auth#45094
pickypg merged 1 commit into9.1from
mergify/bp/9.1/pr-45092

Conversation

@mergify
Copy link
Copy Markdown
Contributor

@mergify mergify Bot commented Jun 27, 2025

This allows tools to inject the auth parameters via the environment, which enables usage of dynamically deciding what to use for auth in OTel mode while still supporting blank values.

Specifically, this allows end users to specify either username and password or the API Key via configuration, which is not currently possible in the OTel configuration due to #45102.

Proposed commit message

Allow ELASTICSEARCH_READ_USERNAME, ELASTICSEARCH_READ_PASSWORD, and ELASTICSEARCH_READ_API_KEY to be specified in the environment to control auth for Elasticsearch in a receiver context (not the exporter / output layer of Elasticsearch). This also enables the usage of them for the autoops_es module.

Disruptive User Impact

I intentionally added READ_ to avoid disruption. These variables also never existed before, so anyone using them would have been using them to set the configuration already, which helpfully avoids collisions.

Author's Checklist

  • These default to blank, so no functionality really changes.

How to test this PR locally

  • Try using the Elasticsearch module with and without these environment variables.
  • Try using the Elasticsearch module with environment variables, but also config that overrides them and observe that they are overridden (easiest to provide invalid auth in env, but valid in config to test).
  • Try setting all three at the same time (Metricbeat will fail to start because that is an invalid setup just like putting all three directly in config)

Related issues

Use cases

  • Use elasticsearch and autoops_es modules via Kubernetes / Docker
  • Use those modules with something dynamically specifying the auth (i.e., Buildkite) without three (no auth, user/pass, and api key) separate config files
    This is an automatic backport of pull request [Elasticsearch] Allow Env Injected Auth #45092 done by Mergify.

@pickypg @mergify
[Elasticsearch] Allow Env Injected Auth (#45092)
c5e7c5e 
This allows tools to inject the auth parameters via the environment,
which enables usage of dynamically deciding what to use for auth in
OTel mode while still supporting blank values.

(cherry picked from commit 5ae4c37)
@mergify mergify Bot added the backport label Jun 27, 2025
@mergify mergify Bot requested a review from a team as a code owner June 27, 2025 18:26
@mergify mergify Bot added the backport label Jun 27, 2025
@botelastic botelastic Bot added the needs_team Indicates that the issue/PR needs a Team:* label label Jun 27, 2025
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jun 27, 2025

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

  • run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

@github-actions github-actions Bot added release-note:skip The PR should be ignored when processing the changelog Team:Monitoring Stack Monitoring team labels Jun 27, 2025
@botelastic botelastic Bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Jun 27, 2025
@pickypg pickypg enabled auto-merge (squash) June 27, 2025 18:29
@pickypg pickypg merged commit d6492d5 into 9.1 Jun 27, 2025
49 checks passed
@pickypg pickypg deleted the mergify/bp/9.1/pr-45092 branch June 27, 2025 20:00
@khushijain21 khushijain21 mentioned this pull request Jul 15, 2025
Closed
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pickypg pickypg pickypg approved these changes

Assignees

@pickypg pickypg

Labels

backport release-note:skip The PR should be ignored when processing the changelog Team:Monitoring Stack Monitoring team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pickypg