github/x509-certificate-exporter
1
0
Fork 0
mirror of https://github.com/enix/x509-certificate-exporter.git synced 2026-02-14 18:10:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
823 Commits 16 Branches 106 Tags
main
Commit Graph

823 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
ffa904ffba build(deps): bump k8s.io/client-go from 0.32.0 to 0.32.1 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.32.0 to 0.32.1.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.32.0...v0.32.1)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-20 09:31:56 +01:00
dependabot[bot]
e0671afdd6 build(deps): bump github.com/prometheus/common from 0.61.0 to 0.62.0 
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.61.0 to 0.62.0.
- [Release notes](https://github.com/prometheus/common/releases)
- [Changelog](https://github.com/prometheus/common/blob/main/RELEASE.md)
- [Commits](https://github.com/prometheus/common/compare/v0.61.0...v0.62.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-20 09:30:28 +01:00
dependabot[bot]
b850549af1 build(deps): bump cosmtrek/air from v1.61.5 to v1.61.7 
Bumps cosmtrek/air from v1.61.5 to v1.61.7.

---
updated-dependencies:
- dependency-name: cosmtrek/air
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-20 09:30:13 +01:00
Kai Kummerer
9299b39c48 Add "expires after" to CertificateRenewal alert description 2025-01-16 14:16:22 +01:00
Paul Laffitte
fc47f9b1ab feat: include or exclude namespaces to watch based on their labels 2025-01-14 17:40:23 +01:00
dependabot[bot]
5bc2da352f build(deps): bump chainguard/wolfi-base from 9637e55 to eeb70e7 
Bumps [chainguard/wolfi-base](https://github.com/chainguard-images/images) from `9637e55` to `eeb70e7`.
- [Commits](https://github.com/chainguard-images/images/commits)

---
updated-dependencies:
- dependency-name: chainguard/wolfi-base
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-10 09:50:35 +01:00
dependabot[bot]
39fea347d3 build(deps): bump chainguard/wolfi-base from 3b271f8 to 9637e55 
Bumps [chainguard/wolfi-base](https://github.com/chainguard-images/images) from `3b271f8` to `9637e55`.
- [Commits](https://github.com/chainguard-images/images/commits)

---
updated-dependencies:
- dependency-name: chainguard/wolfi-base
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-08 17:05:17 +01:00
Thibault VINCENT
efefed0c49 chore: add Compose stack with live reload and Kind cluster bootstrap 2025-01-07 17:44:10 +01:00
dependabot[bot]
04f820fd96 build(deps): bump github.com/KimMachineGun/automemlimit 
Bumps [github.com/KimMachineGun/automemlimit](https://github.com/KimMachineGun/automemlimit) from 0.6.1 to 0.7.0.
- [Release notes](https://github.com/KimMachineGun/automemlimit/releases)
- [Commits](https://github.com/KimMachineGun/automemlimit/compare/v0.6.1...v0.7.0)

---
updated-dependencies:
- dependency-name: github.com/KimMachineGun/automemlimit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-01-07 10:51:57 +01:00
Thibault VINCENT
e2f8c4121e bumps(deps): update direct and transitive Go dependencies v3.18.1 2024-12-27 13:38:19 +01:00
Thibault VINCENT
77f58c10c8 fix(kubernetes): fetch ConfigMaps when keys are configured 
Fixes #368
 2024-12-27 13:38:19 +01:00
Thibault VINCENT
476b09364c feat(container): bump Alpine base image to version 3.21.0 v3.18.0 2024-12-18 21:46:54 +01:00
Thibault VINCENT
18ffb14cb8 ci: bump Kind to version 0.26.0 2024-12-18 21:46:54 +01:00
Thibault VINCENT
99f0d21912 bumps(deps): update direct and transitive Go dependencies 2024-12-18 21:46:54 +01:00
Thibault VINCENT
1d90a66ebb feat(build): bump Golang to version 1.23.4 2024-12-18 21:46:54 +01:00
Thibault VINCENT
499162a117 ci: new workflow to validate PR titles 2024-12-16 17:30:14 +01:00
Thibault VINCENT
3bf4f4ac39 feat(build): publish SBOM documents for new releases 2024-12-16 17:29:44 +01:00
Thibault VINCENT
1ed09e50a2 feat(build): publish OpenVEX documents for new releases 2024-12-16 17:29:36 +01:00
Thibault VINCENT
1267a89a10 ci: add scheduled workflow for govulncheck 2024-12-16 17:28:51 +01:00
Nuckal777
0e1da0769a Use iterator for matching of secret keys 2024-12-16 16:39:54 +01:00
Nuckal777
eb1da5bd80 Add secret key length check 2024-12-16 16:39:54 +01:00
Nuckal777
b9ff8e299d Fix tests 2024-12-16 16:39:54 +01:00
Nuckal777
4cfad6fe50 Implement regex support for secret-type flag 2024-12-16 16:39:54 +01:00
dependabot[bot]
ab35b9e0ca build(deps): bump k8s.io/client-go from 0.31.3 to 0.32.0 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.31.3 to 0.32.0.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.31.3...v0.32.0)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-16 10:15:52 +01:00
dependabot[bot]
6d442115c4 build(deps): bump github.com/prometheus/exporter-toolkit 
Bumps [github.com/prometheus/exporter-toolkit](https://github.com/prometheus/exporter-toolkit) from 0.13.1 to 0.13.2.
- [Release notes](https://github.com/prometheus/exporter-toolkit/releases)
- [Changelog](https://github.com/prometheus/exporter-toolkit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/prometheus/exporter-toolkit/compare/v0.13.1...v0.13.2)

