OK, I've got something which seems to work, and allow both https client certificates and basic auth to work by passing in a handler to push_to_gateway() etc..

I don't write much Python, so excuse me if I've done something daft...

python3 POC:

import urllib
import http

from prometheus_client import CollectorRegistry, Gauge, push_to_gateway
registry = CollectorRegistry()
g = Gauge('some_metric_too', 'Last time a batch job successfully finished', registry=registry)
g.set_to_current_time()

class HTTPSClientAuthHandler(urllib.request.HTTPSHandler):
    def __init__(self, key_file, cert_file):
        urllib.request.HTTPSHandler.__init__(self)
        self.key_file = key_file
        self.cert_file= cert_file

    def https_open(self, req):
        return self.do_open(self.getConnection, req)

    def getConnection(self, host, timeout):
        return http.client.HTTPSConnection(host, key_file=self.key_file,
                cert_file=self.cert_file)

url='https://pushgw.example.org'

p = urllib.request.HTTPPasswordMgrWithDefaultRealm()
p.add_password(realm=None,
        uri=url,
        user='admin',
        passwd='shh-dont-tell-anyone')
handler = urllib.request.HTTPBasicAuthHandler(p)

#handler = HTTPSClientAuthHandler(key_file=r'x509-client-key.pem', cert_file=r'x509-client.pem')

push_to_gateway(url, job='batchA', registry=registry, handler=handler)

Whilst I realise you don't want to turn the API into a swiss army knife, using basic auth seems like a pretty common use case (I'd guess at least an order of magnitude more common than client certs, bearer tokens etc.), I think I'd argue for adding username, password, anyway, as well as a handler argument, but I don't mind too much either way.

Which additional argument(s) would you like me to implement?

. username, password
. username, password, handler
. handler

and would you prefer it as a diff or a PR?

Cheers,

Tim.

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions