Merge branch 'allow-secrets-label-filter' into update-newer-golang-k8s

# Conflicts: # pkg/config/config.go # pkg/controller/controller.go Signed-off-by: ed kim <[email protected]>
cmattoon · Sep 9, 2021 · 3e7d940 · 3e7d940
2 parents 9d281a1 + 2446104
commit 3e7d940
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 10 deletions.
diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -41,6 +41,7 @@ type Config struct {
 	KubeMaster           string
 	MetricsListenAddress string
 	Provider             string
+	LabelSelector        string
 }
 
 func DefaultConfig() *Config {
@@ -51,6 +52,7 @@ func DefaultConfig() *Config {
 		KubeMaster:           "",
 		MetricsListenAddress: "0.0.0.0:9999",
 		Provider:             "aws",
+		LabelSelector:        "",
 	}
 	return cfg
 }
@@ -79,6 +81,12 @@ func (cfg *Config) ParseFlags() error {
 	interval := flag.String("interval",
 		getenv("SCAN_INTERVAL", "30"),
 		"Polling interval")
+
+	labelSelector := flag.String("label-selector",
+		getenv("K8S_LABEL_SELECTOR", ""),
+		"Label selector for secrets to fetch from k8s API",
+	)
+
 	flag.Parse()
 
 	i, err := strconv.Atoi(*interval)
@@ -93,6 +101,7 @@ func (cfg *Config) ParseFlags() error {
 	cfg.KubeMaster = *kubeMaster
 	cfg.MetricsListenAddress = *metricAddr
 	cfg.Provider = "aws"
+	cfg.LabelSelector = *labelSelector
 
 	logLevel, err := log.ParseLevel(*logLevelStr)
 	if err != nil {

diff --git a/pkg/controller/controller.go b/pkg/controller/controller.go
@@ -31,10 +31,11 @@ import (
 
 // Controller is our main struct
 type Controller struct {
-	Interval time.Duration
-	Provider provider.Provider
-	KubeGen  ClientGenerator
-	Context  context.Context
+	Interval      time.Duration
+	Provider      provider.Provider
+	KubeGen       ClientGenerator
+	Context       context.Context
+	LabelSelector string
 }
 
 // NewController initialises above struct
@@ -50,18 +51,19 @@ func NewController(cfg *config.Config) *Controller {
 	}
 
 	ctrl := &Controller{
-		Interval: time.Duration(cfg.Interval) * time.Second,
-		Provider: p,
-		KubeGen:  scg,
-		Context:  context.Background(),
+		Interval:      time.Duration(cfg.Interval) * time.Second,
+		Provider:      p,
+		KubeGen:       scg,
+		Context:       context.Background(),
+		LabelSelector: cfg.LabelSelector,
 	}
 
 	return ctrl
 }
 
 // HandleSecrets loops through all k8s api secrets
 func (c *Controller) HandleSecrets(cli kubernetes.Interface) error {
-	secrets, err := cli.CoreV1().Secrets("").List(c.Context, metav1.ListOptions{})
+	secrets, err := cli.CoreV1().Secrets("").List(c.Context, metav1.ListOptions{LabelSelector: c.LabelSelector})
 	if err != nil {
 		log.Fatalf("Error retrieving secrets: %s", err)
 	}
@@ -93,7 +95,7 @@ func (c *Controller) HandleSecrets(cli kubernetes.Interface) error {
 
 // WatchSecrets listens for secrets that are created and processes them immediately
 func (c *Controller) WatchSecrets(cli kubernetes.Interface) error {
-	watcher, err := cli.CoreV1().Secrets(v1.NamespaceAll).Watch(c.Context, metav1.ListOptions{})
+	watcher, err := cli.CoreV1().Secrets(v1.NamespaceAll).Watch(c.Context, metav1.ListOptions{LabelSelector: c.LabelSelector})
 	if err != nil {
 		log.Errorf("Error retrieving secrets: %s", err)
 		return err