---
updated-dependencies:
- dependency-name: github.com/prometheus/exporter-toolkit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-16 09:59:01 +01:00
dependabot[bot]
2936435569 build(deps): bump k8s.io/apimachinery from 0.31.3 to 0.32.0 
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.31.3 to 0.32.0.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.31.3...v0.32.0)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 10:00:28 +01:00
dependabot[bot]
d7d3e26dc4 build(deps): bump alpine from 3.20.3 to 3.21.0 
Bumps alpine from 3.20.3 to 3.21.0.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-10 14:47:28 +01:00
dependabot[bot]
7cb78c9010 build(deps): bump golang from 1.23.2-alpine to 1.23.4-alpine 
Bumps golang from 1.23.2-alpine to 1.23.4-alpine.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-10 14:46:46 +01:00
Thibault VINCENT
8616ca9293 ci: update dependabot config 2024-12-10 14:45:19 +01:00
Jeremy Delgado
c99030d3de chore(charts,x509-certificate-exporter): monitor specific file extension 2024-12-10 14:29:32 +01:00
Thibault VINCENT
dec9be8a67 doc(helm): fix value description and run helm-docs to update README 2024-12-10 12:14:09 +01:00
Dimitar Ivanov
6174e3aca6 Remove obsolete exporter.ExposeConfigMapLabels 2024-12-10 12:14:09 +01:00
Dimitar Ivanov
d0f28f48da Correcting helm template 2024-12-10 12:14:09 +01:00
Dimitar Ivanov
67e376f773 Include basic discovery for configmaps 2024-12-10 12:14:09 +01:00
dependabot[bot]
93f865adb9 build(deps): bump k8s.io/client-go from 0.31.2 to 0.31.3 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.31.2 to 0.31.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.31.2...v0.31.3)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-10 11:22:15 +01:00
dependabot[bot]
5232ef584f build(deps): bump engineerd/setup-kind from 0.5.0 to 0.6.2 
Bumps [engineerd/setup-kind](https://github.com/engineerd/setup-kind) from 0.5.0 to 0.6.2.
- [Release notes](https://github.com/engineerd/setup-kind/releases)
- [Commits](https://github.com/engineerd/setup-kind/compare/v0.5.0...v0.6.2)

---
updated-dependencies:
- dependency-name: engineerd/setup-kind
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-10 11:21:50 +01:00
dependabot[bot]
e285a7a137 build(deps): bump k8s.io/apimachinery from 0.31.2 to 0.31.3 
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) from 0.31.2 to 0.31.3.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.31.2...v0.31.3)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-10 11:20:27 +01:00
dependabot[bot]
b027266b77 build(deps): bump github.com/prometheus/common from 0.60.1 to 0.61.0 
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.60.1 to 0.61.0.
- [Release notes](https://github.com/prometheus/common/releases)
- [Changelog](https://github.com/prometheus/common/blob/main/RELEASE.md)
- [Commits](https://github.com/prometheus/common/compare/v0.60.1...v0.61.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-10 11:18:56 +01:00
dependabot[bot]
c0ca5000e1 build(deps): bump github.com/prometheus/exporter-toolkit 
Bumps [github.com/prometheus/exporter-toolkit](https://github.com/prometheus/exporter-toolkit) from 0.13.0 to 0.13.1.
- [Release notes](https://github.com/prometheus/exporter-toolkit/releases)
- [Changelog](https://github.com/prometheus/exporter-toolkit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/prometheus/exporter-toolkit/compare/v0.13.0...v0.13.1)

