From a8dcb43b445ad9db6dcdeaaff5e1742236d9f4d3 Mon Sep 17 00:00:00 2001
From: Vegar Sechmann Molvig <vegar.molvig@gmail.com>
Date: Thu, 23 Dec 2021 14:18:24 +0100
Subject: [PATCH] Use FieldSelector to select only tls secrets (#82)

This speeds up the listing of certs significatnyly in clusters with many secrets.
---
 prober/kubernetes.go | 24 +++++++++++-------------
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/prober/kubernetes.go b/prober/kubernetes.go
index ecedb1f..d8fe666 100644
--- a/prober/kubernetes.go
+++ b/prober/kubernetes.go
@@ -44,23 +44,21 @@ func probeKubernetes(ctx context.Context, target string, module config.Module, r
 	name := parts[1]
 
 	var tlsSecrets []v1.Secret
-	secrets, err := client.CoreV1().Secrets("").List(ctx, metav1.ListOptions{})
+	secrets, err := client.CoreV1().Secrets("").List(ctx, metav1.ListOptions{FieldSelector: "type=kubernetes.io/tls"})
 	if err != nil {
 		return err
 	}
 	for _, secret := range secrets.Items {
-		if secret.Type == "kubernetes.io/tls" {
-			nMatch, err := doublestar.Match(ns, secret.Namespace)
-			if err != nil {
-				return err
-			}
-			sMatch, err := doublestar.Match(name, secret.Name)
-			if err != nil {
-				return err
-			}
-			if nMatch && sMatch {
-				tlsSecrets = append(tlsSecrets, secret)
-			}
+		nMatch, err := doublestar.Match(ns, secret.Namespace)
+		if err != nil {
+			return err
+		}
+		sMatch, err := doublestar.Match(name, secret.Name)
+		if err != nil {
+			return err
+		}
+		if nMatch && sMatch {
+			tlsSecrets = append(tlsSecrets, secret)
 		}
 	}