From d4492abe66c1f5c14d36adb62302cda5d8e296ba Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 18 Dec 2023 03:02:51 +0000 Subject: [PATCH 1/4] prometheus-snmp-exporter: 0.22.0 -> 0.25.0 --- pkgs/servers/monitoring/prometheus/snmp-exporter.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/monitoring/prometheus/snmp-exporter.nix b/pkgs/servers/monitoring/prometheus/snmp-exporter.nix index bad0f09d40e5f..9f097d16e8a7c 100644 --- a/pkgs/servers/monitoring/prometheus/snmp-exporter.nix +++ b/pkgs/servers/monitoring/prometheus/snmp-exporter.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "snmp_exporter"; - version = "0.22.0"; + version = "0.25.0"; src = fetchFromGitHub { owner = "prometheus"; repo = "snmp_exporter"; rev = "v${version}"; - sha256 = "sha256-HncffOX0/z8XIEXTOkt6bcnAfY7xwgNBGhUwC3FIJjo="; + sha256 = "sha256-6Y2zJwY5gToJlY6iLug2jNXXtNLNz98WoTKGcWgYzaA="; }; - vendorHash = "sha256-n0LPKmGPxLZgvzdpyuE67WOJv7MKN28m7PtQpWYdtMk="; + vendorHash = "sha256-8soLDI/hBzSZB6Lfj1jVkIWfIkMPJmp84bu7TKg7jeo="; buildInputs = [ net-snmp ]; From a8ea9fe49250d2d8e3d41a10a0f21e326c87fbad Mon Sep 17 00:00:00 2001 From: WilliButz Date: Fri, 12 Jan 2024 18:40:31 +0100 Subject: [PATCH 2/4] nixos/prometheus-snmp-exporter: switch to new config syntax Introduced with version 0.23.0, see https://github.com/prometheus/snmp_exporter/blob/b75fc6b839ee3f3ccbee68bee55f1ae99555084a/auth-split-migration.md --- .../services/monitoring/prometheus/exporters/snmp.nix | 8 +++----- nixos/tests/prometheus-exporters.nix | 8 +++++--- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/nixos/modules/services/monitoring/prometheus/exporters/snmp.nix b/nixos/modules/services/monitoring/prometheus/exporters/snmp.nix index edc6e4b5022a5..ad4723d284056 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters/snmp.nix +++ b/nixos/modules/services/monitoring/prometheus/exporters/snmp.nix @@ -24,11 +24,9 @@ in Snmp exporter configuration as nix attribute set. Mutually exclusive with 'configurationPath' option. ''; example = { - "default" = { - "version" = 2; - "auth" = { - "community" = "public"; - }; + auths.public_v2 = { + community = "public"; + version = 2; }; }; }; diff --git a/nixos/tests/prometheus-exporters.nix b/nixos/tests/prometheus-exporters.nix index 53e6626c0e324..5872b02b609e1 100644 --- a/nixos/tests/prometheus-exporters.nix +++ b/nixos/tests/prometheus-exporters.nix @@ -1392,9 +1392,11 @@ let snmp = { exporterConfig = { enable = true; - configuration.default = { - version = 2; - auth.community = "public"; + configuration = { + auths.public_v2 = { + community = "public"; + version = 2; + }; }; }; exporterTest = '' From bb9c7762bcdab1e9d697a0e521ae8078c7e10d7f Mon Sep 17 00:00:00 2001 From: WilliButz Date: Fri, 12 Jan 2024 18:42:37 +0100 Subject: [PATCH 3/4] nixos/prometheus-snmp-exporter: add config check This is introduced and enabled by default because the config syntax for the exporter changed with release 0.23.0. This should make the breaking config change obvious before services are deployed with an incompatible old config. The check is based on the check present in the blackbox-exporter module. --- .../manual/release-notes/rl-2405.section.md | 4 ++ .../monitoring/prometheus/exporters/snmp.nix | 39 +++++++++++++++++-- 2 files changed, 40 insertions(+), 3 deletions(-) diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md index c075149a0e5d5..724307c0940a2 100644 --- a/nixos/doc/manual/release-notes/rl-2405.section.md +++ b/nixos/doc/manual/release-notes/rl-2405.section.md @@ -124,6 +124,10 