Add authorization for metric prometheus report (apache#15363)

* init

* add test

* Tan review

* add base64 & optimize test

Author: liyuheng55555

integration-test/src/main/java/org/apache/iotdb/it/env/cluster/config/MppConfigNodeConfig.java

@@ -55,4 +55,16 @@ public ConfigNodeConfig setMetricReporterType(List<String> metricReporterTypes)
     properties.setProperty("cn_metric_reporter_list", String.join(",", metricReporterTypes));
     return this;
   }
+
+  @Override
+  public ConfigNodeConfig setMetricPrometheusReporterUsername(String username) {
+    properties.setProperty("metric_prometheus_reporter_username", username);
+    return this;
+  }
+
+  @Override
+  public ConfigNodeConfig setMetricPrometheusReporterPassword(String password) {
+    properties.setProperty("metric_prometheus_reporter_password", password);
+    return this;
+  }
 }

integration-test/src/main/java/org/apache/iotdb/it/env/cluster/config/MppDataNodeConfig.java

@@ -56,6 +56,18 @@ public DataNodeConfig setMetricReporterType(List<String> metricReporterTypes) {
     return this;
   }
 
+  @Override
+  public DataNodeConfig setMetricPrometheusReporterUsername(String username) {
+    properties.setProperty("metric_prometheus_reporter_username", username);
+    return this;
+  }
+
+  @Override
+  public DataNodeConfig setMetricPrometheusReporterPassword(String password) {
+    properties.setProperty("metric_prometheus_reporter_password", password);
+    return this;
+  }
+
   @Override
   public DataNodeConfig setEnableRestService(boolean enableRestService) {
     properties.setProperty("enable_rest_service", String.valueOf(enableRestService));

integration-test/src/main/java/org/apache/iotdb/it/env/cluster/env/AbstractEnv.java

@@ -118,7 +118,7 @@ public ClusterConfig getConfig() {
   }
 
   @Override
-  public List<String> getMetricPrometheusReporterContents() {
+  public List<String> getMetricPrometheusReporterContents(String authHeader) {
     final List<String> result = new ArrayList<>();
     // get all report content of confignodes
     for (final ConfigNodeWrapper configNode : this.configNodeWrapperList) {
@@ -128,7 +128,8 @@ public List<String> getMetricPrometheusReporterContents() {
                   + configNode.getIp()
                   + ":"
                   + configNode.getMetricPort()
-                  + "/metrics");
+                  + "/metrics",
+              authHeader);
       result.add(configNodeMetricContent);
     }
     // get all report content of datanodes
@@ -139,7 +140,8 @@ public List<String> getMetricPrometheusReporterContents() {
                   + dataNode.getIp()
                   + ":"
                   + dataNode.getMetricPort()
-                  + "/metrics");
+                  + "/metrics",
+              authHeader);
       result.add(dataNodeMetricContent);
     }
     return result;
@@ -1047,6 +1049,11 @@ public void shutdownAllConfigNodes() {
     configNodeWrapperList.forEach(AbstractNodeWrapper::stop);
   }
 
+  @Override
+  public void shutdownForciblyAllConfigNodes() {
+    configNodeWrapperList.forEach(AbstractNodeWrapper::stopForcibly);
+  }
+
   @Override
   public ConfigNodeWrapper getConfigNodeWrapper(final int index) {
     return configNodeWrapperList.get(index);

integration-test/src/main/java/org/apache/iotdb/it/env/remote/config/RemoteConfigNodeConfig.java

@@ -28,4 +28,14 @@ public class RemoteConfigNodeConfig implements ConfigNodeConfig {
   public ConfigNodeConfig setMetricReporterType(List<String> metricReporterTypes) {
     return this;
   }
+
+  @Override
+  public ConfigNodeConfig setMetricPrometheusReporterUsername(String username) {
+    return this;
+  }
+
+  @Override
+  public ConfigNodeConfig setMetricPrometheusReporterPassword(String password) {
+    return this;
+  }
 }

integration-test/src/main/java/org/apache/iotdb/it/env/remote/config/RemoteDataNodeConfig.java

@@ -28,6 +28,16 @@ public DataNodeConfig setMetricReporterType(List<String> metricReporterTypes) {
     return this;
   }
 
+  @Override
+  public DataNodeConfig setMetricPrometheusReporterUsername(String username) {
+    return this;
+  }
+
+  @Override
+  public DataNodeConfig setMetricPrometheusReporterPassword(String password) {
+    return this;
+  }
+
   @Override
   public DataNodeConfig setEnableRestService(boolean enableRestService) {
     return this;

integration-test/src/main/java/org/apache/iotdb/it/env/remote/env/RemoteServerEnv.java

