From eea501538978736f046144b4e442446b34c8fb03 Mon Sep 17 00:00:00 2001 From: "ci.datadog-api-spec" Date: Thu, 21 May 2026 15:02:54 +0000 Subject: [PATCH] Regenerate client from commit fa7f8f4 of spec repo --- .generator/schemas/v2/openapi.yaml | 109 ++++++++++++++++++ .../frozen.json | 1 + .../recording.har | 67 +++++++++++ .../frozen.json | 1 + .../recording.har | 67 +++++++++++ features/v2/observability_pipelines.feature | 16 +++ .../observability_pipelines/src/v2/index.ts | 6 + .../ObservabilityPipelineHttpServerSource.ts | 11 ++ ...ilityPipelineHttpServerSourceValidToken.ts | 75 ++++++++++++ ...neHttpServerSourceValidTokenPathToToken.ts | 13 +++ ...ServerSourceValidTokenPathToTokenHeader.ts | 45 ++++++++ ...rverSourceValidTokenPathToTokenLocation.ts | 9 ++ ...ilityPipelineSourceValidTokenFieldToAdd.ts | 55 +++++++++ .../ObservabilityPipelineSplunkHecSource.ts | 10 ++ ...bilityPipelineSplunkHecSourceValidToken.ts | 65 +++++++++++ .../src/v2/models/TypingInfo.ts | 20 ++++ 16 files changed, 570 insertions(+) create mode 100644 cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-HTTP-server-source-valid_tokens-returns-OK-respon_1882871390/frozen.json create mode 100644 cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-HTTP-server-source-valid_tokens-returns-OK-respon_1882871390/recording.har create mode 100644 cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-Splunk-HEC-source-valid_tokens-returns-OK-respons_1977739652/frozen.json create mode 100644 cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-Splunk-HEC-source-valid_tokens-returns-OK-respons_1977739652/recording.har create mode 100644 services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidToken.ts create mode 100644 services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidTokenPathToToken.ts create mode 100644 services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader.ts create mode 100644 services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation.ts create mode 100644 services/observability_pipelines/src/v2/models/ObservabilityPipelineSourceValidTokenFieldToAdd.ts create mode 100644 services/observability_pipelines/src/v2/models/ObservabilityPipelineSplunkHecSourceValidToken.ts diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index 25ad70c2815c..f6e400c81c86 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -54340,6 +54340,16 @@ components: description: Name of the environment variable or secret that holds the username (used when `auth_strategy` is `plain`). example: HTTP_AUTH_USERNAME type: string + valid_tokens: + description: |- + A list of tokens that are accepted for authenticating incoming HTTP requests. When set, + the source rejects any request whose token does not match an enabled entry in this list. + Cannot be combined with the `plain` auth strategy. + items: + $ref: "#/components/schemas/ObservabilityPipelineHttpServerSourceValidToken" + maxItems: 1000 + minItems: 1 + type: array required: - id - type @@ -54365,6 +54375,55 @@ components: type: string x-enum-varnames: - HTTP_SERVER + ObservabilityPipelineHttpServerSourceValidToken: + description: An accepted token used to authenticate incoming HTTP server requests. + properties: + enabled: + default: true + description: |- + Indicates whether this token is currently accepted. Disabled tokens are rejected without + being removed from the configuration. + example: true + type: boolean + field_to_add: + $ref: "#/components/schemas/ObservabilityPipelineSourceValidTokenFieldToAdd" + path_to_token: + $ref: "#/components/schemas/ObservabilityPipelineHttpServerSourceValidTokenPathToToken" + token_key: + description: Name of the environment variable or secret that holds the expected token value. + example: HTTP_SERVER_TOKEN + pattern: "^[A-Za-z0-9_]+$" + type: string + required: + - token_key + type: object + ObservabilityPipelineHttpServerSourceValidTokenPathToToken: + description: |- + Specifies where the worker extracts the token from in the incoming HTTP request. + This can be either a built-in location (`path` or `address`) or an HTTP header object. + oneOf: + - $ref: "#/components/schemas/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation" + - $ref: "#/components/schemas/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader" + ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader: + description: Extract the token from a specific HTTP request header. + properties: + header: + description: The name of the HTTP header that carries the token. + example: X-Token + type: string + required: + - header + type: object + ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation: + description: Built-in token location on the incoming HTTP request. + enum: + - path + - address + example: path + type: string + x-enum-varnames: + - PATH + - ADDRESS ObservabilityPipelineKafkaDestination: description: |- The `kafka` destination sends logs to Apache Kafka topics. @@ -56388,6 +56447,27 @@ components: type: string x-enum-varnames: - SOCKET + ObservabilityPipelineSourceValidTokenFieldToAdd: + description: |- + An optional metadata field that is attached to every event authenticated by the + associated token. Both `key` and `value` must match `^[A-Za-z0-9_]+$`. + properties: + key: + description: The metadata field name to add to incoming events. + example: token_name + maxLength: 256 + pattern: "^[A-Za-z0-9_]+$" + type: string + value: + description: The metadata field value to add to incoming events. + example: my_token + maxLength: 1024 + pattern: "^[A-Za-z0-9_]+$" + type: string + required: + - key + - value + type: object ObservabilityPipelineSpec: description: Input schema representing an observability pipeline configuration. Used in create and validate requests. properties: @@ -56584,6 +56664,15 @@ components: $ref: "#/components/schemas/ObservabilityPipelineTls" type: $ref: "#/components/schemas/ObservabilityPipelineSplunkHecSourceType" + valid_tokens: + description: |- + A list of tokens that are accepted for authenticating incoming HEC requests. When set, the source + rejects any request whose HEC token does not match an enabled entry in this list. + items: + $ref: "#/components/schemas/ObservabilityPipelineSplunkHecSourceValidToken" + maxItems: 1000 + minItems: 1 + type: array required: - id - type @@ -56598,6 +56687,26 @@ components: type: string x-enum-varnames: - SPLUNK_HEC + ObservabilityPipelineSplunkHecSourceValidToken: + description: An accepted HEC token used to authenticate incoming Splunk HEC requests. + properties: + enabled: + default: true + description: |- + Indicates whether this token is currently accepted. Disabled tokens are rejected without + being removed from the configuration. + example: true + type: boolean + field_to_add: + $ref: "#/components/schemas/ObservabilityPipelineSourceValidTokenFieldToAdd" + token_key: + description: Name of the environment variable or secret that holds the expected HEC token value. + example: SPLUNK_HEC_TOKEN + pattern: "^[A-Za-z0-9_]+$" + type: string + required: + - token_key + type: object ObservabilityPipelineSplunkTcpSource: description: |- The `splunk_tcp` source receives logs from a Splunk Universal Forwarder over TCP. diff --git a/cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-HTTP-server-source-valid_tokens-returns-OK-respon_1882871390/frozen.json b/cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-HTTP-server-source-valid_tokens-returns-OK-respon_1882871390/frozen.json new file mode 100644 index 000000000000..f2f09f71bb7f --- /dev/null +++ b/cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-HTTP-server-source-valid_tokens-returns-OK-respon_1882871390/frozen.json @@ -0,0 +1 @@ +"2026-05-18T16:51:43.688Z" diff --git a/cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-HTTP-server-source-valid_tokens-returns-OK-respon_1882871390/recording.har b/cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-HTTP-server-source-valid_tokens-returns-OK-respon_1882871390/recording.har new file mode 100644 index 000000000000..f5e1b7455435 --- /dev/null +++ b/cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-HTTP-server-source-valid_tokens-returns-OK-respon_1882871390/recording.har @@ -0,0 +1,67 @@ +{ + "log": { + "_recordingName": "Observability Pipelines/Validate an observability pipeline with HTTP server source valid_tokens returns \"OK\" response", + "creator": { + "comment": "persister:fs", + "name": "Polly.JS", + "version": "6.0.5" + }, + "entries": [ + { + "_id": "995eaf3b9758c2e80411db3be2ac2ed4", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 776, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + }, + { + "_fromType": "array", + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 581, + "httpVersion": "HTTP/1.1", + "method": "POST", + "postData": { + "mimeType": "application/json", + "params": [], + "text": "{\"data\":{\"attributes\":{\"config\":{\"destinations\":[{\"id\":\"datadog-logs-destination\",\"inputs\":[\"my-processor-group\"],\"type\":\"datadog_logs\"}],\"processor_groups\":[{\"enabled\":true,\"id\":\"my-processor-group\",\"include\":\"service:my-service\",\"inputs\":[\"http-server-source\"],\"processors\":[{\"enabled\":true,\"id\":\"filter-processor\",\"include\":\"status:error\",\"type\":\"filter\"}]}],\"sources\":[{\"auth_strategy\":\"none\",\"decoding\":\"json\",\"id\":\"http-server-source\",\"type\":\"http_server\",\"valid_tokens\":[{\"enabled\":true,\"field_to_add\":{\"key\":\"token_name\",\"value\":\"primary_token\"},\"path_to_token\":{\"header\":\"X-Token\"},\"token_key\":\"HTTP_SERVER_TOKEN\"},{\"enabled\":true,\"path_to_token\":\"path\",\"token_key\":\"HTTP_SERVER_TOKEN_BACKUP\"}]}]},\"name\":\"Pipeline with HTTP server valid_tokens\"},\"type\":\"pipelines\"}}" + }, + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/obs-pipelines/pipelines/validate" + }, + "response": { + "bodySize": 14, + "content": { + "mimeType": "application/vnd.api+json", + "size": 14, + "text": "{\"errors\":[]}\n" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/vnd.api+json" + } + ], + "headersSize": 370, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 200, + "statusText": "OK" + }, + "startedDateTime": "2026-05-18T16:51:43.693Z", + "time": 378 + } + ], + "pages": [], + "version": "1.2" + } +} diff --git a/cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-Splunk-HEC-source-valid_tokens-returns-OK-respons_1977739652/frozen.json b/cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-Splunk-HEC-source-valid_tokens-returns-OK-respons_1977739652/frozen.json new file mode 100644 index 000000000000..419a8ee72fc9 --- /dev/null +++ b/cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-Splunk-HEC-source-valid_tokens-returns-OK-respons_1977739652/frozen.json @@ -0,0 +1 @@ +"2026-05-18T16:51:43.307Z" diff --git a/cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-Splunk-HEC-source-valid_tokens-returns-OK-respons_1977739652/recording.har b/cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-Splunk-HEC-source-valid_tokens-returns-OK-respons_1977739652/recording.har new file mode 100644 index 000000000000..c370a54a24f8 --- /dev/null +++ b/cassettes/v2/Observability-Pipelines_4170000189/Validate-an-observability-pipeline-with-Splunk-HEC-source-valid_tokens-returns-OK-respons_1977739652/recording.har @@ -0,0 +1,67 @@ +{ + "log": { + "_recordingName": "Observability Pipelines/Validate an observability pipeline with Splunk HEC source valid_tokens returns \"OK\" response", + "creator": { + "comment": "persister:fs", + "name": "Polly.JS", + "version": "6.0.5" + }, + "entries": [ + { + "_id": "9683c2e56c7f303034c83c3f319a7454", + "_order": 0, + "cache": {}, + "request": { + "bodySize": 670, + "cookies": [], + "headers": [ + { + "_fromType": "array", + "name": "accept", + "value": "application/json" + }, + { + "_fromType": "array", + "name": "content-type", + "value": "application/json" + } + ], + "headersSize": 581, + "httpVersion": "HTTP/1.1", + "method": "POST", + "postData": { + "mimeType": "application/json", + "params": [], + "text": "{\"data\":{\"attributes\":{\"config\":{\"destinations\":[{\"id\":\"datadog-logs-destination\",\"inputs\":[\"my-processor-group\"],\"type\":\"datadog_logs\"}],\"processor_groups\":[{\"enabled\":true,\"id\":\"my-processor-group\",\"include\":\"service:my-service\",\"inputs\":[\"splunk-hec-source\"],\"processors\":[{\"enabled\":true,\"id\":\"filter-processor\",\"include\":\"status:error\",\"type\":\"filter\"}]}],\"sources\":[{\"id\":\"splunk-hec-source\",\"type\":\"splunk_hec\",\"valid_tokens\":[{\"enabled\":true,\"field_to_add\":{\"key\":\"token_name\",\"value\":\"primary_token\"},\"token_key\":\"SPLUNK_HEC_TOKEN\"},{\"enabled\":false,\"token_key\":\"SPLUNK_HEC_TOKEN_BACKUP\"}]}]},\"name\":\"Pipeline with Splunk HEC valid_tokens\"},\"type\":\"pipelines\"}}" + }, + "queryString": [], + "url": "https://api.datadoghq.com/api/v2/obs-pipelines/pipelines/validate" + }, + "response": { + "bodySize": 14, + "content": { + "mimeType": "application/vnd.api+json", + "size": 14, + "text": "{\"errors\":[]}\n" + }, + "cookies": [], + "headers": [ + { + "name": "content-type", + "value": "application/vnd.api+json" + } + ], + "headersSize": 370, + "httpVersion": "HTTP/1.1", + "redirectURL": "", + "status": 200, + "statusText": "OK" + }, + "startedDateTime": "2026-05-18T16:51:43.310Z", + "time": 371 + } + ], + "pages": [], + "version": "1.2" + } +} diff --git a/features/v2/observability_pipelines.feature b/features/v2/observability_pipelines.feature index 887f147074d7..24890aaddbc9 100644 --- a/features/v2/observability_pipelines.feature +++ b/features/v2/observability_pipelines.feature @@ -176,6 +176,14 @@ Feature: Observability Pipelines Then the response status is 200 OK And the response "errors" has length 0 + @team:DataDog/observability-pipelines + Scenario: Validate an observability pipeline with HTTP server source valid_tokens returns "OK" response + Given new "ValidatePipeline" request + And body with value {"data": {"attributes": {"config": {"destinations": [{"id": "datadog-logs-destination", "inputs": ["my-processor-group"], "type": "datadog_logs"}], "processor_groups": [{"enabled": true, "id": "my-processor-group", "include": "service:my-service", "inputs": ["http-server-source"], "processors": [{"enabled": true, "id": "filter-processor", "include": "status:error", "type": "filter"}]}], "sources": [{"id": "http-server-source", "type": "http_server", "auth_strategy": "none", "decoding": "json", "valid_tokens": [{"token_key": "HTTP_SERVER_TOKEN", "enabled": true, "path_to_token": {"header": "X-Token"}, "field_to_add": {"key": "token_name", "value": "primary_token"}}, {"token_key": "HTTP_SERVER_TOKEN_BACKUP", "enabled": true, "path_to_token": "path"}]}]}, "name": "Pipeline with HTTP server valid_tokens"}, "type": "pipelines"}} + When the request is sent + Then the response status is 200 OK + And the response "errors" has length 0 + @team:DataDog/observability-pipelines Scenario: Validate an observability pipeline with OCSF mapper custom mapping returns "OK" response Given new "ValidatePipeline" request @@ -223,6 +231,14 @@ Feature: Observability Pipelines Then the response status is 200 OK And the response "errors" has length 0 + @team:DataDog/observability-pipelines + Scenario: Validate an observability pipeline with Splunk HEC source valid_tokens returns "OK" response + Given new "ValidatePipeline" request + And body with value {"data": {"attributes": {"config": {"destinations": [{"id": "datadog-logs-destination", "inputs": ["my-processor-group"], "type": "datadog_logs"}], "processor_groups": [{"enabled": true, "id": "my-processor-group", "include": "service:my-service", "inputs": ["splunk-hec-source"], "processors": [{"enabled": true, "id": "filter-processor", "include": "status:error", "type": "filter"}]}], "sources": [{"id": "splunk-hec-source", "type": "splunk_hec", "valid_tokens": [{"token_key": "SPLUNK_HEC_TOKEN", "enabled": true, "field_to_add": {"key": "token_name", "value": "primary_token"}}, {"token_key": "SPLUNK_HEC_TOKEN_BACKUP", "enabled": false}]}]}, "name": "Pipeline with Splunk HEC valid_tokens"}, "type": "pipelines"}} + When the request is sent + Then the response status is 200 OK + And the response "errors" has length 0 + @team:DataDog/observability-pipelines Scenario: Validate an observability pipeline with amazon S3 source compression returns "OK" response Given new "ValidatePipeline" request diff --git a/services/observability_pipelines/src/v2/index.ts b/services/observability_pipelines/src/v2/index.ts index c955672d0be8..06ede4f105dd 100644 --- a/services/observability_pipelines/src/v2/index.ts +++ b/services/observability_pipelines/src/v2/index.ts @@ -157,6 +157,10 @@ export { ObservabilityPipelineHttpClientSourceType } from "./models/Observabilit export { ObservabilityPipelineHttpServerSource } from "./models/ObservabilityPipelineHttpServerSource"; export { ObservabilityPipelineHttpServerSourceAuthStrategy } from "./models/ObservabilityPipelineHttpServerSourceAuthStrategy"; export { ObservabilityPipelineHttpServerSourceType } from "./models/ObservabilityPipelineHttpServerSourceType"; +export { ObservabilityPipelineHttpServerSourceValidToken } from "./models/ObservabilityPipelineHttpServerSourceValidToken"; +export { ObservabilityPipelineHttpServerSourceValidTokenPathToToken } from "./models/ObservabilityPipelineHttpServerSourceValidTokenPathToToken"; +export { ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader } from "./models/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader"; +export { ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation } from "./models/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation"; export { ObservabilityPipelineKafkaDestination } from "./models/ObservabilityPipelineKafkaDestination"; export { ObservabilityPipelineKafkaDestinationCompression } from "./models/ObservabilityPipelineKafkaDestinationCompression"; export { ObservabilityPipelineKafkaDestinationEncoding } from "./models/ObservabilityPipelineKafkaDestinationEncoding"; @@ -282,6 +286,7 @@ export { ObservabilityPipelineSocketSourceFramingOctetCounting } from "./models/ export { ObservabilityPipelineSocketSourceFramingOctetCountingMethod } from "./models/ObservabilityPipelineSocketSourceFramingOctetCountingMethod"; export { ObservabilityPipelineSocketSourceMode } from "./models/ObservabilityPipelineSocketSourceMode"; export { ObservabilityPipelineSocketSourceType } from "./models/ObservabilityPipelineSocketSourceType"; +export { ObservabilityPipelineSourceValidTokenFieldToAdd } from "./models/ObservabilityPipelineSourceValidTokenFieldToAdd"; export { ObservabilityPipelineSpec } from "./models/ObservabilityPipelineSpec"; export { ObservabilityPipelineSpecData } from "./models/ObservabilityPipelineSpecData"; export { ObservabilityPipelineSplitArrayProcessor } from "./models/ObservabilityPipelineSplitArrayProcessor"; @@ -293,6 +298,7 @@ export { ObservabilityPipelineSplunkHecDestinationTokenStrategy } from "./models export { ObservabilityPipelineSplunkHecDestinationType } from "./models/ObservabilityPipelineSplunkHecDestinationType"; export { ObservabilityPipelineSplunkHecSource } from "./models/ObservabilityPipelineSplunkHecSource"; export { ObservabilityPipelineSplunkHecSourceType } from "./models/ObservabilityPipelineSplunkHecSourceType"; +export { ObservabilityPipelineSplunkHecSourceValidToken } from "./models/ObservabilityPipelineSplunkHecSourceValidToken"; export { ObservabilityPipelineSplunkTcpSource } from "./models/ObservabilityPipelineSplunkTcpSource"; export { ObservabilityPipelineSplunkTcpSourceType } from "./models/ObservabilityPipelineSplunkTcpSourceType"; export { ObservabilityPipelineSumoLogicDestination } from "./models/ObservabilityPipelineSumoLogicDestination"; diff --git a/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSource.ts b/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSource.ts index 5e1dd18c1f14..a663926b8867 100644 --- a/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSource.ts +++ b/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSource.ts @@ -3,6 +3,7 @@ import { AttributeTypeMap } from "@datadog/datadog-api-client"; import { ObservabilityPipelineDecoding } from "./ObservabilityPipelineDecoding"; import { ObservabilityPipelineHttpServerSourceAuthStrategy } from "./ObservabilityPipelineHttpServerSourceAuthStrategy"; import { ObservabilityPipelineHttpServerSourceType } from "./ObservabilityPipelineHttpServerSourceType"; +import { ObservabilityPipelineHttpServerSourceValidToken } from "./ObservabilityPipelineHttpServerSourceValidToken"; import { ObservabilityPipelineTls } from "./ObservabilityPipelineTls"; /** @@ -47,6 +48,12 @@ export class ObservabilityPipelineHttpServerSource { * Name of the environment variable or secret that holds the username (used when `auth_strategy` is `plain`). */ "usernameKey"?: string; + /** + * A list of tokens that are accepted for authenticating incoming HTTP requests. When set, + * the source rejects any request whose token does not match an enabled entry in this list. + * Cannot be combined with the `plain` auth strategy. + */ + "validTokens"?: Array; /** * A container for additional, undeclared properties. * This is a holder for any undeclared properties as specified with @@ -102,6 +109,10 @@ export class ObservabilityPipelineHttpServerSource { baseName: "username_key", type: "string", }, + validTokens: { + baseName: "valid_tokens", + type: "Array", + }, additionalProperties: { baseName: "additionalProperties", type: "{ [key: string]: any; }", diff --git a/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidToken.ts b/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidToken.ts new file mode 100644 index 000000000000..dac7a58548ef --- /dev/null +++ b/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidToken.ts @@ -0,0 +1,75 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { ObservabilityPipelineHttpServerSourceValidTokenPathToToken } from "./ObservabilityPipelineHttpServerSourceValidTokenPathToToken"; +import { ObservabilityPipelineSourceValidTokenFieldToAdd } from "./ObservabilityPipelineSourceValidTokenFieldToAdd"; + +/** + * An accepted token used to authenticate incoming HTTP server requests. + */ +export class ObservabilityPipelineHttpServerSourceValidToken { + /** + * Indicates whether this token is currently accepted. Disabled tokens are rejected without + * being removed from the configuration. + */ + "enabled"?: boolean; + /** + * An optional metadata field that is attached to every event authenticated by the + * associated token. Both `key` and `value` must match `^[A-Za-z0-9_]+$`. + */ + "fieldToAdd"?: ObservabilityPipelineSourceValidTokenFieldToAdd; + /** + * Specifies where the worker extracts the token from in the incoming HTTP request. + * This can be either a built-in location (`path` or `address`) or an HTTP header object. + */ + "pathToToken"?: ObservabilityPipelineHttpServerSourceValidTokenPathToToken; + /** + * Name of the environment variable or secret that holds the expected token value. + */ + "tokenKey": string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + enabled: { + baseName: "enabled", + type: "boolean", + }, + fieldToAdd: { + baseName: "field_to_add", + type: "ObservabilityPipelineSourceValidTokenFieldToAdd", + }, + pathToToken: { + baseName: "path_to_token", + type: "ObservabilityPipelineHttpServerSourceValidTokenPathToToken", + }, + tokenKey: { + baseName: "token_key", + type: "string", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return ObservabilityPipelineHttpServerSourceValidToken.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidTokenPathToToken.ts b/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidTokenPathToToken.ts new file mode 100644 index 000000000000..c57bc9dc1840 --- /dev/null +++ b/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidTokenPathToToken.ts @@ -0,0 +1,13 @@ +import { UnparsedObject } from "@datadog/datadog-api-client"; + +import { ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader } from "./ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader"; +import { ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation } from "./ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation"; + +/** + * Specifies where the worker extracts the token from in the incoming HTTP request. + * This can be either a built-in location (`path` or `address`) or an HTTP header object. + */ +export type ObservabilityPipelineHttpServerSourceValidTokenPathToToken = + | ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation + | ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader + | UnparsedObject; diff --git a/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader.ts b/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader.ts new file mode 100644 index 000000000000..a458a3275c07 --- /dev/null +++ b/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader.ts @@ -0,0 +1,45 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * Extract the token from a specific HTTP request header. + */ +export class ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader { + /** + * The name of the HTTP header that carries the token. + */ + "header": string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + header: { + baseName: "header", + type: "string", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation.ts b/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation.ts new file mode 100644 index 000000000000..84b8cb68c844 --- /dev/null +++ b/services/observability_pipelines/src/v2/models/ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation.ts @@ -0,0 +1,9 @@ +import { UnparsedObject } from "@datadog/datadog-api-client"; + +/** + * Built-in token location on the incoming HTTP request. + */ +export type ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation = + typeof PATH | typeof ADDRESS | UnparsedObject; +export const PATH = "path"; +export const ADDRESS = "address"; diff --git a/services/observability_pipelines/src/v2/models/ObservabilityPipelineSourceValidTokenFieldToAdd.ts b/services/observability_pipelines/src/v2/models/ObservabilityPipelineSourceValidTokenFieldToAdd.ts new file mode 100644 index 000000000000..bdc7a67a93b0 --- /dev/null +++ b/services/observability_pipelines/src/v2/models/ObservabilityPipelineSourceValidTokenFieldToAdd.ts @@ -0,0 +1,55 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +/** + * An optional metadata field that is attached to every event authenticated by the + * associated token. Both `key` and `value` must match `^[A-Za-z0-9_]+$`. + */ +export class ObservabilityPipelineSourceValidTokenFieldToAdd { + /** + * The metadata field name to add to incoming events. + */ + "key": string; + /** + * The metadata field value to add to incoming events. + */ + "value": string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + key: { + baseName: "key", + type: "string", + required: true, + }, + value: { + baseName: "value", + type: "string", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return ObservabilityPipelineSourceValidTokenFieldToAdd.