Support HTTP Basic Access Authentication in checks

[jmcs]

I need to monitor and endpoint protected with HTTP Basic Access Authentication but currently there is no good/secure way to provide authentication credentials in a check.

[Jan-M]

At this point the only way would be to implement some basic auth configuration in the zmon-worker and allow this to be used for http() requests. There is no capability right now that would provide a secure and convenient way for users to add secrets/tokens/auth in checks without everyone else being able to read those.

[lmineiro]

One way would be to deploy skipper in front of your basic auth protected resource, add a route specifically for that resource only (which I expect to be a monitoring resource) and include the required basic auth details in that route.

Since the check code is "public" it won't expose any credentials and you won't be exposing your resource to the world if skipper only allows local connections - enough for the zmon worker.

[Jan-M]

https://github.com/zalando-zmon/zmon-worker/issues/215 added one for the worker.