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - `security.pam.enableSSHAgentAuth` now requires `services.openssh.authorizedKeysFiles` to be non-empty, which is the case when `services.openssh.enable` is true. Previously, `pam_ssh_agent_auth` silently failed to work. +- The configuration format for `services.prometheus.exporters.snmp` changed with release 0.23.0. + The module now includes an optional config check, that is enabled by default, to make the change obvious before any deployment. + More information about the configuration syntax change is available in the [upstream repository](https://github.com/prometheus/snmp_exporter/blob/b75fc6b839ee3f3ccbee68bee55f1ae99555084a/auth-split-migration.md). + ## Other Notable Changes {#sec-release-24.05-notable-changes} diff --git a/nixos/modules/services/monitoring/prometheus/exporters/snmp.nix b/nixos/modules/services/monitoring/prometheus/exporters/snmp.nix index ad4723d284056..840ce493ee812 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters/snmp.nix +++ b/nixos/modules/services/monitoring/prometheus/exporters/snmp.nix @@ -4,6 +4,25 @@ with lib; let cfg = config.services.prometheus.exporters.snmp; + + # This ensures that we can deal with string paths, path types and + # store-path strings with context. + coerceConfigFile = file: + if (builtins.isPath file) || (lib.isStorePath file) then + file + else + (lib.warn '' + ${logPrefix}: configuration file "${file}" is being copied to the nix-store. + If you would like to avoid that, please set enableConfigCheck to false. + '' /. + file); + + checkConfig = file: + pkgs.runCommandLocal "checked-snmp-exporter-config.yml" { + nativeBuildInputs = [ pkgs.buildPackages.prometheus-snmp-exporter ]; + } '' + ln -s ${coerceConfigFile file} $out + snmp_exporter --dry-run --config.file $out + ''; in { port = 9116; @@ -31,6 +50,16 @@ in }; }; + enableConfigCheck = mkOption { + type = types.bool; + default = true; + description = lib.mdDoc '' + Whether to run a correctness check for the configuration file. This depends + on the configuration file residing in the nix-store. Paths passed as string will + be copied to the store. + ''; + }; + logFormat = mkOption { type = types.enum ["logfmt" "json"]; default = "logfmt"; @@ -48,9 +77,13 @@ in }; }; serviceOpts = let - configFile = if cfg.configurationPath != null - then cfg.configurationPath - else "${pkgs.writeText "snmp-exporter-conf.yml" (builtins.toJSON cfg.configuration)}"; + uncheckedConfigFile = if cfg.configurationPath != null + then cfg.configurationPath + else "${pkgs.writeText "snmp-exporter-conf.yml" (builtins.toJSON cfg.configuration)}"; + configFile = if cfg.enableConfigCheck then + checkConfig uncheckedConfigFile + else + uncheckedConfigFile; in { serviceConfig = { ExecStart = '' From 4bd2f9c7377e23c7985d679999ce435cd995863a Mon Sep 17 00:00:00 2001 From: WilliButz Date: Sun, 14 Jan 2024 20:02:25 +0100 Subject: [PATCH 4/4] prometheus-snmp-exporter: remove myself as maintainer --- pkgs/servers/monitoring/prometheus/snmp-exporter.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/servers/monitoring/prometheus/snmp-exporter.nix b/pkgs/servers/monitoring/prometheus/snmp-exporter.nix index 9f097d16e8a7c..812484fdf615c 100644 --- a/pkgs/servers/monitoring/prometheus/snmp-exporter.nix +++ b/pkgs/servers/monitoring/prometheus/snmp-exporter.nix @@ -23,6 +23,6 @@ buildGoModule rec { description = "SNMP Exporter for Prometheus"; homepage = "https://github.com/prometheus/snmp_exporter"; license = licenses.asl20; - maintainers = with maintainers; [ oida willibutz Frostman ]; + maintainers = with maintainers; [ oida Frostman ]; }; }