closes #5 closes #6

README.md

@@ -61,10 +61,12 @@ uaac client add prometheus-credhub \
 | `credhub.client-secret`<br />`CREDHUB_EXPORTER_CLIENT_SECRET`               | Yes      |            | Credhub Client Secret                                                                                                                                                                                                                 |
 | `credhub.proxy`<br />`CREDHUB_EXPORTER_PROXY`                               | No       |            | Socks proxy to open before connecting to credub                                                                                                                                                                                       |
 | `credhub.ca-certs-path`<br />`CREDHUB_EXPORTER_CA_CERTS_PATH`               | No       |            | Path to CA certificate to use when connecting credhub                                                                                                                                                                                 |
+| `filters.name-like`<br />`CREDHUB_EXPORTER_FILTER_NAMELIKE`                 | No       |            | Fetch credentials whose name contains the query string (fetch all credentials when empty)                                                                                                                                             |
+| `filters.path`<br />`CREDHUB_EXPORTER_FILTER_PATH`                          | No       |            | Fetch credentials that exist under the provided path (ignored when --filters.name-like is not empty)                                                                                                                                  |
 | `filters.generic-certificates`<br />`CREDHUB_EXPORTER_GENERIC_CERTIFICATES` | No       | `[]`       | Json list of <regexp> to match generic credentials paths that may contains certificates                                                                                                                                               |
-| `metrics.director-name`<br />`CREDHUB_EXPORTER_METRICS_DIRECTOR`            | Yes      | `bosh`     | Director label to be attached to metrics                                                                                                                                                                                              |
+| `metrics.deployment-name`<br />`CREDHUB_EXPORTER_METRICS_DEPLOYMENT`        | Yes      |            | Credhub Bosh Deployment Name to be reported as the `deployment` metric label                                                                                                                                                          |
 | `metrics.namespace`<br />`CREDHUB_EXPORTER_METRICS_NAMESPACE`               | No       | `credhub`  | Metrics Namespace                                                                                                                                                                                                                     |
-| `metrics.environment`<br />`CREDHUB_EXPORTER_METRICS_ENVIRONMENT`           | Yes      |            | Environment label to be attached to metrics                                                                                                                                                                                           |
+| `metrics.environment`<br />`CREDHUB_EXPORTER_METRICS_ENVIRONMENT`           | Yes      |            | Credhub `environment` label to be attached to metrics                                                                                                                                                                                 |
 | `skip-ssl-verify`<br />`CREDHUB_EXPORTER_SKIP_SSL_VERIFY`                   | No       | `false`    | Disable SSL Verify                                                                                                                                                                                                                    |
 | `web.listen-address`<br />`CREDHUB_EXPORTER_WEB_LISTEN_ADDRESS`             | No       | `:9358`    | Address to listen on for web interface and telemetry                                                                                                                                                                                  |
 | `web.telemetry-path`<br />`CREDHUB_EXPORTER_WEB_TELEMETRY_PATH`             | No       | `/metrics` | Path under which to expose Prometheus metrics                                                                                                                                                                                         |

collector.go

@@ -23,6 +23,8 @@ const (
 type CredhubCollector struct {
 	filters                   []*regexp.Regexp
 	cli                       *credhub.CredHub
+	nameLike                  string
+	path                      string
 	credentialMetrics         *prometheus.GaugeVec
 	certificateExpiresMetrics *prometheus.GaugeVec
 	scrapeErrorMetric         prometheus.Gauge
@@ -31,7 +33,7 @@ type CredhubCollector struct {
 
 // NewCredhubCollector -
 func NewCredhubCollector(
-	director string,
+	deployment string,
 	environment string,
 	filters []*regexp.Regexp,
 	cli *credhub.CredHub) *CredhubCollector {
@@ -42,7 +44,7 @@ func NewCredhubCollector(
 			Subsystem:   "credential",
 			Name:        "created_at",
 			Help:        "Number of seconds since 1970 since last rotation of credhub credential",
-			ConstLabels: prometheus.Labels{"environment": environment, "director": director},
+			ConstLabels: prometheus.Labels{"environment": environment, "deployment": deployment},
 		},
 		[]string{"path", "name", "id"},
 	)
@@ -53,7 +55,7 @@ func NewCredhubCollector(
 			Subsystem:   "certificate",
 			Name:        "expires_at",
 			Help:        "Number of seconds since 1970 until certificate will expire",
-			ConstLabels: prometheus.Labels{"environment": environment, "director": director},
+			ConstLabels: prometheus.Labels{"environment": environment, "deployment": deployment},
 		},
 		[]string{"path", "name", "id", "index"},
 	)
@@ -64,7 +66,7 @@ func NewCredhubCollector(
 			Subsystem:   "",
 			Name:        "last_scrap_error",
 			Help:        "Whether the last scrape of Applications metrics from Credhub resulted in an error (1 for error, 0 for success)",
-			ConstLabels: prometheus.Labels{"environment": environment, "director": director},
+			ConstLabels: prometheus.Labels{"environment": environment, "deployment": deployment},
 		},
 	)
 
