Review update

METRICS.md

@@ -110,7 +110,7 @@ An agent identifier should also be defined to identify which agent the metric is
 
 ### Configure Prometheus metrics publisher with SSL
 
-The communication between MiNiFi and the Prometheus server can be encrypted using SSL. This can be achieved by adding the SSL certificate path (a single file containing both the certificate and the SSL key) and optionally adding the root CA path when using a self signed certificate to the minifi.properties file. Here is an example with the SSL properties:
+The communication between MiNiFi and Prometheus can be encrypted using SSL. This can be achieved by adding the SSL certificate path (a single file containing both the MiNiFi certificate and the MiNiFi SSL key) and optionally adding the root CA path if Prometheus uses a self-signed certificate, to the minifi.properties file. Here is an example with the SSL properties:
 
     # in minifi.properties
 

docker/test/integration/cluster/containers/PrometheusContainer.py

@@ -27,6 +27,7 @@ def __init__(self, feature_context, name, vols, network, image_store, command=No
         engine = "prometheus-ssl" if ssl else "prometheus"
         super().__init__(feature_context, name, engine, vols, network, image_store, command)
         self.ssl = ssl
+        extra_ssl_settings = ""
         if ssl:
             prometheus_cert, prometheus_key = make_cert_without_extended_usage(f"prometheus-{feature_context.id}", feature_context.root_ca_cert, feature_context.root_ca_key)
 
@@ -45,32 +46,23 @@ def __init__(self, feature_context, name, vols, network, image_store, command=No
             self.prometheus_key_file.close()
             os.chmod(self.prometheus_key_file.name, 0o644)
 
-            prometheus_yml_content = """
-global:
-  scrape_interval: 2s
-  evaluation_interval: 15s
-scrape_configs:
-  - job_name: "minifi"
-    static_configs:
-      - targets: ["minifi-cpp-flow-{feature_id}:9936"]
+            extra_ssl_settings = """
     scheme: https
     tls_config:
       ca_file: /etc/prometheus/certs/root-ca.pem
-""".format(feature_id=self.feature_context.id)
-            self.yaml_file = tempfile.NamedTemporaryFile(delete=False)
-            self.yaml_file.write(prometheus_yml_content.encode())
-            self.yaml_file.close()
-            os.chmod(self.yaml_file.name, 0o644)
-        else:
-            prometheus_yml_content = """
+"""
+
+        prometheus_yml_content = """
 global:
   scrape_interval: 2s
   evaluation_interval: 15s
 scrape_configs:
   - job_name: "minifi"
     static_configs:
       - targets: ["minifi-cpp-flow-{feature_id}:9936"]
-""".format(feature_id=self.feature_context.id)
+{extra_ssl_settings}
+""".format(feature_id=self.feature_context.id, extra_ssl_settings=extra_ssl_settings)
+
         self.yaml_file = tempfile.NamedTemporaryFile(delete=False)
         self.yaml_file.write(prometheus_yml_content.encode())
         self.yaml_file.close()

extensions/prometheus/PrometheusExposerWrapper.cpp

@@ -22,7 +22,7 @@ namespace org::apache::nifi::minifi::extensions::prometheus {
 
 PrometheusExposerWrapper::PrometheusExposerWrapper(const PrometheusExposerConfig& config)
     : exposer_(parseExposerConfig(config)) {
-  logger_->log_info("Started Prometheus metrics publisher on port %" PRIu32, config.port);
+  logger_->log_info("Started Prometheus metrics publisher on port %" PRIu32 "%s", config.port, config.certificate ? " with TLS enabled" : "");
 }
 
 std::vector<std::string> PrometheusExposerWrapper::parseExposerConfig(const PrometheusExposerConfig& config) {