TLS security for GitLab Rails metrics endpoints

Refer &7479 (closed)

GitLab components report metrics via Prometheus, and sometimes start a pprof listener to aid live profiling. Either of these may be open and listening when running GitLab in production, as they are on GitLab.com

1. Inventory which endpoints report to Prometheus
2. Determine of those endpoints are already or can be TLS-secured
3. Secure each unsecured endpoint