A metrics exporter for monitoring GitLab project access tokens. Provides Prometheus metrics to track the status and expiration of access tokens.
- 🔍 Monitoring of GitLab project access tokens (supports multiple projects)
- 👤 Monitoring of GitLab user access tokens
- 👥 Monitoring of GitLab group access tokens
- 📊 Export of metrics in Prometheus format
- ⏰ Tracking token expiration time
- 🚨 Detection of expired tokens
- 🐳 Docker containerization
- 🔄 Graceful shutdown
- 🏥 Health checks
gitlab_token_expires_at- Hours until project token expirationgitlab_token_is_expired- Project token expiration status (1 - expired, 0 - active)gitlab_tokens_total- Total number of project tokens
gitlab_user_token_expires_at- Hours until user token expirationgitlab_user_token_is_expired- User token expiration status (1 - expired, 0 - active)gitlab_user_tokens_total- Total number of user tokens
gitlab_group_token_expires_at- Hours until group token expirationgitlab_group_token_is_expired- Group token expiration status (1 - expired, 0 - active)gitlab_group_tokens_total- Total number of group tokens
gitlab_token_scrape_duration_seconds- Scrape execution timegitlab_token_scrape_errors_total- Number of scrape errorsgitlab_token_last_scrape_timestamp- Timestamp of the last successful scrape
- Copy the environment variables file:
cp env.example .env- Edit the
.envfile:
GITLAB_TOKEN=your_gitlab_token_here
GITLAB_BASE_URL=https://gitlab.com
GITLAB_PROJECT_IDS=12345,67890- Start the application:
docker-compose up -d-
Install Go 1.23 or higher
-
Clone the repository:
git clone <repository-url>
cd gitlab-token-exporter- Install dependencies:
go mod download- Set environment variables:
export GITLAB_TOKEN=your_gitlab_token_here
export GITLAB_BASE_URL=https://gitlab.com
export GITLAB_PROJECT_IDS=12345,67890- Run the application:
go run ./cmd/server| Variable | Description | Required | Default |
|---|---|---|---|
GITLAB_TOKEN |
GitLab API token | Yes | - |
GITLAB_BASE_URL |
GitLab server URL | Yes | - |
GITLAB_PROJECT_IDS |
Comma-separated list of project IDs | Yes | - |
SERVER_PORT |
HTTP server port | No | 8080 |
SCRAPER_INTERVAL |
Metrics update interval | No | 10s |
/metrics- Prometheus metrics/health- Health check endpoint
The application automatically exports metrics in Prometheus format. Add the following to your Prometheus configuration:
scrape_configs:
- job_name: 'gitlab-token-exporter'
static_configs:
- targets: ['localhost:8080']
scrape_interval: 10s
metrics_path: /metricsImport a ready-made dashboard or create your own using the following queries:
gitlab_tokens_total
gitlab_user_tokens_total
gitlab_group_tokens_total
gitlab_token_expires_at < 24
gitlab_user_token_expires_at < 24
gitlab_group_token_expires_at < 24
gitlab_token_is_expired == 1
gitlab_user_token_is_expired == 1
gitlab_group_token_is_expired == 1
gitlab-token-exporter/
├── cmd/
│ └── server/ # Application entry point
├── internal/
│ ├── config/ # Configuration
│ ├── gitlab/ # GitLab client
│ ├── metrics/ # Metrics handling
│ └── scraper/ # Data scraping logic
├── configs/ # Configuration files
├── Dockerfile # Docker image
├── docker-compose.yml # Docker Compose
└── README.md # Documentation
- Add the new metric to
internal/metrics/handler.go - Register the metric in the constructor
- Add methods to set values
- Use the metric in the scraper
# Run tests
go test ./...
# Run tests with coverage
go test -cover ./...
# Run benchmarks
go test -bench=. ./...The application uses the standard Go logger. For production, it is recommended to configure structured logging.
- The application runs as a non-privileged user in Docker
- All secrets are passed via environment variables
- Health checks for monitoring status
- Check the correctness of
GITLAB_BASE_URL - Make sure the token has the necessary permissions
- Check the availability of the GitLab server
- Check the
/metricsendpoint - Make sure Prometheus can connect to the application
- Check the logs for errors
MIT License