@@ -74,20 +76,30 @@ func NewCredhubCollector(
 			Subsystem:   "",
 			Name:        "last_scrape_timestamp",
 			Help:        "Number of seconds since 1970 since last scrape of metrics from credhub.",
-			ConstLabels: prometheus.Labels{"environment": environment, "director": director},
+			ConstLabels: prometheus.Labels{"environment": environment, "deployment": deployment},
 		},
 	)
 
 	return &CredhubCollector{
 		cli:                       cli,
 		filters:                   filters,
+		nameLike:                  "",
+		path:                      "",
 		credentialMetrics:         credentialMetrics,
 		certificateExpiresMetrics: certificateExpiresMetrics,
 		scrapeErrorMetric:         scrapeErrorMetric,
 		lastScrapeTimestampMetric: lastScrapeTimesptampMetric,
 	}
 }
 
+func (c CredhubCollector) filterNameLike(name string) {
+	c.nameLike = name
+}
+
+func (c CredhubCollector) filterPath(path string) {
+	c.path = path
+}
+
 func (c CredhubCollector) processCertificates(path string, name string, id string, certificates string) error {
 	data := []byte(certificates)
 	for idx := 1; len(data) != 0; idx++ {
@@ -137,7 +149,19 @@ func (c CredhubCollector) Collect(ch chan<- prometheus.Metric) {
 	c.scrapeErrorMetric.Set(0.0)
 	c.lastScrapeTimestampMetric.Set(float64(time.Now().Unix()))
 
-	results, err := c.cli.FindByPartialName("")
+	var (
+		results credentials.FindResults
+		err     error
+	)
+
+	if c.nameLike != "" {
+		results, err = c.cli.FindByPartialName(c.nameLike)
+	} else if c.path != "" {
+		results, err = c.cli.FindByPath(c.path)
+	} else {
+		results, err = c.cli.FindByPartialName("")
+	}
+
 	if err != nil {
 		log.Errorf("Error fethings credentials from credhub: %s", err.Error())
 		c.scrapeErrorMetric.Set(1.0)

credhub_exporter.go

@@ -35,6 +35,14 @@ var (
 		"credhub.proxy", "Credhub Client Secret ($CREDHUB_EXPORTER_CLIENT_SECRET)",
 	).Envar("CREDHUB_EXPORTER_PROXY").Default("").String()
 
+	filterNameLike = kingpin.Flag(
+		"filters.name-like", "Fetch credentials whose name contains the query string (fetch all credentials when empty)",
+	).Envar("CREDHUB_EXPORTER_FILTER_NAMELIKE").Default("").String()
+
+	filterPath = kingpin.Flag(
+		"filters.path", "Fetch credentials that exist under the provided path (ignored when --filters.name-like is not empty)",
+	).Envar("CREDHUB_EXPORTER_FILTER_PATH").Default("").String()
+
 	genericCertificateFilter = kingpin.Flag(
 		"filters.generic-certificates", "Json list of <regexp> to match generic credentials paths that may contains certificates",
 	).Envar("CREDHUB_EXPORTER_GENERIC_CERTIFICATES").Default("[]").String()
@@ -44,12 +52,12 @@ var (
 	).Envar("CREDHUB_EXPORTER_METRICS_NAMESPACE").Default("credhub").String()
 
 	metricsEnvironment = kingpin.Flag(
-		"metrics.environment", "Environment label to be attached to metrics ($CREDHUB_EXPORTER_METRICS_ENVIRONMENT)",
+		"metrics.environment", "Credhub environment label to be attached to metrics ($CREDHUB_EXPORTER_METRICS_ENVIRONMENT)",
 	).Envar("CREDHUB_EXPORTER_METRICS_ENVIRONMENT").Required().String()
 
-	metricsDirector = kingpin.Flag(
-		"metrics.director-name", "Director label to be attached to metrics ($CREDHUB_EXPORTER_METRICS_DIRECTOR)",
-	).Envar("CREDHUB_EXPORTER_METRICS_DIRECTOR").Required().String()
+	metricsDeployment = kingpin.Flag(
+		"metrics.deployment-name", "Credhub Bosh Deployment Name to be reported as the deployment metric label ($CREDHUB_EXPORTER_METRICS_DEPLOYMENT)",
+	).Envar("CREDHUB_EXPORTER_METRICS_DEPLOYMENT").Required().String()
 
 	skipSSLValidation = kingpin.Flag(
 		"skip-ssl-verify", "Disable SSL Verify ($CREDHUB_EXPORTER_SKIP_SSL_VERIFY)",
@@ -175,8 +183,9 @@ func main() {
 		filters = append(filters, exp)
 	}
 
-	// todo cacert
-	credhubCollector := NewCredhubCollector(*metricsDirector, *metricsEnvironment, filters, credhubCli)
+	credhubCollector := NewCredhubCollector(*metricsDeployment, *metricsEnvironment, filters, credhubCli)
+	credhubCollector.filterNameLike(*filterNameLike)
+	credhubCollector.filterPath(*filterPath)
 	prometheus.MustRegister(credhubCollector)
 
 	handler := prometheusHandler()