cert-exporter icon indicating copy to clipboard operation
cert-exporter copied to clipboard

Published 20 hours ago verified publisher icon joe-elliott

How to scrape secrets from multiple namespaces

Open irshadsm opened this issue 3 years ago • 12 comments

Dear @joe-elliott ,

I am looking to scrape secrets from multiple namespaces like below, but I am not able to get the expected result.

- args:
            - '--secrets-namespace=<firstnamespace> <second namespace>'
            - '--secrets-include-glob=*' 
            - '--secret-include-types=Opaque'
            - '--logtostderr

Could you please help me to understand how can I achieve the same?

irshadsm avatar Mar 09 '21 10:03 irshadsm

Right now you'd need to deploy multiple cert-exporters. Each with a different namespace listed.

joe-elliott avatar Mar 09 '21 12:03 joe-elliott

Thanks for the suggestion. May I know if you have a plan to integrate this feature as well?

irshadsm avatar Mar 10 '21 06:03 irshadsm

I do not. It's a good idea, but I will admit I don't really have the time to explore it.

https://github.com/joe-elliott/cert-exporter/blob/master/src/checkers/periodicSecretChecker.go#L67

Actually, now that I'm looking at the code it's possible that passing an empty string will check all namespaces? If not you're welcome to submit a PR and I will review.

joe-elliott avatar Mar 10 '21 13:03 joe-elliott

I've just started cert-exporter without secrets-namespace arg and it successfully found and checked two secrets in two different namespaces.

messiahUA avatar Mar 30 '21 17:03 messiahUA

Hello, @joe-elliott using latest release with: -secrets-namespaces="namespace_1,namespace_2"

and still not working it gives results only from the last namespace in the string

when not using -secrets-namespaces at all it scrape from all namespaces in cluster

I would like to have the ability to filter by several namespaces like the above example

-secrets-namespaces="namespace_1,namespace_2"

thank youi

danielrozenblum avatar Nov 07 '22 08:11 danielrozenblum

Hello @joe-elliott also trying with: -secrets-namespaces="namespace-.*" doesnt seem to work

Thank you

danielrozenblum avatar Nov 07 '22 12:11 danielrozenblum

Thank you @joe-elliott. Can we expect new helm release containing this fix soon?

danielrozenblum avatar Nov 14 '22 16:11 danielrozenblum

Yup, I was waiting to get this PR in: https://github.com/joe-elliott/cert-exporter/pull/125

so I could only do it once. I'm currently out of the office which is also making it a bit harder to find time to do this, but I promise it's on my list!

joe-elliott avatar Nov 16 '22 16:11 joe-elliott

Thank you @joe-elliott much appriciated.

danielrozenblum avatar Nov 16 '22 16:11 danielrozenblum

@danielrozenblum the helm chart should be building now. give it a shot and let me know if there's anything that needs to be fixed.

joe-elliott avatar Nov 17 '22 12:11 joe-elliott

@joe-elliott thank you. will do !

danielrozenblum avatar Nov 17 '22 13:11 danielrozenblum

Thank you @joe-elliott , after several weeks using latest version all works perfectly.

danielrozenblum avatar Feb 14 '23 14:02 danielrozenblum