Add support for authenticating a user with an X.509 cer

EventStore · Apr 9, 2024 · 50ad038 · 50ad038
1 parent b4667b6
commit 50ad038
Show file tree

Hide file tree

Showing 41 changed files with 1,545 additions and 527 deletions.
diff --git a/EventStore.Client.sln b/EventStore.Client.sln
@@ -33,6 +33,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "EventStore.Client.UserManag
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "EventStore.Client.Tests.Common", "test\EventStore.Client.Tests.Common\EventStore.Client.Tests.Common.csproj", "{E326832D-DE52-4DE4-9E54-C800908B75F3}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "EventStore.Client.Extensions.OpenTelemetry", "src\EventStore.Client.Extensions.OpenTelemetry\EventStore.Client.Extensions.OpenTelemetry.csproj", "{3723933C-585A-49BE-98E8-52D3FAD904CE}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|x64 = Debug|x64
@@ -94,6 +96,10 @@ Global
 		{E326832D-DE52-4DE4-9E54-C800908B75F3}.Debug|x64.Build.0 = Debug|Any CPU
 		{E326832D-DE52-4DE4-9E54-C800908B75F3}.Release|x64.ActiveCfg = Release|Any CPU
 		{E326832D-DE52-4DE4-9E54-C800908B75F3}.Release|x64.Build.0 = Release|Any CPU
+		{3723933C-585A-49BE-98E8-52D3FAD904CE}.Debug|x64.ActiveCfg = Debug|Any CPU
+		{3723933C-585A-49BE-98E8-52D3FAD904CE}.Debug|x64.Build.0 = Debug|Any CPU
+		{3723933C-585A-49BE-98E8-52D3FAD904CE}.Release|x64.ActiveCfg = Release|Any CPU
+		{3723933C-585A-49BE-98E8-52D3FAD904CE}.Release|x64.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(NestedProjects) = preSolution
 		{D3744A86-DD35-4104-AAEE-84B79062C4A2} = {EA59C1CB-16DA-4F68-AF8A-642A969B4CF8}
@@ -109,5 +115,6 @@ Global
 		{6CEB731F-72E1-461F-A6B3-54DBF3FD786C} = {C51F2C69-45A9-4D0D-A708-4FC319D5D340}
 		{22634CEE-4F7B-4679-A48D-38A2A8580ECA} = {C51F2C69-45A9-4D0D-A708-4FC319D5D340}
 		{E326832D-DE52-4DE4-9E54-C800908B75F3} = {C51F2C69-45A9-4D0D-A708-4FC319D5D340}
+		{3723933C-585A-49BE-98E8-52D3FAD904CE} = {EA59C1CB-16DA-4F68-AF8A-642A969B4CF8}
 	EndGlobalSection
 EndGlobal
diff --git a/README.md b/README.md
@@ -19,6 +19,24 @@ Reference the nuget package(s) for the API that you would like to call
 
 [User Management](https://www.nuget.org/packages/EventStore.Client.Grpc.UserManagement)
 
+## Open Telemetry
+
+Telemetry instrumentation can be enabled by installing the [Open Telemetry Extensions](https://www.nuget.org/packages/EventStore.Client.Extensions.OpenTelemetry) package.
+
+Once installed you can configure instrumentation using the `AddEventStoreClientInstrumentation` extension method on a `TracerProviderBuilder`.
+
+```csharp
+using var tracerProvider = Sdk.CreateTracerProviderBuilder()
+    ...
+    .AddEventStoreClientInstrumentation()
+    ...
+    .Build();
+```
+
+Tracing is the only telemetry currently exported, specifically for the `Append` and `Subscribe` (Catchup and Persistent) operations.
+
+For more information about Open Telemetry, refer to the [official documentation](https://opentelemetry.io/docs/what-is-opentelemetry/).
+
 ## Support
 
 Information on support and commercial tools such as LDAP authentication can be found here: [Event Store Support](https://eventstore.com/support/).

diff --git a/gencert.ps1 b/gencert.ps1
@@ -7,13 +7,13 @@ New-Item -ItemType Directory -Path .\certs -Force
 icacls .\certs /grant:r "$($env:UserName):(OI)(CI)RX"
 
