The 1Password Connect Kubernetes Operator provides the ability to integrate Kubernetes Secrets with 1Password. The operator also handles autorestarting deployments when 1Password items are updated.
I would like a Prometheus metric that exposes total healthy and unhealthy metrics for onepassword items.
Use cases
The use case i see for this is mostly around monitoring and alerting. it is general practice in Kubernetes to monitor your cluster using Prometheus and to alert on specific metrics. i see this feature request as a way to pick up when secrets have not correctly been applied and alerting that to an SRE team or a DevOps team.
Proposed solution
A proposed solution would be to extend the Prometheus metrics to include a healthy and unhealthy metric point. please refer to the prior work as sealed secrets by bitnami has a similar metric which i believe pulls the status fields of the secret CRD to infer if a secret has been decrypted or not.
Summary
I would like a Prometheus metric that exposes total healthy and unhealthy metrics for onepassword items.
Use cases
The use case i see for this is mostly around monitoring and alerting. it is general practice in Kubernetes to monitor your cluster using Prometheus and to alert on specific metrics. i see this feature request as a way to pick up when secrets have not correctly been applied and alerting that to an SRE team or a DevOps team.
Proposed solution
A proposed solution would be to extend the Prometheus metrics to include a healthy and unhealthy metric point. please refer to the prior work as sealed secrets by bitnami has a similar metric which i believe pulls the status fields of the secret CRD to infer if a secret has been decrypted or not.
References & Prior Work
This is how sealed secrets exposes the error metric: https://github.com/bitnami-labs/sealed-secrets/blob/main/pkg/controller/metrics.go