Component(s)
cmd/opampsupervisor
Is your feature request related to a problem? Please describe.
Some vendors require specific authentication methods, but the current authentication mechanism between the OpAMP server and the OpAMP supervisor is insufficient. At the moment, the only way to address this limitation is by forking the project and adding custom authentication support.
This is a follow-up to a previously closed issue that was misunderstood — it was believed that OpenID OAuth support had been implemented for the supervisor, but it was actually only added to the OpAMP extension usable by the collector.
See #32762 (comment)
Describe the solution you'd like
It would be useful to reuse the authentication extensions that are already available. To do this, the supervisor needs to be modified to include the extension in its build. Furthermore, the current supervisor configuration must be extended to allow for the definition of the extension and enable its use in the server definition.
The first step will be to attempt to add extensions to the supervisor in their current form along with all the required dependencies. This will help us determine the number of dependencies needed and whether this number is acceptable for us.
Describe alternatives you've considered
An alternative would be to somehow separate the logic responsible for authentication from that required by the collector of each extension. This would reduce the number of dependencies needed for the supervisor. Unfortunately, this solution requires changes to the collector, which will make it much more time-consuming. For this reason, we decided to try the first approach for now.
Additional context
@djaglowski
@BinaryFissionGames
@dmolenda-sumo
Tip
React with 👍 to help prioritize this issue. Please use comments to provide useful context, avoiding +1 or me too, to help us triage it. Learn more here.
Component(s)
cmd/opampsupervisor
Is your feature request related to a problem? Please describe.
Some vendors require specific authentication methods, but the current authentication mechanism between the OpAMP server and the OpAMP supervisor is insufficient. At the moment, the only way to address this limitation is by forking the project and adding custom authentication support.
This is a follow-up to a previously closed issue that was misunderstood — it was believed that OpenID OAuth support had been implemented for the supervisor, but it was actually only added to the OpAMP extension usable by the collector.
See #32762 (comment)
Describe the solution you'd like
It would be useful to reuse the authentication extensions that are already available. To do this, the supervisor needs to be modified to include the extension in its build. Furthermore, the current supervisor configuration must be extended to allow for the definition of the extension and enable its use in the server definition.
The first step will be to attempt to add extensions to the supervisor in their current form along with all the required dependencies. This will help us determine the number of dependencies needed and whether this number is acceptable for us.
Describe alternatives you've considered
An alternative would be to somehow separate the logic responsible for authentication from that required by the collector of each extension. This would reduce the number of dependencies needed for the supervisor. Unfortunately, this solution requires changes to the collector, which will make it much more time-consuming. For this reason, we decided to try the first approach for now.
Additional context
@djaglowski
@BinaryFissionGames
@dmolenda-sumo
Tip
React with 👍 to help prioritize this issue. Please use comments to provide useful context, avoiding
+1orme too, to help us triage it. Learn more here.