You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Get the metrics using the given token in the given organization and the project, if passed
Describe alternatives you've considered
An alternative is to deploy multiple sentry-prometheus-exporters, each for a given org. Given sentry-prometheus-exporter is just a proxy to Sentry API and doesn't perform any caching, a single instance of sentry-prometheus-exporter would work fine for multiple orgs.
Moreover, by passing a token in each request to the exporter, we don't need to password-protect the exported data as you don't get any if you don't have a token.
The text was updated successfully, but these errors were encountered:
Hey, @Nowaker, thanks for contributing and sorry for my late reply. But, trafficking the API token as a text-plain doesn't look like a good idea for me, could you please elaborate more about your use case here? So we can think about the alternatives
I don't see a reason why it's not a good idea. Proxy is not a controversial or novel concept in general. Vault-UI and many other tools aren't questioned for taking this approach.
My point here is the API token will be over HTTP traffic, even in an internal network there is a risk involved, the reason why I'd like to understand the use case you're trying to apply so I can realize how the implementation should go.
My point here is the API token will be over HTTP traffic, even in an internal network there is a risk involved
Basic HTTP Authentication credentials go over HTTP traffic too, and that's not a concern either, even though HTTP credentials are as confidential as a Sentry token.
It's a no-issue because this application isn't a fully-fledged web server, and it wouldn't be reasonable to expect that this application turns into one. Rather, it's an application that has one purpose, perfect as-is, and there's other infrastructural building blocks like Nginx or Kubernetes Ingress that users will use (or not) to realize their goals (incl. security goals).
Describe the solution you'd like
Describe alternatives you've considered
An alternative is to deploy multiple sentry-prometheus-exporters, each for a given org. Given sentry-prometheus-exporter is just a proxy to Sentry API and doesn't perform any caching, a single instance of sentry-prometheus-exporter would work fine for multiple orgs.
Moreover, by passing a token in each request to the exporter, we don't need to password-protect the exported data as you don't get any if you don't have a token.
The text was updated successfully, but these errors were encountered: