prometheus_exporter 2.3.0 → 2.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: be510b790b625379993092d05de6b8c7f02e30e74ca0ca630ba5c65ca99385d4
-  data.tar.gz: 43d78c0a9ab134b504cc6e4a6f86d799f9650c5b5e7d7b0d62a33afe3e97374f
+  metadata.gz: c0089a6263d4775bbad13bf5714621eb7a353873468b020efc6ed216cbe6c917
+  data.tar.gz: f9676e32af68fff888a360a19f8cd55bbee2b855db11009ca3c7272eab58a449
 SHA512:
-  metadata.gz: d71f41661e4af76837dcb7df1cba50b3a6150ffce3dddebb1dc1710bf9a69dafc6a10750955fda8e870ae62a835e2bbcac417c00256285e3fc4266f3e2194e8d
-  data.tar.gz: 27cf01bfec436b1d6ece387460beefe35d8cf9146ab1d24d27ffebaeeb306df34d7432a31c307aef26e8b59994796593910f90cfaa9982c00a6344a2601a486d
+  metadata.gz: 790b2ac6223cfa571c4b5c3404f79844a2f41e632151424448640d74a07f36fc4cb81e6935ec86de1208498536a1a115c2b62cb918aada3513823160287db556
+  data.tar.gz: a886c589c2e6decb57301754d654593216ad502f8690095d83749dba3b70243e98ac1b9a21071270777f7a5229f1852aa73c2d64a5029426669b4c8dfdf12805

data/CHANGELOG

@@ -5,6 +5,11 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.3.1] - 2025-11-11
+
+- FIX: get controller full path instead of controller name - Alex Platteeuw
+- FEATURE: Secure PrometheusExporter scraping with SSL - Nicolas Rodriquez
+
 ## [2.3.0] - 2025-08-01
 
 - FEATURE: Added puma_busy_threads metric that provides a holistic view of server workload by calculating (active threads - idle threads) + queued requests

data/exe/prometheus_exporter

@@ -71,6 +71,13 @@ def run
     opt.on('--logger-path PATH', String, '(optional) Path to file for logger output. Defaults to STDERR') do |o|
       options[:logger_path] = o
     end
+
+    opt.on('--tls-key-file PATH', String, "(optional) Enable server TLS using a private key PATH") do |o|
+      options[:tls_key_file] = o
+    end
+    opt.on('--tls-cert-file PATH', String, "(optional) Enable server TLS using a certificate PATH") do |o|
+      options[:tls_cert_file] = o
+    end
   end.parse!
 
   logger = Logger.new(options[:logger_path])

data/lib/prometheus_exporter/client.rb

@@ -56,11 +56,15 @@ module PrometheusExporter
       port: ENV.fetch("PROMETHEUS_EXPORTER_PORT", PrometheusExporter::DEFAULT_PORT),
       max_queue_size: nil,
       thread_sleep: 0.5,
+      connect_timeout: nil,
       json_serializer: nil,
       custom_labels: nil,
       logger: Logger.new(STDERR),
       log_level: Logger::WARN,
-      process_queue_once_and_stop: false
+      process_queue_once_and_stop: false,
+      tls_ca_file: nil,
+      tls_cert_file: nil,
+      tls_key_file: nil
     )
       @logger = logger
       @logger.level = log_level
@@ -83,11 +87,18 @@ module PrometheusExporter
       @worker_thread = nil
       @mutex = Mutex.new
       @thread_sleep = thread_sleep
+      @connect_timeout = connect_timeout
 
       @json_serializer = json_serializer == :oj ? PrometheusExporter::OjCompat : JSON
 
       @custom_labels = custom_labels
       @process_queue_once_and_stop = process_queue_once_and_stop
+
+      @tls_ca_file = tls_ca_file
+      @tls_cert_file = tls_cert_file
+      @tls_key_file = tls_key_file
+
+      @ssl_context = build_ssl_context if use_ssl?
     end
 
     def custom_labels=(custom_labels)
@@ -228,7 +239,14 @@ module PrometheusExporter
 
       close_socket_if_old!
       if !@socket
-        @socket = TCPSocket.new @host, @port
+        @socket = TCPSocket.new @host, @port, connect_timeout: @connect_timeout
+
+        if use_ssl?
+          @socket = OpenSSL::SSL::SSLSocket.new(@socket, @ssl_context)
+          @socket.sync_close = true
+          @socket.connect
+        end
+
         @socket.write("POST /send-metrics HTTP/1.1\r\n")
         @socket.write("Transfer-Encoding: chunked\r\n")
         @socket.write("Host: #{@host}\r\n")
@@ -246,6 +264,20 @@ module PrometheusExporter
       raise
     end
 
+    def use_ssl?
+      @tls_ca_file && @tls_cert_file && @tls_key_file
+    end
+
+    def build_ssl_context
+      require "openssl"
+      ssl_context = OpenSSL::SSL::SSLContext.new()
+      ssl_context.cert = OpenSSL::X509::Certificate.new(File.read(@tls_cert_file))
+      ssl_context.key = OpenSSL::PKey::RSA.new(File.read(@tls_key_file))
+      ssl_context.ca_file = @tls_ca_file
+      ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER
+      ssl_context
+    end
+
     def wait_for_empty_queue_with_timeout(timeout_seconds)
       start_time = ::Process.clock_gettime(::Process::CLOCK_MONOTONIC)
       while @queue.length > 0

data/lib/prometheus_exporter/middleware.rb

@@ -78,7 +78,7 @@ class PrometheusExporter::Middleware
     action = controller = nil
     if controller_instance
       action = controller_instance.action_name
-      controller = controller_instance.controller_name
+      controller = controller_instance.controller_path
     elsif (cors = env["rack.cors"]) && cors.respond_to?(:preflight?) && cors.preflight?
       # if the Rack CORS Middleware identifies the request as a preflight request,
       # the stack doesn't get to the point where controllers/actions are defined

data/lib/prometheus_exporter/server/runner.rb

@@ -59,6 +59,8 @@ module PrometheusExporter::Server
           verbose: verbose,
           auth: auth,
           realm: realm,
+          tls_cert_file: tls_cert_file,
+          tls_key_file: tls_key_file,
         )
       @server.start
     end
@@ -67,7 +69,7 @@ module PrometheusExporter::Server
       @server.stop
     end
 
-    attr_accessor :unicorn_listen_address, :unicorn_pid_file
+    attr_accessor :unicorn_listen_address, :unicorn_pid_file, :tls_cert_file, :tls_key_file
     attr_writer :prefix,
                 :port,
                 :bind,

data/lib/prometheus_exporter/server/web_server.rb

@@ -62,13 +62,20 @@ module PrometheusExporter::Server
 
       @collector = opts[:collector] || Collector.new(logger: @logger)
 
-      @server =
-        WEBrick::HTTPServer.new(
-          Port: @port,
-          BindAddress: @bind,
-          Logger: @logger,
-          AccessLog: @access_log,
+      webrick_options = { Port: @port, BindAddress: @bind, Logger: @logger, AccessLog: @access_log }
+
+      if opts[:tls_cert_file] && opts[:tls_key_file]
+        require "webrick/https"
+        require "openssl"
+
+        webrick_options[:SSLEnable] = true
+        webrick_options[:SSLCertificate] = OpenSSL::X509::Certificate.new(
+          File.read(opts[:tls_cert_file]),
         )
+        webrick_options[:SSLPrivateKey] = OpenSSL::PKey::RSA.new(File.read(opts[:tls_key_file]))
+      end
+
+      @server = WEBrick::HTTPServer.new(webrick_options)
 
       @server.mount_proc "/" do |req, res|
         res["Content-Type"] = "text/plain; charset=utf-8"

data/lib/prometheus_exporter/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PrometheusExporter
-  VERSION = "2.3.0"
+  VERSION = "2.3.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: prometheus_exporter
 version: !ruby/object:Gem::Version
-  version: 2.3.0
+  version: 2.3.1
 platform: ruby
 authors:
 - Sam Saffron
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2025-08-15 00:00:00.000000000 Z
+date: 2025-11-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: webrick