---
updated-dependencies:
- dependency-name: github.com/prometheus/exporter-toolkit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-04 14:23:28 +01:00
dependabot[bot]
b3283ae369 build(deps): bump github.com/prometheus/common from 0.60.0 to 0.60.1 
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.60.0 to 0.60.1.
- [Release notes](https://github.com/prometheus/common/releases)
- [Changelog](https://github.com/prometheus/common/blob/main/RELEASE.md)
- [Commits](https://github.com/prometheus/common/compare/v0.60.0...v0.60.1)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-28 13:23:43 +01:00
Thibault VINCENT
8f97b98c86 feat(container): switch Busybox images to glibc flavor (fix for RISC-V) v3.17.0 2024-10-24 15:06:34 +02:00
Thibault VINCENT
92860e287a feat(container): switch to stable Alpine base images for RISC-V 2024-10-24 15:04:45 +02:00
Thibault VINCENT
ef22a785cf bumps(deps): update direct and transitive Go dependencies v3.16.0 2024-10-24 14:49:18 +02:00
Thibault VINCENT
756827c6ac feat(build): bump Golang to version 1.23.2 2024-10-24 14:49:18 +02:00
Thibault VINCENT
bf1f61308c feat(container): bump Busybox base image to version 1.37.0 2024-10-24 14:49:18 +02:00
Thibault VINCENT
3d2904aa0b feat(container): bump Alpine base image to version 3.20.2 2024-10-24 14:49:18 +02:00
Thibault VINCENT
3d0c2c51e8 refactor(helm): cleanup Grafana dashboard upgrade artifacts 2024-10-24 14:16:40 +02:00
Thibault VINCENT
7d9a3ad505 ci: downgrade artifact actions to v3 2024-10-18 17:54:31 +02:00
Markus Pesch
ff9954126b feat(helm): support custom TLS config 
The following patch adjusts the podMonitor and serviceMonitor resource. The
static configuration `tlsConfig` is replaced so that the TLS configuration can be
configured individually by the user.

The option `insecureSkipVerify: true` has been removed as it is a security risk.
Users also have the option of redefining the `insecureSkipVerify` property
directly via `tlsConfig` if necessary. With regard to the previous rbac auth
option, however, this is superfluous.

Furthermore, the schema, i.e. HTTP or HTTPS, can now be defined to tell
Prometheus which protocol should be used for communication.

The following sample configuration specifies that the x509-certificate-exporter
encrypts requests via HTTPS and the HTTP client must authenticate itself via
HTTPS (client auth).

```yaml
prometheusServiceMonitor:
  tlsConfig:
    caFile: /etc/prometheus/tls/ca/ca.crt
    certFile: /etc/prometheus/tls/app2app/tls.crt
    keyFile: /etc/prometheus/tls/app2app/tls.key
    insecureSkipVerify: false
    serverName: prometheus-x509-certificate-exporter

prometheusPodMonitor:
  tlsConfig:
    caFile: /etc/prometheus/tls/ca/ca.crt
    certFile: /etc/prometheus/tls/app2app/tls.crt
    keyFile: /etc/prometheus/tls/app2app/tls.key
    insecureSkipVerify: false
    serverName: prometheus-x509-certificate-exporter
```

Important Note: The `serverName` attribute must correspond to the CommonName or a
Subject Alternative Name (SAN) of the TLS certificate. If this is not the case,
prometheus will reject the connection trying to match the IP address of the pod
with the CommonName / SAN.

The client certificate and private key as well as the certificate of the
certificate authorithy must be mounted additionally via the `extraVolumes` and
`extraVolumeMounts` option. This configuration is not standard and must also be
implemented by the user if TLS client authentication is required.

Signed-off-by: Markus Pesch <markus.pesch@cryptic.systems>
 2024-10-18 17:32:03 +02:00
Thibault VINCENT
645a3cab43 feat: unify log format to use structured logs only 2024-10-18 17:12:50 +02:00