* feat: add remote_file probe
* fix: use tls module config
* chore: write http/https tests for probing remote file
* chore: get rid of useless lines
* fix: get rid of useless file download, check body directly
* fix: use checkCertificateMetrics to actually check values
* Rename remote_file to http_file
You can fetch remote content with a lot of different protocols, so I
think it's worth being specific here.
As part of this change I've fixed up some of the logic in the code. I've
also created a separate `http_file` block in the module config.
* Actually include renamed files
---------
Co-authored-by: Anthony LE BERRE <aleberre@veepee.com>
Co-authored-by: Rob Best <rob.best@jetstack.io>
* Fix tcp starttls test for smtp
* Update tcp.go
* Update tcp_test.go
* Update test/tcp.go
Co-authored-by: Rob Best <robertbest89@gmail.com>
* Update tcp_test.go
---------
Co-authored-by: Rob Best <robertbest89@gmail.com>
* Support TLS renegotiation
* Bump version
* Revert version bump
* Extend TLSConfig with renegotiation support
* Update config/config.go - comment formatting
Co-authored-by: Rob Best <robertbest89@gmail.com>
* add dedicated renegotiation example
* Create local NewTLSConfig in order to incorporate local extentions
* go mod tidy
* Move TLS renegotiation parsing into UnmarshalYAML
Co-authored-by: Rob Best <robertbest89@gmail.com>
* Support getting certificate information from a kubeconfig file
* Support relative paths for cluster CA and user certificate in kubeconfig
* Determine relative using filepath.IsAbs
* Make relative path logic actually work, add test. Move all kubeconfig parsing into parsing specific function
The existing implementation consists of a collector that exports
information from a tls.ConnectionState returned by the prober function.
This won't necessarily integrate well with additional probers that
retrieve certs from sources other than a tls handshake (from file, for
instance).
I've made the probing more generically expandable by removing the
collector and instead registering and collecting metrics inside the
prober. This makes it possible to collect the same metrics in a
different way, or collect different metrics depending on the prober.
There are a number of reasons for this change:
- Modules allow a single instance of the exporter to be configured with numerous
different tls configs. Previously you had to run a different exporter for each
combination.
- Adding new and more complicated options to the exporter should be easier with
modules than if I was to go down the route of accepting configuration directly through url params
- I prefer defining a specific prober (https,tcp) over using the URL to guess
what the user wants
