feat: Geneva Uploader : Add config service client (#227)

Author: lalitb

opentelemetry-exporter-geneva/geneva-uploader/Cargo.toml

@@ -4,7 +4,27 @@ version = "0.1.0"
 edition = "2021"
 
 [dependencies]
-opentelemetry-proto = {workspace = true, default-features = false, features = ["logs"]}
+opentelemetry-proto = {workspace = true, default-features = false, features = ["logs", "gen-tonic-messages"]}
+base64 = "0.22"
+serde = { version = "1.0", features = ["derive"] }
+serde_json = { version = "1.0", features = ["raw_value"] }
+uuid = { version = "1.0", features = ["v4"] }
+# TODO - support both native-tls and rustls
+reqwest = { version = "0.12", features = ["native-tls", "native-tls-alpn"]}
+native-tls = "0.2" 
+thiserror = "2.0"
+chrono = "0.4"
+
+[features]
+self_signed_certs = [] # Empty by default for security
+default = ["self_signed_certs"] # TODO - remove this feature before release
+
+[dev-dependencies]
+tokio = { version = "1", features = ["full"] }
+rcgen = "0.13"
+openssl = { version = "0.10", features = ["vendored"] }
+tempfile = "3.5"
+wiremock = "0.6"
 
 [lints]
-workspace = true
+workspace = true

opentelemetry-exporter-geneva/geneva-uploader/src/config_service/README.md

@@ -0,0 +1,33 @@
+### GenevaConfigClient Flow (Certificate-Based Authentication)
+
+The diagram below illustrates how the `GenevaConfigClient` is initialized with a client certificate (in PKCS#12 format) and then used to fetch ingestion information from the Geneva Config Service using mutual TLS (mTLS). It includes the flow for loading the certificate, handling cached tokens, making authenticated requests, and parsing the response (including primary diagnostic monikers).
+
+```mermaid
+sequenceDiagram
+    participant App as User
+    participant Client as GenevaConfigClient
+    participant TLS as native_tls
+    participant GCS as Geneva Config Service
+
+    App->>Client: new(GenevaConfigClientConfig)
+    Client->>TLS: Load PKCS#12 cert
+    TLS-->>Client: native_tls::TlsConnector
+    Client->>Client: Build reqwest::Client with mTLS
+
+    App->>Client: get_ingestion_info()
+
+    alt Token in cache and not expired
+        Client->>App: Return cached (IngestionGatewayInfo, MonikerInfo)
+    else Cache miss or token expired
+        Client->>Client: Build HTTP GET URL
+        Client->>GCS: Send HTTPS request with mTLS\n+ Query Params & Headers
+        GCS-->>Client: JSON response (200 OK or error)
+
+        alt Response contains valid moniker
+            Client->>Client: Parse IngestionGatewayInfo and MonikerInfo
+            Client->>Client: Cache new token + expiry
+            Client->>App: Return new (IngestionGatewayInfo, MonikerInfo)
+        else No valid moniker
+            Client->>App: Error (MonikerNotFound)
+        end
+    end