@@ -112,14 +112,16 @@ public ClusterConfig getConfig() {
   }
 
   @Override
-  public List<String> getMetricPrometheusReporterContents() {
+  public List<String> getMetricPrometheusReporterContents(String authHeader) {
     List<String> result = new ArrayList<>();
     result.add(
         getUrlContent(
-            Config.IOTDB_HTTP_URL_PREFIX + ip_addr + ":" + configNodeMetricPort + "/metrics"));
+            Config.IOTDB_HTTP_URL_PREFIX + ip_addr + ":" + configNodeMetricPort + "/metrics",
+            authHeader));
     result.add(
         getUrlContent(
-            Config.IOTDB_HTTP_URL_PREFIX + ip_addr + ":" + dataNodeMetricPort + "/metrics"));
+            Config.IOTDB_HTTP_URL_PREFIX + ip_addr + ":" + dataNodeMetricPort + "/metrics",
+            authHeader));
     return result;
   }
 
@@ -392,6 +394,11 @@ public void shutdownAllConfigNodes() {
     throw new UnsupportedOperationException();
   }
 
+  @Override
+  public void shutdownForciblyAllConfigNodes() {
+    throw new UnsupportedOperationException();
+  }
+
   @Override
   public void ensureNodeStatus(List<BaseNodeWrapper> nodes, List<NodeStatus> targetStatus) {
     throw new UnsupportedOperationException();

integration-test/src/main/java/org/apache/iotdb/itbase/env/BaseEnv.java

@@ -34,6 +34,8 @@
 import org.apache.iotdb.jdbc.Constant;
 import org.apache.iotdb.rpc.IoTDBConnectionException;
 
+import reactor.util.annotation.Nullable;
+
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStream;
@@ -79,11 +81,14 @@ public interface BaseEnv {
   /** Return the {@link ClusterConfig} for developers to set values before test. */
   ClusterConfig getConfig();
 
-  default String getUrlContent(String urlStr) {
+  default String getUrlContent(String urlStr, @Nullable String authHeader) {
     StringBuilder sb = new StringBuilder();
     try {
       URL url = new URL(urlStr);
       HttpURLConnection httpConnection = (HttpURLConnection) url.openConnection();
+      if (authHeader != null) {
+        httpConnection.setRequestProperty("Authorization", authHeader);
+      }
       if (httpConnection.getResponseCode() == HttpURLConnection.HTTP_OK) {
         InputStream in = httpConnection.getInputStream();
         InputStreamReader isr = new InputStreamReader(in);
@@ -105,7 +110,7 @@ default String getUrlContent(String urlStr) {
   }
 
   /** Return the content of prometheus */
-  List<String> getMetricPrometheusReporterContents();
+  List<String> getMetricPrometheusReporterContents(String authHeader);
 
   default Connection getConnection() throws SQLException {
     return getConnection(
@@ -243,6 +248,8 @@ default IConfigNodeRPCService.Iface getConfigNodeConnection(int index) throws Ex
   /** Shutdown all existed ConfigNodes. */
   void shutdownAllConfigNodes();
 
+  void shutdownForciblyAllConfigNodes();
+
   /**
    * Ensure all the nodes being in the corresponding status.
    *

integration-test/src/main/java/org/apache/iotdb/itbase/env/ConfigNodeConfig.java

@@ -23,5 +23,10 @@
 
 /** This interface is used to handle properties in iotdb-confignode.properties. */
 public interface ConfigNodeConfig {
+
   ConfigNodeConfig setMetricReporterType(List<String> metricReporterTypes);
+
+  ConfigNodeConfig setMetricPrometheusReporterUsername(String username);
+
+  ConfigNodeConfig setMetricPrometheusReporterPassword(String password);
 }

integration-test/src/main/java/org/apache/iotdb/itbase/env/DataNodeConfig.java

@@ -25,6 +25,10 @@
 public interface DataNodeConfig {
   DataNodeConfig setMetricReporterType(List<String> metricReporterTypes);
 
+  DataNodeConfig setMetricPrometheusReporterUsername(String username);
+
+  DataNodeConfig setMetricPrometheusReporterPassword(String password);
+
   DataNodeConfig setEnableRestService(boolean enableRestService);
 
   DataNodeConfig setConnectionTimeoutInMS(int connectionTimeoutInMS);

integration-test/src/test/java/org/apache/iotdb/db/it/metric/IoTDBMetricIT.java

@@ -23,16 +23,19 @@
 import org.apache.iotdb.it.framework.IoTDBTestRunner;
 import org.apache.iotdb.itbase.category.ClusterIT;
 import org.apache.iotdb.itbase.category.LocalStandaloneIT;
+import org.apache.iotdb.metrics.reporter.prometheus.PrometheusReporter;
 
-import org.junit.AfterClass;
+import org.junit.After;
 import org.junit.Assert;
-import org.junit.BeforeClass;
+import org.junit.Before;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
 import org.junit.runner.RunWith;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
 import java.util.Collections;
 import java.util.List;
 import java.util.regex.Pattern;
@@ -65,7 +68,13 @@ public class IoTDBMetricIT {
   private static final String VALID_LOG_STRING =
       "This line {} is invalid in prometheus line protocol";
 