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/observability_pipelines/src/v2/models/ObservabilityPipelineSplunkHecSource.ts b/services/observability_pipelines/src/v2/models/ObservabilityPipelineSplunkHecSource.ts index d3a5493998c5..61cdc11ca13d 100644 --- a/services/observability_pipelines/src/v2/models/ObservabilityPipelineSplunkHecSource.ts +++ b/services/observability_pipelines/src/v2/models/ObservabilityPipelineSplunkHecSource.ts @@ -1,6 +1,7 @@ import { AttributeTypeMap } from "@datadog/datadog-api-client"; import { ObservabilityPipelineSplunkHecSourceType } from "./ObservabilityPipelineSplunkHecSourceType"; +import { ObservabilityPipelineSplunkHecSourceValidToken } from "./ObservabilityPipelineSplunkHecSourceValidToken"; import { ObservabilityPipelineTls } from "./ObservabilityPipelineTls"; /** @@ -30,6 +31,11 @@ export class ObservabilityPipelineSplunkHecSource { * The source type. Always `splunk_hec`. */ "type": ObservabilityPipelineSplunkHecSourceType; + /** + * A list of tokens that are accepted for authenticating incoming HEC requests. When set, the source + * rejects any request whose HEC token does not match an enabled entry in this list. + */ + "validTokens"?: Array; /** * A container for additional, undeclared properties. * This is a holder for any undeclared properties as specified with @@ -67,6 +73,10 @@ export class ObservabilityPipelineSplunkHecSource { type: "ObservabilityPipelineSplunkHecSourceType", required: true, }, + validTokens: { + baseName: "valid_tokens", + type: "Array", + }, additionalProperties: { baseName: "additionalProperties", type: "{ [key: string]: any; }", diff --git a/services/observability_pipelines/src/v2/models/ObservabilityPipelineSplunkHecSourceValidToken.ts b/services/observability_pipelines/src/v2/models/ObservabilityPipelineSplunkHecSourceValidToken.ts new file mode 100644 index 000000000000..eba5dbebba93 --- /dev/null +++ b/services/observability_pipelines/src/v2/models/ObservabilityPipelineSplunkHecSourceValidToken.ts @@ -0,0 +1,65 @@ +import { AttributeTypeMap } from "@datadog/datadog-api-client"; + +import { ObservabilityPipelineSourceValidTokenFieldToAdd } from "./ObservabilityPipelineSourceValidTokenFieldToAdd"; + +/** + * An accepted HEC token used to authenticate incoming Splunk HEC requests. + */ +export class ObservabilityPipelineSplunkHecSourceValidToken { + /** + * Indicates whether this token is currently accepted. Disabled tokens are rejected without + * being removed from the configuration. + */ + "enabled"?: boolean; + /** + * An optional metadata field that is attached to every event authenticated by the + * associated token. Both `key` and `value` must match `^[A-Za-z0-9_]+$`. + */ + "fieldToAdd"?: ObservabilityPipelineSourceValidTokenFieldToAdd; + /** + * Name of the environment variable or secret that holds the expected HEC token value. + */ + "tokenKey": string; + /** + * A container for additional, undeclared properties. + * This is a holder for any undeclared properties as specified with + * the 'additionalProperties' keyword in the OAS document. + */ + "additionalProperties"?: { [key: string]: any }; + /** + * @ignore + */ + "_unparsed"?: boolean; + + /** + * @ignore + */ + static readonly attributeTypeMap: AttributeTypeMap = { + enabled: { + baseName: "enabled", + type: "boolean", + }, + fieldToAdd: { + baseName: "field_to_add", + type: "ObservabilityPipelineSourceValidTokenFieldToAdd", + }, + tokenKey: { + baseName: "token_key", + type: "string", + required: true, + }, + additionalProperties: { + baseName: "additionalProperties", + type: "{ [key: string]: any; }", + }, + }; + + /** + * @ignore + */ + static getAttributeTypeMap(): AttributeTypeMap { + return ObservabilityPipelineSplunkHecSourceValidToken.attributeTypeMap; + } + + public constructor() {} +} diff --git a/services/observability_pipelines/src/v2/models/TypingInfo.ts b/services/observability_pipelines/src/v2/models/TypingInfo.ts index d1e4778343aa..4bc3820ca410 100644 --- a/services/observability_pipelines/src/v2/models/TypingInfo.ts +++ b/services/observability_pipelines/src/v2/models/TypingInfo.ts @@ -74,6 +74,8 @@ import { ObservabilityPipelineHttpClientDestination } from "./ObservabilityPipel import { ObservabilityPipelineHttpClientDestinationCompression } from "./ObservabilityPipelineHttpClientDestinationCompression"; import { ObservabilityPipelineHttpClientSource } from "./ObservabilityPipelineHttpClientSource"; import { ObservabilityPipelineHttpServerSource } from "./ObservabilityPipelineHttpServerSource"; +import { ObservabilityPipelineHttpServerSourceValidToken } from "./ObservabilityPipelineHttpServerSourceValidToken"; +import { ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader } from "./ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader"; import { ObservabilityPipelineKafkaDestination } from "./ObservabilityPipelineKafkaDestination"; import { ObservabilityPipelineKafkaLibrdkafkaOption } from "./ObservabilityPipelineKafkaLibrdkafkaOption"; import { ObservabilityPipelineKafkaSasl } from "./ObservabilityPipelineKafkaSasl"; @@ -139,12 +141,14 @@ import { ObservabilityPipelineSocketSourceFramingCharacterDelimited } from "./Ob import { ObservabilityPipelineSocketSourceFramingChunkedGelf } from "./ObservabilityPipelineSocketSourceFramingChunkedGelf"; import { ObservabilityPipelineSocketSourceFramingNewlineDelimited } from "./ObservabilityPipelineSocketSourceFramingNewlineDelimited"; import { ObservabilityPipelineSocketSourceFramingOctetCounting } from "./ObservabilityPipelineSocketSourceFramingOctetCounting"; +import { ObservabilityPipelineSourceValidTokenFieldToAdd } from "./ObservabilityPipelineSourceValidTokenFieldToAdd"; import { ObservabilityPipelineSpec } from "./ObservabilityPipelineSpec"; import { ObservabilityPipelineSpecData } from "./ObservabilityPipelineSpecData"; import { ObservabilityPipelineSplitArrayProcessor } from "./ObservabilityPipelineSplitArrayProcessor"; import { ObservabilityPipelineSplitArrayProcessorArrayConfig } from "./ObservabilityPipelineSplitArrayProcessorArrayConfig"; import { ObservabilityPipelineSplunkHecDestination } from "./ObservabilityPipelineSplunkHecDestination"; import { ObservabilityPipelineSplunkHecSource } from "./ObservabilityPipelineSplunkHecSource"; +import { ObservabilityPipelineSplunkHecSourceValidToken } from "./ObservabilityPipelineSplunkHecSourceValidToken"; import { ObservabilityPipelineSplunkTcpSource } from "./ObservabilityPipelineSplunkTcpSource"; import { ObservabilityPipelineSumoLogicDestination } from "./ObservabilityPipelineSumoLogicDestination"; import { ObservabilityPipelineSumoLogicDestinationHeaderCustomFieldsItem } from "./ObservabilityPipelineSumoLogicDestinationHeaderCustomFieldsItem"; @@ -312,6 +316,10 @@ export const TypingInfo: ModelTypingInfo = { ObservabilityPipelineHttpClientSourceType: ["http_client"], ObservabilityPipelineHttpServerSourceAuthStrategy: ["none", "plain"], ObservabilityPipelineHttpServerSourceType: ["http_server"], + ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation: [ + "path", + "address", + ], ObservabilityPipelineKafkaDestinationCompression: [ "none", "gzip", @@ -547,6 +555,10 @@ export const TypingInfo: ModelTypingInfo = { "ObservabilityPipelineEnrichmentTableFieldVrlLookup", "ObservabilityPipelineEnrichmentTableFieldSecretLookup", ], + ObservabilityPipelineHttpServerSourceValidTokenPathToToken: [ + "ObservabilityPipelineHttpServerSourceValidTokenPathToTokenLocation", + "ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader", + ], ObservabilityPipelineMetricValue: [ "ObservabilityPipelineGeneratedMetricIncrementByOne", "ObservabilityPipelineGeneratedMetricIncrementByField", @@ -712,6 +724,10 @@ export const TypingInfo: ModelTypingInfo = { ObservabilityPipelineHttpClientSource, ObservabilityPipelineHttpServerSource: ObservabilityPipelineHttpServerSource, + ObservabilityPipelineHttpServerSourceValidToken: + ObservabilityPipelineHttpServerSourceValidToken, + ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader: + ObservabilityPipelineHttpServerSourceValidTokenPathToTokenHeader, ObservabilityPipelineKafkaDestination: ObservabilityPipelineKafkaDestination, ObservabilityPipelineKafkaLibrdkafkaOption: @@ -833,6 +849,8 @@ export const TypingInfo: ModelTypingInfo = { ObservabilityPipelineSocketSourceFramingNewlineDelimited, ObservabilityPipelineSocketSourceFramingOctetCounting: ObservabilityPipelineSocketSourceFramingOctetCounting, + ObservabilityPipelineSourceValidTokenFieldToAdd: + ObservabilityPipelineSourceValidTokenFieldToAdd, ObservabilityPipelineSpec: ObservabilityPipelineSpec, ObservabilityPipelineSpecData: ObservabilityPipelineSpecData, ObservabilityPipelineSplitArrayProcessor: @@ -842,6 +860,8 @@ export const TypingInfo: ModelTypingInfo = { ObservabilityPipelineSplunkHecDestination: ObservabilityPipelineSplunkHecDestination, ObservabilityPipelineSplunkHecSource: ObservabilityPipelineSplunkHecSource, + ObservabilityPipelineSplunkHecSourceValidToken: + ObservabilityPipelineSplunkHecSourceValidToken, ObservabilityPipelineSplunkTcpSource: ObservabilityPipelineSplunkTcpSource, ObservabilityPipelineSumoLogicDestination: ObservabilityPipelineSumoLogicDestination,