I am planning to expose Prometheus metrics in my upcoming app, but since the built in Fly’s metrics scrapper does not support authentication, i am considering whitelisting ip address of the built-in scrapper (via something like an ENV value with prometheus.internal). Since I am also planning to use this metrics endpoint from another system
This option is significant cleaner than using different port, since most frameworks (including Laravel, on which my app was built) dont route per-port. So i would have to do something like serve all route on 2 different ports, map 1 to the fly proxy, and handle the port for the metrics route specifically to bypass auth if comes from the non-public port.
So my question is: is there a way to access the ip address of the scrapper and whitelist it?