List of all secrets does not work in restricted cluster - SSL Exporter needs to scope secret listing to a single namespace where possible

[deviarchscs]

We are running the SSL Exporter in a restricted k8s cluster where we don't have access to all namespaces and all resources.
When we try monitoring a certificate in a k8s secret, the script first try to list every secrets in the cluster. This step is failing with a Forbidden message by the API server.
Listing is done by following line:

ssl_exporter/prober/kubernetes.go

Line 47 in 890c510

secrets, err := client.CoreV1().Secrets("").List(ctx, metav1.ListOptions{FieldSelector: "type=kubernetes.io/tls"})

A solution would be to list secrets ONLY in the particular namespace when it is possible (ie: when the namespace is complete and does not contain any wildcards/regex).