Skip to content

Commit

Permalink
Use FieldSelector to select only tls secrets (#82)
Browse files Browse the repository at this point in the history 
This speeds up the listing of certs significatnyly in clusters with many secrets.
  • Loading branch information
@sechmann
sechmann committed Dec 23, 2021
1 parent 0b96063 commit a8dcb43
Showing 1 changed file with 11 additions and 13 deletions.
24 changes: 11 additions & 13 deletions prober/kubernetes.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,23 +44,21 @@ func probeKubernetes(ctx context.Context, target string, module config.Module, r
name := parts[1]

var tlsSecrets []v1.Secret
secrets, err := client.CoreV1().Secrets("").List(ctx, metav1.ListOptions{})
secrets, err := client.CoreV1().Secrets("").List(ctx, metav1.ListOptions{FieldSelector: "type=kubernetes.io/tls"})
if err != nil {
return err
}
for _, secret := range secrets.Items {
if secret.Type == "kubernetes.io/tls" {
nMatch, err := doublestar.Match(ns, secret.Namespace)
if err != nil {
return err
}
sMatch, err := doublestar.Match(name, secret.Name)
if err != nil {
return err
}
if nMatch && sMatch {
tlsSecrets = append(tlsSecrets, secret)
}
nMatch, err := doublestar.Match(ns, secret.Namespace)
if err != nil {
return err
}
sMatch, err := doublestar.Match(name, secret.Name)
if err != nil {
return err
}
if nMatch && sMatch {
tlsSecrets = append(tlsSecrets, secret)
}
}

Expand Down

0 comments on commit a8dcb43

Please sign in to comment.