Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Promethues client_python doesn't support TLS as well as authentication #761

Closed
sriharshabm opened this issue Feb 1, 2022 · 6 comments · Fixed by #841
Closed

Promethues client_python doesn't support TLS as well as authentication #761

sriharshabm opened this issue Feb 1, 2022 · 6 comments · Fixed by #841

Comments

@sriharshabm
Copy link

Current Prometheus client_python does support basic auth towards pushgateway but it doesn't support TLS as well as authentication towards prometheus server. Is there any plan to support it? Will it be accepted if we are ready to contribute?
@csmarchbanks
Copy link
Member

Hello, I assume you are referring to start_http_server, in which case there are no plans to support it right now. The goal of that function is to keep it as basic as possible and for more advanced use cases users should set up the server themselves.

@csmarchbanks csmarchbanks mentioned this issue Mar 29, 2022
Closed
@fernandino143
Copy link

I was reading this I think I got so confused - #120

So, my point is that when the OP mentioned "it doesn't support TLS as well as authentication towards prometheus server" I was wondering if it would be possible to have TLS enabled on the pushgateway server. The answer is YES.

However, how in God's name is the handler supposed to be configured in order to pass on the certificate/key or a bundle on the client side in order for the TLS portion to actually work? I mean, the implementations of basic_auth_handler and default_handler are only using basic_auth (username / pwd) to authenticate? Am I missing something? Or is this the case where I literally have to create my own handler?

@csmarchbanks
Copy link
Member

Rereading this issue, I think it is covering two separate things:

  1. Lack of TLS authentication when using the pushgateway. I would be happy to accept a change to add a TLS handler for push gateway.
  2. Lack of Authentication for Prometheus scraping - this client has no plans to support auth when serving metrics via start_http_server.

@fernandino143
Copy link

I would love to help (1) but I'm getting humiliated when trying to create one myself when using the latest python client

@fernandino143 fernandino143 mentioned this issue Sep 8, 2022
Closed
@csmarchbanks csmarchbanks mentioned this issue Sep 20, 2022
Merged
@csmarchbanks
Copy link
Member

csmarchbanks commented Sep 20, 2022
edited
Loading

@fernandino143 I created #841 to support this, would you mind giving it a try on your system? Any feedback on how it is implemented/the arguments is also welcome!

@fernandino143
Copy link

Yep. That's very similar to the one I had in #838 and closed it (internal stuff). But you made it look good. Give me a few moments to test this properly, but I think it does the trick.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add tls_auth_handler for push gateway prometheus/client_python
3 participants
@csmarchbanks @fernandino143 @sriharshabm