diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml new file mode 100644 index 0000000..6ec5ec5 --- /dev/null +++ b/.github/workflows/docker.yaml @@ -0,0 +1,39 @@ +name: Docker +on: + push: + tags: + - v*.*.* +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + + +jobs: + build: + + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + - name: Log into registry ${{ env.REGISTRY }} + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + - name: Build and push Docker image + uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c3b4f44 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +__pycache__/* +venv/* \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..d66ecbf --- /dev/null +++ b/Dockerfile @@ -0,0 +1,13 @@ +FROM python:3-alpine + +RUN mkdir -p /usr/src/app + +WORKDIR /usr/src/app +COPY requirements.txt /usr/src/app/ + +RUN pip3 install --no-cache-dir -r requirements.txt +COPY . /usr/src/app + +EXPOSE 50000 +USER 1001 +CMD [ "python", "./main.py" ] \ No newline at end of file diff --git a/main.py b/main.py new file mode 100644 index 0000000..c414ee1 --- /dev/null +++ b/main.py @@ -0,0 +1,38 @@ +from __future__ import print_function +import time +import kubernetes.client +from kubernetes import config +from kubernetes.client.rest import ApiException +from pprint import pprint +import json +from flask import Flask,render_template,Response +from prometheus_client import Gauge,generate_latest + +CONTENT_TYPE_LATEST = str('text/plain; version=0.0.4; charset=utf-8') + +c = Gauge('kube_csr_pending', 'List of unapproved CSR', ['name']) +config.load_kube_config() + +app = Flask(__name__) + +@app.route("/metrics") +def metrics(): + try: + configuration = kubernetes.client.Configuration().get_default_copy() + + with kubernetes.client.ApiClient(configuration) as api_client: + api_instance = kubernetes.client.CertificatesV1beta1Api(api_client) + + certificates = api_instance.list_certificate_signing_request() + for certificate in certificates.items: + if certificate.status.certificate is None: + c.labels(name=certificate.metadata.name).set(1) + else: + c.labels(name=certificate.metadata.name).set(0) + except ApiException as e: + print("Exception when calling CertificatesV1beta1Api->list_certificate_signing_request: %s\n" % e) + except AttributeError: + configuration = Configuration() + configuration.assert_hostname = False + + return Response(generate_latest(), mimetype=CONTENT_TYPE_LATEST) \ No newline at end of file diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..4368d2c --- /dev/null +++ b/requirements.txt @@ -0,0 +1,17 @@ +cachetools==4.2.4 +certifi==2021.10.8 +charset-normalizer==2.0.8 +google-auth==2.3.3 +idna==3.3 +kubernetes==19.15.0 +oauthlib==3.1.1 +pyasn1==0.4.8 +pyasn1-modules==0.2.8 +python-dateutil==2.8.2 +PyYAML==6.0 +requests==2.26.0 +requests-oauthlib==1.3.0 +rsa==4.8 +six==1.16.0 +urllib3==1.26.7 +websocket-client==1.2.1