Merge pull request #7 from linode-obs/chore/verbose_cert_found_logs

chore(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0

compose.yaml

@@ -28,6 +28,7 @@ services:
       - ./vault-pki-exporter
       - --fetch-interval=5s
       - --refresh-interval=5s
+      - --verbose=true
     networks:
       - vault-pki-exporter
     ports:

pkg/vault-mon/prometheus.go

@@ -8,6 +8,8 @@ import (
 	"time"
 
 	log "github.com/aarnaud/vault-pki-exporter/pkg/logger"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/viper"
 
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
@@ -91,14 +93,32 @@ func PromWatchCerts(pkimon *PKIMon, interval time.Duration) {
 					}
 				}
 				for _, cert := range pki.GetCerts() {
+
 					certlabels := getLabelValues(pkiname, cert)
+
+					if viper.GetBool("verbose") {
+						log.WithFields(logrus.Fields{
+							"organizational_unit": cert.Issuer.OrganizationalUnit,
+							"serial_number":       cert.SerialNumber.String(),
+							"common_name":         cert.Subject.CommonName,
+							"organization":        cert.Subject.Organization,
+							"not_before":          cert.NotBefore,
+							"not_after":           cert.NotAfter,
+						}).Infof("cert found")
+					}
+
 					if _, isRevoked := revokedCerts[cert.SerialNumber.String()]; isRevoked {
 						// in case we have prior existing metrics, clear them for revoked certs
 						// seems fine to run in case the metrics don't exist or are already deleted too
 						expiry.DeleteLabelValues(certlabels...)
 						age.DeleteLabelValues(certlabels...)
 						startdate.DeleteLabelValues(certlabels...)
 						enddate.DeleteLabelValues(certlabels...)
+
+						if viper.GetBool("verbose") {
+							log.WithField("common_name", cert.Subject.CommonName).Infof("cert found to be revoked")
+						}
+
 						continue
 					}