From edf7cc932e01ad07c14e363d8ece49ff38fae023 Mon Sep 17 00:00:00 2001 From: Sebastian Wendel Date: Sun, 21 Apr 2024 01:28:44 +0200 Subject: [PATCH] nixos/prometheus.exporters.github: init module --- .../manual/release-notes/rl-2405.section.md | 2 + .../monitoring/prometheus/exporters.nix | 1 + .../prometheus/exporters/github.nix | 98 +++++++++++++++++++ nixos/tests/prometheus-exporters.nix | 10 ++ 4 files changed, 111 insertions(+) create mode 100644 nixos/modules/services/monitoring/prometheus/exporters/github.nix diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md index a3a9980bc58f..62e7a637617b 100644 --- a/nixos/doc/manual/release-notes/rl-2405.section.md +++ b/nixos/doc/manual/release-notes/rl-2405.section.md @@ -141,6 +141,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m - [Prometheus DNSSEC Exporter](https://github.com/chrj/prometheus-dnssec-exporter), check for validity and expiration in DNSSEC signatures and expose metrics for Prometheus. Available as [services.prometheus.exporters.dnssec](#opt-services.prometheus.exporters.dnssec.enable). +- [Prometheus Github Exporter](https://github.com/githubexporter/github-exporter), exposes basic metrics for your repositories from the GitHub API, to a Prometheus compatible endpoint. Available as [services.prometheus.exporters.github](#opt-services.prometheus.exporters.github.enable). + - [TigerBeetle](https://tigerbeetle.com/), a distributed financial accounting database designed for mission critical safety and performance. Available as [services.tigerbeetle](#opt-services.tigerbeetle.enable). - [go-camo](https://github.com/cactus/go-camo), a secure image proxy server. Available as [services.go-camo](#opt-services.go-camo.enable). diff --git a/nixos/modules/services/monitoring/prometheus/exporters.nix b/nixos/modules/services/monitoring/prometheus/exporters.nix index 2dc12a221bf0..3e6e3f542eda 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters.nix +++ b/nixos/modules/services/monitoring/prometheus/exporters.nix @@ -38,6 +38,7 @@ let "flow" "fritz" "fritzbox" + "github" "graphite" "idrac" "imap-mailstat" diff --git a/nixos/modules/services/monitoring/prometheus/exporters/github.nix b/nixos/modules/services/monitoring/prometheus/exporters/github.nix new file mode 100644 index 000000000000..fe58cab1b578 --- /dev/null +++ b/nixos/modules/services/monitoring/prometheus/exporters/github.nix @@ -0,0 +1,98 @@ +{ config +, lib +, pkgs +, ... +}: +let + cfg = config.services.prometheus.exporters.github; +in +{ + port = 9171; + extraOpts = { + users = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ ]; + description = '' + If supplied, the exporter will enumerate all repositories + for that users. + ''; + }; + + organizations = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ ]; + description = '' + If supplied, the exporter will enumerate all repositories + for that organization. + ''; + }; + + repositories = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = [ ]; + description = '' + If supplied, The repos you wish to monitor, expected in the + format "user/repo1". Can be across different Github users/orgs. + ''; + }; + + apiUrl = lib.mkOption { + type = lib.types.nullOr lib.types.str; + default = null; + example = "https://api.github.com"; + description = '' + Github API URL, shouldn't need to change this. + ''; + }; + + tokenPath = lib.mkOption { + type = lib.types.nullOr lib.types.path; + default = null; + example = "/run/secrets/github-api-token"; + description = '' + If supplied, enables the user to supply a path to a file + containing a github authentication token that allows the + API to be queried more often. Optional, but recommended. + + See the [Managing your personal access tokens](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) + for more information. + + ::: {.warning} + Please do not store this file in the nix store if you choose to + include any credentials here, as it would be world-readable. + ::: + ''; + }; + + telemetryPath = lib.mkOption { + type = lib.types.str; + default = "/metrics"; + description = '' + Path under which to expose metrics. + ''; + }; + + logLevel = lib.mkOption { + type = lib.types.enum [ "critical" "error" "warning" "info" "debug" ]; + default = "info"; + description = "The level of logging the exporter will run with."; + }; + }; + + serviceOpts = { + serviceConfig = { + Environment = + [ + "LOG_LEVEL=${cfg.logLevel}" + "LISTEN_PORT=${toString cfg.port}" + "METRICS_PATH=${cfg.telemetryPath}" + ] + ++ lib.optionals (cfg.apiUrl != null) [ "API_URL=${cfg.apiUrl}" ] + ++ lib.optionals (cfg.tokenPath != null) [ "GITHUB_TOKEN_FILE=${cfg.tokenPath}" ] + ++ lib.optionals (cfg.users != [ ]) [ "USERS=${lib.concatStringsSep "," cfg.users}" ] + ++ lib.optionals (cfg.repositories != [ ]) [ "REPOS=${lib.concatStringsSep "," cfg.repositories}" ] + ++ lib.optionals (cfg.organizations != [ ]) [ "ORGS=${lib.concatStringsSep "," cfg.organizations}" ]; + ExecStart = lib.getExe pkgs.prometheus-github-exporter; + }; + }; +} diff --git a/nixos/tests/prometheus-exporters.nix b/nixos/tests/prometheus-exporters.nix index 576253450814..dea4bf797cfd 100644 --- a/nixos/tests/prometheus-exporters.nix +++ b/nixos/tests/prometheus-exporters.nix @@ -335,6 +335,16 @@ let ''; }; + github = { + # Minimal configuration without Github API queries to avoid error scenarios resulting from a possible rate limit. + exporterConfig.enable = true; + exporterTest = '' + wait_for_unit("prometheus-github-exporter.service") + wait_for_open_port(9171) + succeed("curl -sSf http://localhost:9171/metrics") + ''; + }; + graphite = { exporterConfig = { enable = true;