[receiver/signalfxreceiver] Remove usage of deprecated access_token_passthrough config option

.chloggen/signalfxreceiver_accesstokenpassthrough.yaml

@@ -0,0 +1,29 @@
+# Use this changelog template to create an entry for release notes.
+
+# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix'
+change_type: breaking
+
+# The name of the component, or a single word describing the area of concern, (e.g. filelogreceiver)
+component: signalfxreceiver
+
+# A brief description of the change.  Surround your text with quotes ("") if it needs to start with a backtick (`).
+note: "Removed deprecated configuration option: access_token_passthrough"
+
+# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists.
+issues: [43048]
+
+# (Optional) One or more lines of additional information to render under the primary note.
+# These lines will be padded with 2 spaces and then inserted directly into the document.
+# Use pipe (|) for multiline entries.
+subtext: |
+  As access token passthrough option is no longer supported, to achieve similar behavior configure your collector
+  to use `headers_setter` extension to pass the access token.
+
+# If your change doesn't affect end users or the exported elements of any package,
+# you should instead start your pull request title with [chore] or use the "Skip Changelog" label.
+# Optional: The change log or logs in which this entry should be included.
+# e.g. '[user]' or '[user, api]'
+# Include 'user' if the change is relevant to end users.
+# Include 'api' if there is a change to a library API.
+# Default: '[user]'
+change_logs: []

receiver/signalfxreceiver/README.md

@@ -33,13 +33,6 @@ The following settings are required:
 
 The following settings are optional:
 
