How to scrape secrets from multiple namespaces

joe-elliott / cert-exporter

A Prometheus exporter that publishes cert expirations on disk and in Kubernetes secrets

Apache License 2.0

323 stars 87 forks source link

How to scrape secrets from multiple namespaces #73

Open irshadsm opened 3 years ago

irshadsm commented 3 years ago

Dear @joe-elliott ,

I am looking to scrape secrets from multiple namespaces like below, but I am not able to get the expected result.

- args:
            - '--secrets-namespace=<firstnamespace> <second namespace>'
            - '--secrets-include-glob=*' 
            - '--secret-include-types=Opaque'
            - '--logtostderr

Could you please help me to understand how can I achieve the same?

joe-elliott commented 3 years ago

Right now you'd need to deploy multiple cert-exporters. Each with a different namespace listed.

irshadsm commented 3 years ago

Thanks for the suggestion. May I know if you have a plan to integrate this feature as well?

joe-elliott commented 3 years ago

I do not. It's a good idea, but I will admit I don't really have the time to explore it.

https://github.com/joe-elliott/cert-exporter/blob/master/src/checkers/periodicSecretChecker.go#L67

Actually, now that I'm looking at the code it's possible that passing an empty string will check all namespaces? If not you're welcome to submit a PR and I will review.

messiahUA commented 3 years ago

I've just started cert-exporter without secrets-namespace arg and it successfully found and checked two secrets in two different namespaces.

danielrozenblum commented 2 years ago

Hello, @joe-elliott using latest release with: -secrets-namespaces="namespace_1,namespace_2"

and still not working it gives results only from the last namespace in the string

when not using -secrets-namespaces at all it scrape from all namespaces in cluster

I would like to have the ability to filter by several namespaces like the above example

-secrets-namespaces="namespace_1,namespace_2"

thank youi

danielrozenblum commented 2 years ago

Hello @joe-elliott also trying with: -secrets-namespaces="namespace-.*" doesnt seem to work

Thank you

danielrozenblum commented 2 years ago

Thank you @joe-elliott. Can we expect new helm release containing this fix soon?

joe-elliott commented 2 years ago

Yup, I was waiting to get this PR in: https://github.com/joe-elliott/cert-exporter/pull/125

so I could only do it once. I'm currently out of the office which is also making it a bit harder to find time to do this, but I promise it's on my list!

danielrozenblum commented 2 years ago

Thank you @joe-elliott much appriciated.

joe-elliott commented 2 years ago

@danielrozenblum the helm chart should be building now. give it a shot and let me know if there's anything that needs to be fixed.

danielrozenblum commented 2 years ago

@joe-elliott thank you. will do !

danielrozenblum commented 1 year ago

Thank you @joe-elliott , after several weeks using latest version all works perfectly.