Hello everyone,

in our current situation, we want to probe an endpoint that requires the http header "X-Api-Key": "someAPIkeyHere" to be set instead of a bearer token passed the usual way. It would be great if http headers could be read from a file (analogously to how bearer tokens and basic auth passwords can). We do not control the way authentication is handled, but during my last google session regarding this problem, this seemed to be a somewhat frequent way of doing it in some proprietary software.

We are operating under a strict GitOps workflow, so we are deploying the blackbox exporter using the community helm chart for the blackbox exporter. We manage SealedSecrets in Git to produce Secrets on Kubernetes that in turn are mounted into the blackbox exporter and then used as secret files for Basic Auth and/or bearer token files. In our idealised dream world the same mechanism would allow us to properly populate http header fields (or key: value pairs for the header).

In any case, thank you for your hard work. Working with the various prometheus components we have in place in our projects has been a real blast!

Edit: Just for clarification, the current "solution" we see in our case is to generate the whole configmap from a SealedSecret, whose corresponding decrypted Secret would replace the secret config which would get mounted as the config yaml for the container. Sadly this way makes it so that changing anything config-related means rebuilding the sealed secret manually and further diminishes the usefulness of GitOps since the actual configuration of the Blackbox exporter would not be reconstructable for someone with Git access only.