Skip to content

Commit a46ee5e

Browse files
haadhaad
authored
Merge branch 'master' into add-r2-metrics
2 parents 26f0536 + 0521e44 commit a46ee5e

File tree

4 files changed

+26
-15
lines changed

4 files changed

+26
-15
lines changed

Dockerfile

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
1-
FROM golang:alpine as builder
1+
# check=skip=SecretsUsedInArgOrEnv we're just set default here, not any secret data
2+
FROM golang:alpine AS builder
23

34
WORKDIR /app
45

@@ -17,7 +18,7 @@ RUN apk update && apk add ca-certificates
1718

1819
COPY --from=builder /app/cloudflare_exporter cloudflare_exporter
1920

20-
ENV CF_API_KEY ""
21-
ENV CF_API_EMAIL ""
21+
ENV CF_API_KEY=""
22+
ENV CF_API_EMAIL=""
2223

2324
ENTRYPOINT [ "./cloudflare_exporter" ]

README.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -23,12 +23,12 @@ The preferred way of authenticating is with an API token, for which the scope ca
2323
dashboard.
2424

2525
Required authentication scopes:
26-
- `Analytics:Read` is required for zone-level metrics
27-
- `Account.Account Analytics:Read` is required for Worker metrics
28-
- `Account Settings:Read` is required for Worker metrics (for listing accessible accounts, scraping all available
26+
- `Zone/Analytics:Read` is required for zone-level metrics
27+
- `Account/Account Analytics:Read` is required for Worker metrics
28+
- `Account/Account Settings:Read` is required for Worker metrics (for listing accessible accounts, scraping all available
2929
Workers included in authentication scope)
30-
- `Firewall Services:Read` is required to fetch zone rule name for `cloudflare_zone_firewall_events_count` metric
31-
- `Account. Account Rulesets:Read` is required to fetch account rule name for `cloudflare_zone_firewall_events_count` metric
30+
- `Zone/Firewall Services:Read` is required to fetch zone rule name for `cloudflare_zone_firewall_events_count` metric
31+
- `Account/Account Rulesets:Read` is required to fetch account rule name for `cloudflare_zone_firewall_events_count` metric
3232

3333
To authenticate this way, only set `CF_API_TOKEN` (omit `CF_API_EMAIL` and `CF_API_KEY`)
3434

cloudflare.go

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -311,7 +311,17 @@ func fetchFirewallRules(zoneID string) map[string]string {
311311
if rulesetDesc.Phase == "http_request_firewall_managed" {
312312
ruleset, err := cloudflareAPI.GetRuleset(ctx, cloudflare.ZoneIdentifier(zoneID), rulesetDesc.ID)
313313
if err != nil {
314-
log.Fatalf("Error fetching ruleset: %s", err)
314+
log.Fatalf("Error fetching ruleset for firewall rules: %s", err)
315+
}
316+
for _, rule := range ruleset.Rules {
317+
firewallRulesMap[rule.ID] = rule.Description
318+
}
319+
}
320+
321+
if rulesetDesc.Phase == "http_request_firewall_custom" {
322+
ruleset, err := api.GetRuleset(ctx, cloudflare.ZoneIdentifier(zoneID), rulesetDesc.ID)
323+
if err != nil {
324+
log.Fatal("Error fetching custom firewall rulesets: %s" err)
315325
}
316326
for _, rule := range ruleset.Rules {
317327
firewallRulesMap[rule.ID] = rule.Description
@@ -451,7 +461,7 @@ query ($zoneIDs: [String!], $mintime: Time!, $maxtime: Time!, $limit: Int!) {
451461

452462
var resp cloudflareResponse
453463
if err := graphqlClient.Run(ctx, request, &resp); err != nil {
454-
log.Error(err)
464+
log.Error("failed to fetch zone totals: ", err)
455465
return nil, err
456466
}
457467

@@ -506,7 +516,7 @@ func fetchColoTotals(zoneIDs []string) (*cloudflareResponseColo, error) {
506516
graphqlClient := graphql.NewClient(cfGraphQLEndpoint)
507517
var resp cloudflareResponseColo
508518
if err := graphqlClient.Run(ctx, request, &resp); err != nil {
509-
log.Error(err)
519+
log.Error("failed to fetch colocation totals: ", err)
510520
return nil, err
511521
}
512522

main.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -207,7 +207,7 @@ func runExporter() {
207207
func main() {
208208
var cmd = &cobra.Command{
209209
Use: "cloudflare_exporter",
210-
Short: "Export Cloudflare metrics to Prometheus",
210+
Short: "Prometheus exporter exposing Cloudflare Analytics dashboard data on a per-zone basis, as well as Worker metrics",
211211
Run: func(_ *cobra.Command, _ []string) {
212212
runExporter()
213213
},
@@ -217,7 +217,7 @@ func main() {
217217

218218
flags := cmd.Flags()
219219

220-
flags.String("listen", ":8080", "listen on addr:port, omit addr to listen on all interfaces")
220+
flags.String("listen", ":8080", "listen on addr:port (default :8080), omit addr to listen on all interfaces")
221221
viper.BindEnv("listen")
222222
viper.SetDefault("listen", ":8080")
223223

@@ -234,11 +234,11 @@ func main() {
234234
flags.String("cf_api_token", "", "cloudflare api token (preferred)")
235235
viper.BindEnv("cf_api_token")
236236

237-
flags.String("cf_zones", "", "cloudflare zones to export, comma delimited list")
237+
flags.String("cf_zones", "", "cloudflare zones to export, comma delimited list of zone ids")
238238
viper.BindEnv("cf_zones")
239239
viper.SetDefault("cf_zones", "")
240240

241-
flags.String("cf_exclude_zones", "", "cloudflare zones to exclude, comma delimited list")
241+
flags.String("cf_exclude_zones", "", "cloudflare zones to exclude, comma delimited list of zone ids")
242242
viper.BindEnv("cf_exclude_zones")
243243
viper.SetDefault("cf_exclude_zones", "")
244244

0 commit comments

Comments
 (0)