-- `access_token_passthrough`: (default = `false`) Whether to preserve incoming
-  access token (`X-Sf-Token` header value) as
-  `"com.splunk.signalfx.access_token"` metric resource attribute.  Should only be
-  used in tandem with identical configuration option for [SignalFx
-  exporter](../../exporter/signalfxexporter/README.md) to preserve datapoint
-  origin.  Usage of any other exporter in a metric pipeline with this configuration
-  option enabled will reveal all organization access tokens contained in this attribute.
 - `tls_settings` (no default): This is an optional object used to specify if
   TLS should be used for incoming connections. Both `key_file` and `cert_file`
   are required to support incoming TLS connections.
@@ -52,7 +45,6 @@ Example:
 receivers:
   signalfx:
   signalfx/advanced:
-    access_token_passthrough: true
     tls:
       cert_file: /test.crt
       key_file: /test.key
@@ -75,3 +67,7 @@ service:
       processors: [memory_limiter, batch]
       exporters: [signalfx]
 ```
+## Access token passthrough
+
+Access token passthrough is no longer supported, to achieve similar behavior configure your collector
+to use `headers_setter` extension to pass the access token. 

receiver/signalfxreceiver/config.go

@@ -7,21 +7,13 @@ import (
 	"errors"
 
 	"go.opentelemetry.io/collector/config/confighttp"
-
-	"github.com/open-telemetry/opentelemetry-collector-contrib/internal/splunk"
 )
 
 var errEmptyEndpoint = errors.New("empty endpoint")
 
 // Config defines configuration for the SignalFx receiver.
 type Config struct {
 	confighttp.ServerConfig `mapstructure:",squash"` // squash ensures fields are correctly decoded in embedded struct
-
-	// Deprecated: `access_token_passthrough` is deprecated.
-	// Please enable include_metadata in the receiver and add the following config to the batch processor:
-	// batch:
-	// 	 metadata_keys: [X-Sf-Token]
-	splunk.AccessTokenPassthroughConfig `mapstructure:",squash"`
 }
 
 // Validate verifies that the endpoint is valid and the configured port is not 0

receiver/signalfxreceiver/config_test.go

@@ -16,7 +16,6 @@ import (
 	"go.opentelemetry.io/collector/confmap/confmaptest"
 	"go.opentelemetry.io/collector/confmap/xconfmap"
 
-	"github.com/open-telemetry/opentelemetry-collector-contrib/internal/splunk"
 	"github.com/open-telemetry/opentelemetry-collector-contrib/receiver/signalfxreceiver/internal/metadata"
 )
 
@@ -40,9 +39,6 @@ func TestLoadConfig(t *testing.T) {
 				ServerConfig: confighttp.ServerConfig{
 					Endpoint: "localhost:9943",
 				},
-				AccessTokenPassthroughConfig: splunk.AccessTokenPassthroughConfig{
-					AccessTokenPassthrough: true,
-				},
 			},
 		},
 		{
@@ -57,9 +53,6 @@ func TestLoadConfig(t *testing.T) {
 						},
 					}),
 				},
-				AccessTokenPassthroughConfig: splunk.AccessTokenPassthroughConfig{
-					AccessTokenPassthrough: false,
-				},
 			},
 		},
 	}

receiver/signalfxreceiver/factory.go

@@ -70,14 +70,6 @@ func createMetricsReceiver(
 ) (receiver.Metrics, error) {
 	rCfg := cfg.(*Config)
 
-	if rCfg.AccessTokenPassthrough {
-		params.Logger.Warn(
-			"access_token_passthrough is deprecated. " +
-				"Please enable include_metadata in the receiver and add " +
-				"`metadata_keys: [X-Sf-Token]` to the batch processor",
-		)
-	}
-
 	receiverLock.Lock()
 	r := receivers[rCfg]
 	if r == nil {
@@ -104,14 +96,6 @@ func createLogsReceiver(
 ) (receiver.Logs, error) {
 	rCfg := cfg.(*Config)
 
-	if rCfg.AccessTokenPassthrough {
-		params.Logger.Warn(
-			"access_token_passthrough is deprecated. " +
-				"Please enable include_metadata in the receiver and add " +
-				"`metadata_keys: [X-Sf-Token]` to the batch processor",
-		)
-	}
-
 	receiverLock.Lock()
 	r := receivers[rCfg]
 	if r == nil {

receiver/signalfxreceiver/receiver.go

@@ -28,7 +28,6 @@ import (
 	"go.uber.org/zap"
 
 	"github.com/open-telemetry/opentelemetry-collector-contrib/internal/coreinternal/errorutil"
-	"github.com/open-telemetry/opentelemetry-collector-contrib/internal/splunk"
 	"github.com/open-telemetry/opentelemetry-collector-contrib/pkg/translator/signalfx"
 	"github.com/open-telemetry/opentelemetry-collector-contrib/receiver/signalfxreceiver/internal/metadata"
 )
@@ -269,8 +268,6 @@ func (r *sfxReceiver) handleDatapointReq(resp http.ResponseWriter, req *http.Req
 		return
 	}
 
-	r.addAccessTokenLabel(md, req)
-
 	err := r.metricsConsumer.ConsumeMetrics(ctx, md)
 	r.obsrecv.EndMetricsOp(ctx, metadata.Type.String(), dataPointCount, err)
 
@@ -317,12 +314,6 @@ func (r *sfxReceiver) handleEventReq(resp http.ResponseWriter, req *http.Request
 	sl := rl.ScopeLogs().AppendEmpty()
 	signalFxV2EventsToLogRecords(msg.Events, sl.LogRecords())
 
-	if r.config.AccessTokenPassthrough {
-		if accessToken := req.Header.Get(splunk.SFxAccessTokenHeader); accessToken != "" {
-			rl.Resource().Attributes().PutStr(splunk.SFxAccessTokenLabel, accessToken)
-		}
-	}
-
 	err := r.logsConsumer.ConsumeLogs(ctx, ld)
 	r.obsrecv.EndMetricsOp(
 		ctx,
@@ -364,18 +355,6 @@ func (r *sfxReceiver) failRequest(
 	)
 }
 
-func (r *sfxReceiver) addAccessTokenLabel(md pmetric.Metrics, req *http.Request) {
-	if r.config.AccessTokenPassthrough {
-		if accessToken := req.Header.Get(splunk.SFxAccessTokenHeader); accessToken != "" {
-			for i := 0; i < md.ResourceMetrics().Len(); i++ {
-				rm := md.ResourceMetrics().At(i)
-				res := rm.Resource()
-				res.Attributes().PutStr(splunk.SFxAccessTokenLabel, accessToken)
-			}
-		}
-	}
-}
-
 func initJSONResponse(s string) []byte {
 	respBody, err := json.Marshal(s)
 	if err != nil {

receiver/signalfxreceiver/receiver_test.go

