feat: push prometheus metrics to pushgateway on-demand #1404
Conversation
There was a problem hiding this comment.
Sorry for the late review.. From my side this is almost ready for merging, I just left a view comments.
General question: What do you think about which env variables are used? The "standard" is to use RUSTIC_XXX env variable for a xxx option. We have the pushgateway_url option and we have (only) env options for PUSHGATEWAY_USER and PUSHGATEWAY_PASS - I personally would have the later 2 also in the config and then we should decide about the env names. Or use RUSTIC_PUSHGATEWAY_* (by clap) if present and the PUSHGATEWAY_* as alternatives if they are commonly used variables for the pushgateway?
|
Thank you for your review! About the authentication environment variables, I actually thought about it. My argument against having CLI flags with user/pass is, it's essentially insecure to use this way, because any process on your machine can then read the CLI flags, and thus bypass auth. Especially when Pushgateway is likely often deployed on the same host it's keeping metrics for (and firewalled out of the internet), this seems to me like having its credentials in the CLI would basically completely kill any security the credentials would bring. I just renamed them Also, I would not at all be opposed to having these as a parameter in the config file, but TBH I have absolutely no idea how to actually do it without also exposing a clap argument — I haven't dived deep enough in rustic's config handling yet. WDYT? |
Fixes #1403