Should we support per-tenant store endpoints?

[bill3tt]

Currently prom-label-proxy does not support tenants being able to retrieve stores that present their identifying label set.

As this endpoint is not parameterised, implementation would presumably follow the pattern established by the /api/v1/rules endpoint here.

Example response from the Katacoda multi-tenancy tutorial

❯ curl -s https://2886795272-39091-frugo01.environments.katacoda.com/api/v1/stores | jq
{
"status": "success",
"data": {
  "sidecar": [
    {
      "name": "127.0.0.1:19190",
      "lastCheck": "2021-06-07T21:31:22.183374877Z",
      "lastError": null,
      "labelSets": [
        {
          "cluster": "eu1",
          "replica": "0",
          "tenant": "team-fruit"
        }
      ],
      "minTime": -62167219200000,
      "maxTime": 9223372036854776000
    },
    {
      "name": "127.0.0.1:19191",
      "lastCheck": "2021-06-07T21:31:22.182829172Z",
      "lastError": null,
      "labelSets": [
        {
          "cluster": "eu1",
          "replica": "0",
          "tenant": "team-veggie"
        }
      ],
      "minTime": -62167219200000,
      "maxTime": 9223372036854776000
    },
    {
      "name": "127.0.0.1:19192",
      "lastCheck": "2021-06-07T21:31:22.182868637Z",
      "lastError": null,
      "labelSets": [
        {
          "cluster": "eu1",
          "replica": "1",
          "tenant": "team-veggie"
        }
      ],
      "minTime": -62167219200000,
      "maxTime": 9223372036854776000
    }
  ]
}
}

The absence of implementation of this endpoint makes me think that it was deliberately excluded, for what I assume is the potential to leak sensitive information. Since I could not find a public reference to this, I opened this issue instead :)

[simonpasquier]

I'm not sure that we ever discussed this feature to be honest. I think it would be fine to have though it only applies to Thanos and not Prometheus.