@@ -701,204 +701,6 @@ func Test_sfxReceiver_TLS(t *testing.T) {
 	require.NoError(t, pmetrictest.CompareMetrics(want, got))
 }
 
-func Test_sfxReceiver_DatapointAccessTokenPassthrough(t *testing.T) {
-	tests := []struct {
-		name        string
-		passthrough bool
-		token       string
-		otlp        bool
-	}{
-		{
-			name:        "No token provided and passthrough false",
-			passthrough: false,
-			token:       "",
-			otlp:        false,
-		},
-		{
-			name:        "No token provided and passthrough true",
-			passthrough: true,
-			token:       "",
-			otlp:        false,
-		},
-		{
-			name:        "token provided and passthrough false",
-			passthrough: false,
-			token:       "myToken",
-			otlp:        false,
-		},
-		{
-			name:        "token provided and passthrough true",
-			passthrough: true,
-			token:       "myToken",
-			otlp:        false,
-		},
-		{
-			name:        "No token provided and passthrough false for OTLP payload",
-			passthrough: false,
-			token:       "",
-			otlp:        true,
-		},
-		{
-			name:        "No token provided and passthrough true for OTLP payload",
-			passthrough: true,
-			token:       "",
-			otlp:        true,
-		},
-		{
-			name:        "token provided and passthrough false for OTLP payload",
-			passthrough: false,
-			token:       "myToken",
-			otlp:        true,
-		},
-		{
-			name:        "token provided and passthrough true for OTLP payload",
-			passthrough: true,
-			token:       "myToken",
-			otlp:        true,
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			config := createDefaultConfig().(*Config)
-			config.Endpoint = "localhost:0"
-			config.AccessTokenPassthrough = tt.passthrough
-
-			sink := new(consumertest.MetricsSink)
-			rcv, err := newReceiver(receivertest.NewNopSettings(metadata.Type), *config)
-			require.NoError(t, err)
-			rcv.RegisterMetricsConsumer(sink)
-
-			currentTime := time.Now().Unix() * 1e3
-
-			var msgBytes []byte
-			var contentHeader string
-			if tt.otlp {
-				marshaler := &pmetric.ProtoMarshaler{}
-				msgBytes, err = marshaler.MarshalMetrics(*buildOtlpMetrics(5))
-				require.NoError(t, err)
-				contentHeader = otlpProtobufContentType
-			} else {
-				sFxMsg := buildSFxDatapointMsg(currentTime, 13, 3)
-				msgBytes, _ = sFxMsg.Marshal()
-				contentHeader = "application/x-protobuf"
-			}
-			req := httptest.NewRequest(http.MethodPost, "http://localhost", bytes.NewReader(msgBytes))
-			req.Header.Set("Content-Type", contentHeader)
-			if tt.token != "" {
-				req.Header.Set("x-sf-token", tt.token)
-			}
-
-			w := httptest.NewRecorder()
-			rcv.handleDatapointReq(w, req)
-
-			resp := w.Result()
-			respBytes, err := io.ReadAll(resp.Body)
-			assert.NoError(t, err)
-			defer resp.Body.Close()
-
-			var bodyStr string
-			assert.NoError(t, json.Unmarshal(respBytes, &bodyStr))
-
-			assert.Equal(t, http.StatusOK, resp.StatusCode)
-			assert.Equal(t, responseOK, bodyStr)
-
-			mds := sink.AllMetrics()
-			require.Len(t, mds, 1)
-			resource := mds[0].ResourceMetrics().At(0).Resource()
-			tokenLabel := ""
-			if label, ok := resource.Attributes().Get("com.splunk.signalfx.access_token"); ok {
-				tokenLabel = label.Str()
-			}
-
-			if tt.passthrough {
-				assert.Equal(t, tt.token, tokenLabel)
-			} else {
-				assert.Empty(t, tokenLabel)
-			}
-		})
-	}
-}
-
-func Test_sfxReceiver_EventAccessTokenPassthrough(t *testing.T) {
-	tests := []struct {
-		name        string
-		passthrough bool
-		token       string
-	}{
-		{
-			name:        "No token provided and passthrough false",
-			passthrough: false,
-			token:       "",
-		},
-		{
-			name:        "No token provided and passthrough true",
-			passthrough: true,
-			token:       "",
-		},
-		{
-			name:        "token provided and passthrough false",
-			passthrough: false,
-			token:       "myToken",
-		},
-		{
-			name:        "token provided and passthrough true",
-			passthrough: true,
-			token:       "myToken",
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			config := (NewFactory()).CreateDefaultConfig().(*Config)
-			config.Endpoint = "localhost:0"
-			config.AccessTokenPassthrough = tt.passthrough
-
-			sink := new(consumertest.LogsSink)
-			rcv, err := newReceiver(receivertest.NewNopSettings(metadata.Type), *config)
-			require.NoError(t, err)
-			rcv.RegisterLogsConsumer(sink)
-
-			currentTime := time.Now().Unix() * 1e3
-			sFxMsg := buildSFxEventMsg(currentTime, 3)
-			msgBytes, _ := sFxMsg.Marshal()
-			req := httptest.NewRequest(http.MethodPost, "http://localhost", bytes.NewReader(msgBytes))
-			req.Header.Set("Content-Type", "application/x-protobuf")
-			if tt.token != "" {
-				req.Header.Set("x-sf-token", tt.token)
-			}
-
-			w := httptest.NewRecorder()
-			rcv.handleEventReq(w, req)
-
-			resp := w.Result()
-			respBytes, err := io.ReadAll(resp.Body)
-			assert.NoError(t, err)
-			defer resp.Body.Close()
-
-			var bodyStr string
-			assert.NoError(t, json.Unmarshal(respBytes, &bodyStr))
-
-			assert.Equal(t, http.StatusOK, resp.StatusCode)
-			assert.Equal(t, responseOK, bodyStr)
-
-			got := sink.AllLogs()
-			require.Len(t, got, 1)
-
-			tokenLabel := ""
-			if accessTokenAttr, ok := got[0].ResourceLogs().At(0).Resource().Attributes().Get("com.splunk.signalfx.access_token"); ok {
-				tokenLabel = accessTokenAttr.Str()
-			}
-
-			if tt.passthrough {
-				assert.Equal(t, tt.token, tokenLabel)
-			} else {
-				assert.Empty(t, tokenLabel)
-			}
-		})
-	}
-}
-
 func buildSFxDatapointMsg(time, value int64, dimensions uint) *sfxpb.DataPointUploadMessage {
 	return &sfxpb.DataPointUploadMessage{
 		Datapoints: []*sfxpb.DataPoint{