From a28d8f7be11a95314f56863cabc2c4d19334aaf1 Mon Sep 17 00:00:00 2001 From: Rob Best Date: Sun, 8 Oct 2017 18:25:40 +0100 Subject: [PATCH] Switch to kingpin flags --- README.md | 10 +++++----- ssl_exporter.go | 22 +++++++++------------- 2 files changed, 14 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index e09ce76..c8876f2 100644 --- a/README.md +++ b/README.md @@ -12,11 +12,11 @@ Whatever it is, the SSL exporter gives you visibility over those dimensions at t Similarly to the blackbox_exporter, visiting [http://localhost:9219/probe?target=https://example.com](http://localhost:9219/probe?target=https://example.com) will return certificate metrics for example.com. The ```ssl_https_connect_success``` metric indicates if the probe has been successful. ## Flags - ./ssl_exporter -help - * __`-tls.insecure`:__ Skip certificate verification (default false). This is insecure but does allow you to collect metrics in the case where a certificate has expired. That being said, I feel that it's more important to catch verification failures than it is to identify an expired certificate, especially as the former includes the latter. - * __`-web.listen-address`:__ The port (default ":9219"). - * __`-web.metrics-path`:__ The path metrics are exposed under (default "/metrics") - * __`-web.probe-path`:__ The path the probe endpoint is exposed under (default "/probe") + ./ssl_exporter --help + * __`--tls.insecure`:__ Skip certificate verification (default false). This is insecure but does allow you to collect metrics in the case where a certificate has expired. That being said, I feel that it's more important to catch verification failures than it is to identify an expired certificate, especially as the former includes the latter. + * __`--web.listen-address`:__ The port (default ":9219"). + * __`--web.metrics-path`:__ The path metrics are exposed under (default "/metrics") + * __`--web.probe-path`:__ The path the probe endpoint is exposed under (default "/probe") ## Metrics Metrics are exported for each certificate in the chain individually. All of the metrics are labelled with the Issuer's Common Name and the Serial ID, which is pretty much a unique identifier. diff --git a/ssl_exporter.go b/ssl_exporter.go index 6b2048c..28470d0 100644 --- a/ssl_exporter.go +++ b/ssl_exporter.go @@ -2,10 +2,8 @@ package main import ( "crypto/tls" - "flag" "fmt" "net/http" - "os" "strconv" "strings" "time" @@ -14,6 +12,7 @@ import ( "github.com/prometheus/client_golang/prometheus/promhttp" "github.com/prometheus/common/log" "github.com/prometheus/common/version" + "gopkg.in/alecthomas/kingpin.v2" ) const ( @@ -203,19 +202,16 @@ func init() { func main() { var ( - showVersion = flag.Bool("version", false, "Print version information") - listenAddress = flag.String("web.listen-address", ":9219", "Address to listen on for web interface and telemetry.") - metricsPath = flag.String("web.metrics-path", "/metrics", "Path under which to expose metrics") - probePath = flag.String("web.probe-path", "/probe", "Path under which to expose the probe endpoint") - insecure = flag.Bool("tls.insecure", false, "Skip certificate verification") + listenAddress = kingpin.Flag("web.listen-address", "Address to listen on for web interface and telemetry.").Default(":9219").String() + metricsPath = kingpin.Flag("web.metrics-path", "Path under which to expose metrics").Default("/metrics").String() + probePath = kingpin.Flag("web.probe-path", "Path under which to expose the probe endpoint").Default("/probe").String() + insecure = kingpin.Flag("tls.insecure", "Skip certificate verification").Default("false").Bool() ) - flag.Parse() - - if *showVersion { - fmt.Fprintln(os.Stdout, version.Print(namespace + "_exporter")) - os.Exit(0) - } + log.AddFlags(kingpin.CommandLine) + kingpin.Version(version.Print(namespace + "_exporter")) + kingpin.HelpFlag.Short('h') + kingpin.Parse() log.Infoln("Starting " + namespace + "_exporter", version.Info()) log.Infoln("Build context", version.BuildContext())