Open
Conversation
Pre-release README improvements against master's v0.0.1 baseline:
- Overview: add scannable capabilities list and lead with the real
differentiator ("no NiFi-side reporting task or JMX exporter").
- Add Minimum Agent version placeholder (to be filled in AI-6674).
- Add Kubernetes/Autodiscovery config example under Configuration.
- Flesh out Troubleshooting: auth failures (with required NiFi
policies), TLS/self-signed CA handling, and per-connection
/per-processor cardinality gotchas.
- Add Further Reading section linking upstream NiFi docs.
- Make agent install link relative so it renders on .eu/.gov/datad0g.
- Tighten prose per Elements of Style; normalize "this check" over
"this integration"; format default values with code.
Log-collection-section polish deferred to a follow-up once AI-6669
merges to master.
Contributor
|
This PR does not modify any files shipped with the agent. To help streamline the release process, please consider adding the |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 4d0d04a71e
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| The check authenticates to NiFi via `POST /access/token` (JWT bearer token). If authentication fails, the Agent log records an error from the `nifi` check. Common causes: | ||
|
|
||
| - Wrong `username` or `password`. | ||
| - The NiFi user lacks a policy granting access to the REST API. Grant **view the UI** and **access the controller** at minimum, plus read access on the process groups the check queries. |
There was a problem hiding this comment.
Under a least-privilege NiFi user, these permissions are still insufficient: NifiCheck.check() unconditionally calls _collect_system_diagnostics() before it submits nifi.can_connect=1, and NiFi documents /system-diagnostics as requiring Read - /system (view system diagnostics: https://nifi.apache.org/docs/nifi-docs/rest-api/#system-diagnostics). A user following this guidance with only /flow/process-group access will keep getting 403s and nifi.can_connect=0, so the troubleshooting steps should include the view system diagnostics policy.
Useful? React with 👍 / 👎.
| - Track flow throughput, queued flowfiles, and backpressure across process groups. | ||
| - Surface processor status at configurable cardinality, with opt-in per-processor and per-connection metrics. | ||
| - Receive NiFi bulletins (errors and warnings) as Datadog events. | ||
| - Collect application, user, bootstrap, and request logs. |
There was a problem hiding this comment.
This overstates what the released configuration currently ships: a repo-wide search only finds one NiFi log input in nifi/assets/configuration/spec.yaml and the generated conf.yaml.example, and it tails /opt/nifi/logs/nifi-app.log. Users who enable the documented check will not collect user, bootstrap, or request logs from the shipped config, so this bullet should either be limited to the application log or the matching log stanzas should be added before release.
Useful? React with 👍 / 👎.
Replace the bolded "view the UI" and "access the controller" policy names (flagged by review as unverified) with the concrete REST API endpoints the check reads. Users still know what to grant access to, and the NiFi admin guide link in Further Reading covers policy mechanics. Also replaces an em-dash with a period (README validator rejects non-ASCII).
Contributor
Validation ReportAll 20 validations passed. Show details
|
Monitor Template Quality Assessment52 monitors analyzed across 9 integrations.
Monitors with missing sections
|
git-thuerk-done
approved these changes
Apr 20, 2026
Contributor
git-thuerk-done
left a comment
git-thuerk-done
left a comment
There was a problem hiding this comment.
Just flagging to be sure to update the TO DO comment but approved
| - Receive NiFi bulletins (errors and warnings) as Datadog events. | ||
| - Collect application, user, bootstrap, and request logs. | ||
|
|
||
| **Minimum Agent version:** <!-- TODO(AI-6674): set to the first Agent release that ships the NiFi check before public release. --> |
Contributor
There was a problem hiding this comment.
Suggested change
| **Minimum Agent version:** <!-- TODO(AI-6674): set to the first Agent release that ships the NiFi check before public release. --> | |
| **Minimum Agent version:** <!-- TODO(AI-6674): set to the first Agent release that ships the NiFi check before public release. --> |
Just flagging to be sure to update this link
temporal-github-worker-1
Bot
added
docs/approved
and removed
docs/review-requested
labels
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Pre-release polish of the NiFi Agent integration README (AI-6672). README-only change; no code, assets, or validators touched.
What changed
**Minimum Agent version:**line with an HTML-comment TODO placeholder pointing at AI-6674. This PR must not merge to a release cut until AI-6674 fills in the version — an emptyMinimum Agent version:line would ship to docs otherwise.#### Hostand#### Containerized (Autodiscovery)subsections. The AD block gives customers a drop-in pod-annotation example and steers credentials to k8s secrets rather than inline.nifi.can_connect = 0):POST /access/tokentoken-flow explanation (verified againstnifi/datadog_checks/nifi/api.py:30), required REST API read access on the specific endpoints the check hits, and an identity-provider sanity check.tls_ca_certfor internal CAs;tls_verify: falseonly as last resort.max_*truncation behavior./account/settings/agent/latest) so it renders on.eu,.gov, anddatad0g.com.conf.yamlediting sentence; collapsed the Installation two-liner into one sentence (rendered output unchanged).`true`,`WARNING`,`1`,`0`).Scope notes
philip.lee/AI-6669(not yet merged). Polishing it will be a follow-up PR after AI-6669 lands.AGENTS.md, changelogs are required only for Python changes underdatadog_checks/).Review round 1 addressed
POST /access/tokenclaim against the check source before asserting it in user docs.ddev validate readmes.Related tickets
Test plan