Enable mTLS for Keycloak metrics
Since https://repo1.dso.mil/platform-one/big-bang/apps/core/monitoring/-/issues/71 is complete, Prometheus is configured with certs to properly scrape metrics from Istio injected applications.
This ticket should encompass:
- Configuring the servicemonitor/podmonitor for TLS scraping following this doc (sections for servicemonitor and podmonitor config)
- Removing the mTLS "exception" for the metrics port
- Validating all application functionality + metrics scraping
NOTE: Ideally all additions to the servicemonitors should be done via values in Big Bang and conditional on Istio enabled, Istio mTLS in STRICT mode, and (where applicable) Istio injection enabled on the package.
Edited by Micah Nagel