Skip to content

MONITORBOT_SECRET authorization #12

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 25, 2020
Merged

MONITORBOT_SECRET authorization #12

merged 3 commits into from
Nov 25, 2020

Conversation

njasm
Copy link
Contributor

@njasm njasm commented Nov 18, 2020

closes #7

  • Added a new Configfield secret
  • /metrics endpoint now requires an Authorization: Bearer token, and that token must be equal to the Config.secret field.

@njasm
Copy link
Contributor Author

njasm commented Nov 18, 2020

?r @pietroalbini

pietroalbini
pietroalbini requested changes Nov 19, 2020
View reviewed changes
Copy link
Member

@pietroalbini pietroalbini left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR! Left some comments on the is_auth_token_valid function :)

pietroalbini
pietroalbini reviewed Nov 19, 2020
View reviewed changes
pietroalbini
pietroalbini approved these changes Nov 19, 2020
View reviewed changes
Copy link
Member

@pietroalbini pietroalbini left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Left a minor nit, and then we can merge this :)

@pietroalbini
Copy link
Member

Whelp GitHub's UI messed up the review a bit 😅

@njasm njasm requested a review from pietroalbini November 19, 2020 18:22
pietroalbini
pietroalbini approved these changes Nov 19, 2020
View reviewed changes
Copy link
Member

@pietroalbini pietroalbini left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! I'll wait a bit before merging this, as I need to make infra changes to inject the secret into the environment before this can be auto-deployed.

@njasm
Copy link
Contributor Author

njasm commented Nov 19, 2020

sure! 👍

@njasm njasm mentioned this pull request Nov 21, 2020
Closed
@pietroalbini pietroalbini merged commit cc856e0 into rust-lang:master Nov 25, 2020
@pietroalbini
Copy link
Member

Configured everything to pass the secret around!

@pietroalbini pietroalbini mentioned this pull request Nov 25, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pietroalbini pietroalbini pietroalbini approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Require authentication to scrape metrics
2 participants
@njasm @pietroalbini