From b9bad23e8ca24a67797bf8523f7dee5594561902 Mon Sep 17 00:00:00 2001
From: Will Bollock <wbollock@linode.com>
Date: Wed, 13 Nov 2024 14:19:33 -0500
Subject: [PATCH] chore: add verbose logs for certs found

example output

```
vault-pki-exporter-1  | time="2024-11-13T19:19:01Z" level=info msg="processing batch of certs in loadCerts" batchsize=1
vault-pki-exporter-1  | time="2024-11-13T19:19:01Z" level=info msg="cert found" common_name=my-website.com country="[]" locality="[]" not_after="2025-11-13 19:17:11 +0000 UTC" not_before="2024-11-13 19:16:41 +0000 UTC" organization="[]" organizational_unit="[]" province="[]" serial_number=173416855333172776412784710165212082532478286322
vault-pki-exporter-1  | time="2024-11-13T19:19:01Z" level=info msg="cert found" common_name=www.my-website.com country="[]" locality="[]" not_after="2024-11-16 19:17:12 +0000 UTC" not_before="2024-11-13 19:16:42 +0000 UTC" organization="[]" organizational_unit="[]" province="[]" serial_number=529726630108698805212027385972163988162531905986
vault-pki-exporter-1  | time="2024-11-13T19:19:01Z" level=info msg="cert found" common_name=www.revokme.my-website.com country="[]" locality="[]" not_after="2024-11-16 19:17:12 +0000 UTC" not_before="2024-11-13 19:16:42 +0000 UTC" organization="[]" organizational_unit="[]" province="[]" serial_number=575798736834614521163199043618936418300586073698
```
---
 compose.yaml                |  1 +
 pkg/vault-mon/prometheus.go | 20 ++++++++++++++++++++
 2 files changed, 21 insertions(+)

diff --git a/compose.yaml b/compose.yaml
index 9a51a63..8625139 100644
--- a/compose.yaml
+++ b/compose.yaml
@@ -28,6 +28,7 @@ services:
       - ./vault-pki-exporter
       - --fetch-interval=5s
       - --refresh-interval=5s
+      - --verbose=true
     networks:
       - vault-pki-exporter
     ports:
diff --git a/pkg/vault-mon/prometheus.go b/pkg/vault-mon/prometheus.go
index 051f737..9ffd9f4 100644
--- a/pkg/vault-mon/prometheus.go
+++ b/pkg/vault-mon/prometheus.go
@@ -8,6 +8,8 @@ import (
 	"time"
 
 	log "github.com/aarnaud/vault-pki-exporter/pkg/logger"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/viper"
 
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promauto"
@@ -91,7 +93,20 @@ func PromWatchCerts(pkimon *PKIMon, interval time.Duration) {
 					}
 				}
 				for _, cert := range pki.GetCerts() {
+
 					certlabels := getLabelValues(pkiname, cert)
+
+					if viper.GetBool("verbose") {
+						log.WithFields(logrus.Fields{
+							"organizational_unit": cert.Issuer.OrganizationalUnit,
+							"serial_number":       cert.SerialNumber.String(),
+							"common_name":         cert.Subject.CommonName,
+							"organization":        cert.Subject.Organization,
+							"not_before":          cert.NotBefore,
+							"not_after":           cert.NotAfter,
+						}).Infof("cert found")
+					}
+
 					if _, isRevoked := revokedCerts[cert.SerialNumber.String()]; isRevoked {
 						// in case we have prior existing metrics, clear them for revoked certs
 						// seems fine to run in case the metrics don't exist or are already deleted too
@@ -99,6 +114,11 @@ func PromWatchCerts(pkimon *PKIMon, interval time.Duration) {
 						age.DeleteLabelValues(certlabels...)
 						startdate.DeleteLabelValues(certlabels...)
 						enddate.DeleteLabelValues(certlabels...)
+
+						if viper.GetBool("verbose") {
+							log.WithField("common_name", cert.Subject.CommonName).Infof("cert found to be revoked")
+						}
+
 						continue
 					}