Remove endpoint address from metrics due to security concerns

utilitywarehouse · Jan 12, 2021 · 896d4a1 · 896d4a1
1 parent c12b1ac
commit 896d4a1
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 10 deletions.
diff --git a/metrics.go b/metrics.go
@@ -38,7 +38,7 @@ func newMetricsCollector(devices func() ([]*wgtypes.Device, error), lm *FileLeas
 		PeerInfo: prometheus.NewDesc(
 			"wiresteward_wg_peer_info",
 			"Metadata about a peer. The public_key label on peer metrics refers to the peer's public key; not the device's public key.",
-			append(labels, []string{"endpoint", "username"}...),
+			append(labels, []string{"username"}...),
 			nil,
 		),
 		PeerAllowedIPsInfo: prometheus.NewDesc(
@@ -112,18 +112,13 @@ func (c *collector) Collect(ch chan<- prometheus.Metric) {
 
 		for _, p := range d.Peers {
 			pub := p.PublicKey.String()
-			// Use empty string instead of special Go <nil> syntax for no endpoint.
-			var endpoint string
-			if p.Endpoint != nil {
-				endpoint = p.Endpoint.String()
-			}
 			username := c.getUserFromPubKey(pub)
 
 			ch <- prometheus.MustNewConstMetric(
 				c.PeerInfo,
 				prometheus.GaugeValue,
 				1,
-				d.Name, pub, endpoint, username,
+				d.Name, pub, username,
 			)
 
 			for _, ip := range p.AllowedIPs {

diff --git a/metrics_test.go b/metrics_test.go
@@ -98,9 +98,9 @@ func TestCollector(t *testing.T) {
 			metrics: []string{
 				fmt.Sprintf(`wiresteward_wg_device_info{device="wg0",public_key="%v"} 1`, pubDevA.String()),
 				fmt.Sprintf(`wiresteward_wg_device_info{device="wg1",public_key="%v"} 1`, pubDevB.String()),
-				fmt.Sprintf(`wiresteward_wg_peer_info{device="wg0",endpoint="1.1.1.1:51820",public_key="%v",username="%s"} 1`, pubPeerA.String(), userA),
-				fmt.Sprintf(`wiresteward_wg_peer_info{device="wg1",endpoint="",public_key="%v",username="%s"} 1`, pubPeerB.String(), userB),
-				fmt.Sprintf(`wiresteward_wg_peer_info{device="wg1",endpoint="",public_key="%v",username=""} 1`, pubPeerC.String()),
+				fmt.Sprintf(`wiresteward_wg_peer_info{device="wg0",public_key="%v",username="%s"} 1`, pubPeerA.String(), userA),
+				fmt.Sprintf(`wiresteward_wg_peer_info{device="wg1",public_key="%v",username="%s"} 1`, pubPeerB.String(), userB),
+				fmt.Sprintf(`wiresteward_wg_peer_info{device="wg1",public_key="%v",username=""} 1`, pubPeerC.String()),
 				fmt.Sprintf(`wiresteward_wg_peer_allowed_ips_info{allowed_ips="10.0.0.1/32",device="wg0",public_key="%v",username="%s"} 1`, pubPeerA.String(), userA),
 				fmt.Sprintf(`wiresteward_wg_peer_allowed_ips_info{allowed_ips="10.0.0.2/32",device="wg0",public_key="%v",username="%s"} 1`, pubPeerA.String(), userA),
 				fmt.Sprintf(`wiresteward_wg_peer_allowed_ips_info{allowed_ips="10.0.0.3/32",device="wg1",public_key="%v",username="%s"} 1`, pubPeerB.String(), userB),