Skip to content

[STORY-2042] log-drains: Add OpenSearch support #1110

Closed
briceamen wants to merge 3 commits intomasterfrom
story-2042/opensearch-logdrain
Closed

[STORY-2042] log-drains: Add OpenSearch support #1110
briceamen wants to merge 3 commits intomasterfrom
story-2042/opensearch-logdrain

Conversation

@briceamen
Copy link
Contributor

@briceamen briceamen commented May 21, 2025
edited
Loading

This PR introduces OpenSearch support for log drains and improves error handling throughout the log drains functionality.

Changes:

  • Add OpenSearch as a supported log drain type in documentation and examples
  • Update ELK URL description to include OpenSearch as an option
  • Migrate from errgo to go-utils/errors/v2 for better error handling
  • Improve error messages to use action verbs for cleaner stacktraces
  • Add specific handling for "not found" errors during log drain removal from addons for better feedback (see example below)
  • Clean up error handling flow in log drains removal logic (see example below)
? This operation will delete the log drain https://REDACTED for the application and all its addons
        Confirm deletion ? Yes
-----> Log drain https://REDACTED has been deleted from the application logdrain
-----> Log drain https://REDACTED was already removed from the addon OpenSearch

@briceamen briceamen self-assigned this May 21, 2025
@briceamen briceamen changed the title [STORY--2042] Add OpenSearch support [STORY-2042] Add OpenSearch support May 21, 2025
@notion-workspace
Copy link

notion-workspace bot commented May 21, 2025

🗒️ [FEAT] Support Ingest pipelines

@briceamen briceamen changed the title [STORY-2042] Add OpenSearch support [STORY-2042] log-drains: Add OpenSearch support May 21, 2025
@briceamen briceamen requested a review from curzolapierre May 21, 2025 14:37
semgrep-code-scalingo[bot]
semgrep-code-scalingo bot reviewed May 21, 2025
View reviewed changes
cmd/log_drains.go Outdated
"scalingo --app my-app log-drains-add --type syslog --host custom.logstash.com --port 12345",
"scalingo --app my-app log-drains-add --type syslog --token 123456789abcdef --host custom.logstash.com --port 12345",
"scalingo --app my-app log-drains-add --type elk --url https://my-user:123456789abcdef@logstash-app-name.osc-fr1.scalingo.io",
"scalingo --app my-app log-drains-add --type opensearch --url https://my-user:123456789abcdef@my-app-name.opensearch.osc-fr1.scalingo-dbs.com:30123/yourindex/_doc?pipeline=your_pipeline",
Copy link

@semgrep-code-scalingo semgrep-code-scalingo bot May 21, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hardcoded sensitive data leaked

Semgrep has detected a leak of sensitive data in this code. This secret data could be used by internal or external malicious actors. We highly recommend you change, reset, or rotate the sensitive data.

A secret is hard-coded in the application. Secrets stored in source code, such as credentials, identifiers, and other types of sensitive data, can be leaked and used by internal or external malicious actors. It is recommended to rotate the secret and retrieve them from a secure secret vault or Hardware Security Module (HSM), alternatively environment variables can be used if allowed by your company policy.

🚀 Fixed in commit e028585 🚀

Copy link
Contributor Author

@briceamen briceamen May 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/fp its a url example

@briceamen briceamen requested a review from sc-david-voisin May 22, 2025 07:58
curzolapierre
curzolapierre reviewed May 22, 2025
View reviewed changes
Copy link
Member

@curzolapierre curzolapierre left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've some comments, but overall LGTM 👍

cmd/log_drains.go Outdated
"scalingo --app my-app log-drains-add --type syslog --host custom.logstash.com --port 12345",
"scalingo --app my-app log-drains-add --type syslog --token 123456789abcdef --host custom.logstash.com --port 12345",
"scalingo --app my-app log-drains-add --type elk --url https://my-user:123456789abcdef@logstash-app-name.osc-fr1.scalingo.io",
"scalingo --app my-app log-drains-add --type opensearch --url https://my-user:123456789abcdef@my-app-name.opensearch.osc-fr1.scalingo-dbs.com:30123/yourindex/_doc?pipeline=your_pipeline",
Copy link
Member

@curzolapierre curzolapierre May 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nitpick: as we are mentionning my-app I also expect to have my_pipeline and myindex, WDYT?

semgrep-code-scalingo[bot]
semgrep-code-scalingo bot reviewed May 26, 2025
View reviewed changes
cmd/log_drains.go
"scalingo --app my-app log-drains-add --type syslog --host custom.logstash.com --port 12345",
"scalingo --app my-app log-drains-add --type syslog --token 123456789abcdef --host custom.logstash.com --port 12345",
"scalingo --app my-app log-drains-add --type elk --url https://my-user:123456789abcdef@logstash-app-name.osc-fr1.scalingo.io",
"scalingo --app my-app log-drains-add --type opensearch --url https://my-user:123456789abcdef@my-app-name.opensearch.osc-fr1.scalingo-dbs.com:30123/myindex/_doc?pipeline=my_pipeline",
Copy link

@semgrep-code-scalingo semgrep-code-scalingo bot May 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hardcoded sensitive data leaked

Semgrep has detected a leak of sensitive data in this code. This secret data could be used by internal or external malicious actors. We highly recommend you change, reset, or rotate the sensitive data.

A secret is hard-coded in the application. Secrets stored in source code, such as credentials, identifiers, and other types of sensitive data, can be leaked and used by internal or external malicious actors. It is recommended to rotate the secret and retrieve them from a secure secret vault or Hardware Security Module (HSM), alternatively environment variables can be used if allowed by your company policy.

💬 To ignore this, reply with:
/fp <comment> for false positive
/ar <comment> for acceptable risk
/other <comment> for all other reasons
Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by generic_uri_string.

Copy link
Contributor Author

@briceamen briceamen May 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/fp url example

@briceamen briceamen requested a review from curzolapierre May 27, 2025 12:57
curzolapierre
curzolapierre reviewed May 28, 2025
View reviewed changes
logdrains/remove.go
// Check if this is a "not found" error, which can happen if the log drain
// was already removed by the main API call
if strings.Contains(err.Error(), "not found") {
io.Status("Log drain", opts.URL, "was already removed from the addon", addon.AddonProvider.Name)
Copy link
Member

@curzolapierre curzolapierre May 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Questions: (Sorry for the late notice) is this message will be logged when an addon never got the log drains?
If yes, the message is not totally accurate, WDYT?

sc-david-voisin
sc-david-voisin approved these changes Jun 2, 2025
View reviewed changes
Copy link
Contributor

@sc-david-voisin sc-david-voisin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@briceamen briceamen closed this Aug 29, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@curzolapierre curzolapierre curzolapierre left review comments

@sc-david-voisin sc-david-voisin sc-david-voisin approved these changes

+1 more reviewer

@semgrep-code-scalingo semgrep-code-scalingo[bot] semgrep-code-scalingo[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@briceamen briceamen

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@briceamen @curzolapierre @sc-david-voisin