Open Traver72 opened 3 days ago
Yabeda exporter extends exporter from Prometheus Ruby client which is a Rack middleware.
Probably, easiest way is to just place bearer checking middleware (like this one: https://github.com/yujideveloper/rack-bearer_auth) before exporter with the same path.
Something like this:
use Rack::BearerAuth::Middleware do
match path: "/metrics", token: "very_secret"
end
use Yabeda::Prometheus::Exporter
Thank you very much for your quick reply. I may rephrase my question. What is the best practice not to make the metrics path publicly accessible? Especially via a bearer token, or is another way more common?
Thanks for all the work on this great gem. Is there a simple way to protect the "/metrics" endpoint using a bearer token? Or is it the way to go to use a middleware for this? As far as I know, it is possible to configure prometheus server so that you can use bearer token for scraping servers.