 # Pull the Docker image
-docker pull eventstore/es-gencert-cli:1.0.2
+docker pull ghcr.io/eventstore/es-gencert-cli:1.3.0
 
 # Create CA certificate
-docker run --rm --volume ${PWD}\certs:/tmp --user (Get-Process -Id $PID).SessionId eventstore/es-gencert-cli:1.0.2 create-ca -out /tmp/ca
+docker run --rm --volume ${PWD}\certs:/tmp --user (Get-Process -Id $PID).SessionId ghcr.io/eventstore/es-gencert-cli:1.3.0 create-ca -out /tmp/ca
 
 # Create node certificate
-docker run --rm --volume ${PWD}\certs:/tmp --user (Get-Process -Id $PID).SessionId eventstore/es-gencert-cli:1.0.2 create-node -ca-certificate /tmp/ca/ca.crt -ca-key /tmp/ca/ca.key -out /tmp/node -ip-addresses 127.0.0.1 -dns-names localhost
+docker run --rm --volume ${PWD}\certs:/tmp --user (Get-Process -Id $PID).SessionId ghcr.io/eventstore/es-gencert-cli:1.3.0 create-node -ca-certificate /tmp/ca/ca.crt -ca-key /tmp/ca/ca.key -out /tmp/node -ip-addresses 127.0.0.1 -dns-names localhost
 
 # Set permissions recursively for the directory
 icacls .\certs /grant:r "$($env:UserName):(OI)(CI)RX"

diff --git a/gencert.sh b/gencert.sh
@@ -13,11 +13,11 @@ mkdir -p certs
 
 chmod 0755 ./certs
 
-docker pull eventstore/es-gencert-cli:1.0.2
+docker pull ghcr.io/eventstore/es-gencert-cli:1.3.0
 
-docker run --rm --volume $PWD/certs:/tmp --user $(id -u):$(id -g) eventstore/es-gencert-cli:1.0.2 create-ca -out /tmp/ca
+docker run --rm --volume $PWD/certs:/tmp --user $(id -u):$(id -g) ghcr.io/eventstore/es-gencert-cli:1.3.0 create-ca -out /tmp/ca
 
-docker run --rm --volume $PWD/certs:/tmp --user $(id -u):$(id -g) eventstore/es-gencert-cli:1.0.2 create-node -ca-certificate /tmp/ca/ca.crt -ca-key /tmp/ca/ca.key -out /tmp/node -ip-addresses 127.0.0.1 -dns-names localhost
+docker run --rm --volume $PWD/certs:/tmp --user $(id -u):$(id -g) ghcr.io/eventstore/es-gencert-cli:1.3.0 create-node -ca-certificate /tmp/ca/ca.crt -ca-key /tmp/ca/ca.key -out /tmp/node -ip-addresses 127.0.0.1 -dns-names localhost
 
 chmod -R 0755 ./certs
 

diff --git a/samples/secure-with-tls/docker-compose.certs.yml b/samples/secure-with-tls/docker-compose.certs.yml
@@ -16,7 +16,7 @@ services:
     network_mode: none
 
   cert-gen:
-    image: eventstore/es-gencert-cli:1.0.2
+    image: ghcr.io/eventstore/es-gencert-cli:1.3.0
     container_name: cert-gen
     user: "1000:1000"
     entrypoint: [ "/bin/sh","-c" ]

diff --git a/src/Directory.Build.props b/src/Directory.Build.props
@@ -4,7 +4,7 @@
         <RootNamespace>EventStore.Client</RootNamespace>
     </PropertyGroup>
 
-    <PropertyGroup Condition="$(MSBuildProjectName) != 'EventStore.Client'">
+    <PropertyGroup Condition="$(MSBuildProjectName) != 'EventStore.Client' And $(MSBuildProjectName) != 'EventStore.Client.Extensions.OpenTelemetry'">
         <ESPackageIdSuffix>$(MSBuildProjectName.Remove(0,18))</ESPackageIdSuffix>
         <ESProto>$(ESPackageIdSuffix.ToLower()).proto</ESProto>
         <ESProtoPath>../EventStore.Client.Common/protos/$(ESProto)</ESProtoPath>
@@ -50,6 +50,10 @@
         <Compile Include="../EventStore.Client.Common/**/*.cs" Link="Common\%(RecursiveDir)/%(FileName)%(Extension)"/>
     </ItemGroup>
 
