Merge branch '14324-cdc-azure' refs #14324

[arvados.git] / sdk / go / httpserver / metrics.go

diff --git a/sdk/go/httpserver/metrics.go b/sdk/go/httpserver/metrics.go
index 77525a80f12ce269132cc932cd83e343b73d788b..032093f8d8aab842a1a3af194089c1ee9b4980e4 100644 (file)
--- a/sdk/go/httpserver/metrics.go
+++ b/sdk/go/httpserver/metrics.go
@@ -10,11 +10,12 @@ import (
        "strings"
        "time"
 
+       "git.curoverse.com/arvados.git/sdk/go/auth"
        "git.curoverse.com/arvados.git/sdk/go/stats"
-       "github.com/Sirupsen/logrus"
        "github.com/gogo/protobuf/jsonpb"
        "github.com/prometheus/client_golang/prometheus"
        "github.com/prometheus/client_golang/prometheus/promhttp"
+       "github.com/sirupsen/logrus"
 )
 
 type Handler interface {
@@ -23,7 +24,7 @@ type Handler interface {
        // Returns an http.Handler that serves the Handler's metrics
        // data at /metrics and /metrics.json, and passes other
        // requests through to next.
-       ServeAPI(next http.Handler) http.Handler
+       ServeAPI(token string, next http.Handler) http.Handler
 }
 
 type metrics struct {
@@ -73,19 +74,24 @@ func (m *metrics) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 // metrics API endpoints (currently "GET /metrics(.json)?") and passes
 // other requests through to next.
 //
+// If the given token is not empty, that token must be supplied by a
+// client in order to access the metrics endpoints.
+//
 // Typical example:
 //
 //     m := Instrument(...)
-//     srv := http.Server{Handler: m.ServeAPI(m)}
-func (m *metrics) ServeAPI(next http.Handler) http.Handler {
+//     srv := http.Server{Handler: m.ServeAPI("secrettoken", m)}
+func (m *metrics) ServeAPI(token string, next http.Handler) http.Handler {
+       jsonMetrics := auth.RequireLiteralToken(token, http.HandlerFunc(m.exportJSON))
+       plainMetrics := auth.RequireLiteralToken(token, m.exportProm)
        return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
                switch {
                case req.Method != "GET" && req.Method != "HEAD":
                        next.ServeHTTP(w, req)
                case req.URL.Path == "/metrics.json":
-                       m.exportJSON(w, req)
+                       jsonMetrics.ServeHTTP(w, req)
                case req.URL.Path == "/metrics":
-                       m.exportProm.ServeHTTP(w, req)
+                       plainMetrics.ServeHTTP(w, req)
                default:
                        next.ServeHTTP(w, req)
                }
@@ -99,10 +105,17 @@ func (m *metrics) ServeAPI(next http.Handler) http.Handler {
 // For the metrics to be accurate, the caller must ensure every
 // request passed to the Handler also passes through
 // LogRequests(logger, ...), and vice versa.
-func Instrument(logger *logrus.Logger, next http.Handler) Handler {
+//
+// If registry is nil, a new registry is created.
+//
+// If logger is nil, logrus.StandardLogger() is used.
+func Instrument(registry *prometheus.Registry, logger *logrus.Logger, next http.Handler) Handler {
        if logger == nil {
                logger = logrus.StandardLogger()
        }
+       if registry == nil {
+               registry = prometheus.NewRegistry()
+       }
        reqDuration := prometheus.NewSummaryVec(prometheus.SummaryOpts{
                Name: "request_duration_seconds",
                Help: "Summary of request duration.",
@@ -111,7 +124,6 @@ func Instrument(logger *logrus.Logger, next http.Handler) Handler {
                Name: "time_to_status_seconds",
                Help: "Summary of request TTFB.",
        }, []string{"code", "method"})
-       registry := prometheus.NewRegistry()
        registry.MustRegister(timeToStatus)
        registry.MustRegister(reqDuration)
        m := &metrics{