Merge branch 'always-allow-prometheus-access-in-dev' into 'master'

In dev, always allow access to health endpoints from localhost

See merge request gitlab-org/gitlab-ce!29930

2 files changed, 9 insertions, 0 deletions

diff --git a/app/controllers/concerns/requires_whitelisted_monitoring_client.rb b/app/controllers/concerns/requires_whitelisted_monitoring_client.rb
index 426f224d26b..f47ead2f0da 100644
--- a/app/controllers/concerns/requires_whitelisted_monitoring_client.rb
+++ b/app/controllers/concerns/requires_whitelisted_monitoring_client.rb
@@ -14,6 +14,10 @@ module RequiresWhitelistedMonitoringClient
   end
 
   def client_ip_whitelisted?
+    # Always allow developers to access http://localhost:3000/-/metrics for
+    # debugging purposes
+    return true if Rails.env.development? && request.local?
+
     ip_whitelist.any? { |e| e.include?(Gitlab::RequestContext.client_ip) }
   end
 
diff --git a/changelogs/unreleased/always-allow-prometheus-access-in-dev.yml b/changelogs/unreleased/always-allow-prometheus-access-in-dev.yml
new file mode 100644
index 00000000000..acd944ea684
--- /dev/null
+++ b/changelogs/unreleased/always-allow-prometheus-access-in-dev.yml
@@ -0,0 +1,5 @@
+---
+title: Always allow access to health endpoints from localhost in dev
+merge_request: 29930
+author:
+type: other