+    <ItemGroup Condition="$(MSBuildProjectName) == 'EventStore.Client.Streams' Or $(MSBuildProjectName) == 'EventStore.Client.PersistentSubscriptions'">
+    	<Compile Include="../EventStore.Client/Diagnostics/**/*.cs" Link="Diagnostics\%(RecursiveDir)/%(FileName)%(Extension)"/>
+    </ItemGroup>
+
     <ItemGroup>
         <AssemblyAttribute Include="System.Runtime.CompilerServices.InternalsVisibleTo">
             <_Parameter1>$(ProjectName).Tests</_Parameter1>

diff --git a/src/EventStore.Client.Common/Constants.cs b/src/EventStore.Client.Common/Constants.cs
@@ -39,10 +39,10 @@ public static class Exceptions {
 	}
 
 	public static class Metadata {
-		public const           string   Type             = "type";
-		public const           string   Created          = "created";
-		public const           string   ContentType      = "content-type";
-		public static readonly string[] RequiredMetadata = { Type, ContentType };
+		public const           string   Type               = "type";
+		public const           string   Created            = "created";
+		public const           string   ContentType        = "content-type";
+		public static readonly string[] RequiredMetadata   = { Type, ContentType };
 
 		public static class ContentTypes {
 			public const string ApplicationJson        = "application/json";
@@ -58,4 +58,4 @@ public static class Headers {
 		public const string ConnectionName = "connection-name";
 		public const string RequiresLeader = "requires-leader";
 	}
-}
+}
diff --git a/...ntStore.Client.Extensions.OpenTelemetry/EventStore.Client.Extensions.OpenTelemetry.csproj b/...ntStore.Client.Extensions.OpenTelemetry/EventStore.Client.Extensions.OpenTelemetry.csproj
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project Sdk="Microsoft.NET.Sdk">
+	<PropertyGroup>
+		<RootNamespace>EventStore.Client.Extensions.OpenTelemetry</RootNamespace>
+	</PropertyGroup>
+
+	<PropertyGroup>
+		<PackageId>EventStore.Client.Extensions.OpenTelemetry</PackageId>
+		<Description>Extensions used to facilitate instrumentation of the EventStore Client.</Description>
+	</PropertyGroup>
+
+	<ItemGroup>
+	  <PackageReference Include="OpenTelemetry.Api" Version="1.8.0" />
+	</ItemGroup>
+
+	<ItemGroup>
+		<Compile Include="../EventStore.Client/Diagnostics/EventStoreClientInstrumentation.cs" Link="%(FileName)%(Extension)"/>
+	</ItemGroup>
+
+</Project>
diff --git a/src/EventStore.Client.Extensions.OpenTelemetry/TracerProviderBuilderExtensions.cs b/src/EventStore.Client.Extensions.OpenTelemetry/TracerProviderBuilderExtensions.cs
@@ -0,0 +1,19 @@
+using EventStore.Client.Diagnostics;
+using JetBrains.Annotations;
+using OpenTelemetry.Trace;
+
+namespace EventStore.Client.Extensions.OpenTelemetry;
+
+/// <summary>
+/// Extension methods used to facilitate tracing instrumentation of the EventStore Client.
+/// </summary>
+[PublicAPI]
+public static class TracerProviderBuilderExtensions {
+	/// <summary>
+	/// Adds the EventStore client ActivitySource name to the list of subscribed sources on the <see cref="TracerProviderBuilder"/>
+	/// </summary>
+	/// <param name="builder"><see cref="TracerProviderBuilder"/> being configured.</param>
+	/// <returns>The instance of <see cref="TracerProviderBuilder"/> to chain configuration.</returns>
+	public static TracerProviderBuilder AddEventStoreClientInstrumentation(this TracerProviderBuilder builder)
+		=> builder.AddSource(EventStoreClientInstrumentation.ActivitySourceName);
+}