Add tokenpath parameter to collector

Author: john-david3

internal/config/config.go

@@ -871,6 +871,7 @@ func processOtlpReceivers(tlsConfig *OtlpTLSConfig) error {
 func resolveExtensions() Extensions {
 	var health *Health
 	var headersSetter *HeadersSetter
+	var tokenValue string
 
 	if isHealthExtensionSet() {
 		health = &Health{
@@ -899,6 +900,19 @@ func resolveExtensions() Extensions {
 		}
 	}
 
+	if headersSetter != nil {
+		tokenValue = headersSetter.Headers[0].Value
+	}
+
+	_, err := os.Stat(tokenValue)
+	if err == nil {
+		token, fileErr := file.ReadFromFile(tokenValue)
+		if fileErr != nil {
+			slog.Error("error reading from file", "error", fileErr)
+		}
+		headersSetter.Headers[0].Value = token
+	}
+
 	return Extensions{
 		Health:        health,
 		HeadersSetter: headersSetter,

internal/config/config_test.go

@@ -5,7 +5,9 @@
 package config
 
 import (
+	_ "embed"
 	"errors"
+	"fmt"
 	"os"
 	"path"
 	"strings"
@@ -631,6 +633,61 @@ func TestValidateYamlFile(t *testing.T) {
 	}
 }
 
+//go:embed testdata/nginx-agent-with-token.conf
+var agentConfigWithToken string
+
+func getAgentConfigWithToken(token string) string {
+	return fmt.Sprintf(agentConfigWithToken, token)
+}
+
+func TestResolveExtensions(t *testing.T) {
+	tests := []struct {
+		name     string
+		input    string
+		expected string
+	}{
+		{
+			name:     "Test 1: Header value is a valid token",
+			input:    "super-secret-token",
+			expected: "super-secret-token",
+		},
+		{
+			name:     "Test 2: Header value is a valid token path",
+			input:    "testdata/nginx-token.crt",
+			expected: "super-secret-token",
+		},
+		{
+			name:     "Test 3: Header value is empty",
+			input:    "",
+			expected: "",
+		},
+	}
+
+	viperInstance = viper.NewWithOptions(viper.KeyDelimiter(KeyDelimiter))
+	tempDir := t.TempDir()
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			tempFile := helpers.CreateFileWithErrorCheck(t, tempDir, "nginx-agent.conf")
+			defer helpers.RemoveFileWithErrorCheck(t, tempFile.Name())
+
+			confContent := []byte(getAgentConfigWithToken(tt.input))
+			_, writeErr := tempFile.Write(confContent)
+			require.NoError(t, writeErr)
+
+			err := loadPropertiesFromFile(tempFile.Name())
+			require.NoError(t, err)
+
+			extension := resolveExtensions()
+			require.NotNil(t, extension)
+			assert.Equal(t, tt.expected, extension.HeadersSetter.Headers[0].Value)
+
+			err = tempFile.Close()
+			require.NoError(t, err)
+		})
+	}
+}
+
 func getAgentConfig() *Config {
 	return &Config{
 		UUID:    "",

internal/config/testdata/nginx-agent-with-token.conf

@@ -0,0 +1,10 @@
+log:
+  level: info
+  
+collector:
+    extensions:
+      headers_setter:
+        headers:
+          - action: insert
+            key: "authorization"
+            value: %s

internal/config/testdata/nginx-token.crt

@@ -0,0 +1 @@
+super-secret-token

nginx-agent.conf

@@ -16,15 +16,46 @@ allowed_directories:
     - /usr/share/nginx/modules
     - /var/run/nginx
     - /var/log/nginx
+    - /opt/homebrew/etc/nginx
+    - /opt/homebrew/var/log
+    - /opt/homebrew/var/log/nginx
+    - dev/configs
 #
 # Command server settings to connect to a management plane server
 #
-#command:
-#  server:
-#    host: "agent.connect.nginx.com"
-#    port: 443
-#  auth:
-#    token: ""
-#  tls:
-#    skip_verify: false
+command:
+  server:
+    host: "connect.saas.demo1.nginxlab.net"
+    port: 443
+  auth:
+    token: "u6L0Zvrz61y2YsOtvBm65sqXMW5lfElQKE0/mgJYeK8="
+  tls:
+    skip_verify: false
 
+collector:
+    receivers:
+      host_metrics:
+        collection_interval: 1m0s
+        initial_delay: 1s
+        scrapers:
+          cpu: {}
+          memory: {}
+          disk: {}
+          network: {}
+          filesystem: {}
+    processors:
+      batch: {}
+    exporters:
+      otlp_exporters:
+        - server:
+            host: "connect.saas.demo1.nginxlab.net"
+            port: 443
+          authenticator: headers_setter
+          tls:
+            skip_verify: false
+    extensions:
+      headers_setter:
+        headers:
+          - action: insert
+            key: "authorization"
+            value: "u6L0Zvrz61y2YsOtvBm65sqXMW5lfElQKE0/mgJYeK8="