-  public static boolean isValidPrometheusTextFormat(String metrics) {
+  private static final String TEST_USERNAME = "good";
+  private static final String TEST_PASSWORD = "??";
+
+  private static final String WRONG_USERNAME = "bad";
+  private static final String WRONG_PASSWORD = "!!";
+
+  private static boolean isValidPrometheusTextFormat(String metrics) {
     String[] lines = metrics.split("\\n");
     boolean valid = true;
 
@@ -107,8 +116,8 @@ private static boolean isValidTypeLine(String line) {
     return Pattern.matches(TYPE_REGEX, line.trim());
   }
 
-  @BeforeClass
-  public static void setUp() throws Exception {
+  @Before
+  public void setUp() throws Exception {
     // Start ConfigNode with Prometheus reporter up
     EnvFactory.getEnv()
         .getConfig()
@@ -119,21 +128,86 @@ public static void setUp() throws Exception {
         .getConfig()
         .getDataNodeConfig()
         .setMetricReporterType(Collections.singletonList("PROMETHEUS"));
-    EnvFactory.getEnv().initClusterEnvironment();
   }
 
-  @AfterClass
-  public static void tearDown() throws Exception {
+  @After
+  public void tearDown() throws Exception {
     EnvFactory.getEnv().cleanClusterEnvironment();
   }
 
+  @Test
+  public void testPrometheusReporterWithoutAuth() {
+    EnvFactory.getEnv().initClusterEnvironment();
+
+    List<String> metricContents = EnvFactory.getEnv().getMetricPrometheusReporterContents(null);
+    for (String metricContent : metricContents) {
+      Assert.assertNotNull(metricContent);
+      Assert.assertNotEquals(0, metricContent.length());
+      Assert.assertTrue(isValidPrometheusTextFormat(metricContent));
+    }
+  }
+
   @Test
   public void testPrometheusReporter() {
-    List<String> metricContents = EnvFactory.getEnv().getMetricPrometheusReporterContents();
+    EnvFactory.getEnv()
+        .getConfig()
+        .getConfigNodeConfig()
+        .setMetricPrometheusReporterUsername(base64Encode(TEST_USERNAME))
+        .setMetricPrometheusReporterPassword(base64Encode(TEST_PASSWORD));
+    EnvFactory.getEnv()
+        .getConfig()
+        .getDataNodeConfig()
+        .setMetricPrometheusReporterUsername(base64Encode(TEST_USERNAME))
+        .setMetricPrometheusReporterPassword(base64Encode(TEST_PASSWORD));
+    EnvFactory.getEnv().initClusterEnvironment();
+
+    wrongUsernameTest();
+    wrongPasswordTest();
+    correctUsernameAndPasswordTest();
+  }
+
+  private void wrongUsernameTest() {
+    List<String> metricContents =
+        EnvFactory.getEnv()
+            .getMetricPrometheusReporterContents(
+                buildPrometheusReporterAuthHeader(WRONG_USERNAME, TEST_PASSWORD));
+    for (String metricContent : metricContents) {
+      Assert.assertNull(metricContent);
+    }
+  }
+
+  private void wrongPasswordTest() {
+    List<String> metricContents =
+        EnvFactory.getEnv()
+            .getMetricPrometheusReporterContents(
+                buildPrometheusReporterAuthHeader(TEST_USERNAME, WRONG_PASSWORD));
+    for (String metricContent : metricContents) {
+      Assert.assertNull(metricContent);
+    }
+  }
+
+  private void correctUsernameAndPasswordTest() {
+    List<String> metricContents =
+        EnvFactory.getEnv()
+            .getMetricPrometheusReporterContents(
+                buildPrometheusReporterAuthHeader(TEST_USERNAME, TEST_PASSWORD));
     for (String metricContent : metricContents) {
       Assert.assertNotNull(metricContent);
       Assert.assertNotEquals(0, metricContent.length());
       Assert.assertTrue(isValidPrometheusTextFormat(metricContent));
     }
   }
+
+  private String buildPrometheusReporterAuthHeader(String username, String password) {
+    if (username == null || username.isEmpty()) {
+      return null;
+    }
+    String raw = username + PrometheusReporter.DIVIDER_BETWEEN_USERNAME_AND_DIVIDER + password;
+    String base64 = Base64.getEncoder().encodeToString(raw.getBytes(StandardCharsets.UTF_8));
+    return PrometheusReporter.BASIC_AUTH_PREFIX + base64;
+  }
+
+  private static String base64Encode(String raw) {
+    return Base64.getEncoder().encodeToString(raw.getBytes(StandardCharsets.UTF_8));
+  }
 }