luzifer/promcertcheck
1
0
Fork 0
mirror of https://github.com/Luzifer/promcertcheck.git synced 2024-11-09 16:30:04 +00:00
Code Issues Releases Wiki Activity

Some refactorings

Browse source 
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2018-06-04 11:49:36 +02:00
parent ce6a18fbf3
commit 1d1fbb1f43
Signed by: luzifer
GPG key ID: DC2729FDD34BE99E
6 changed files with 62 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
Gopkg.lock generated
View file

@ -1,6 +1,12 @@
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'. # This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
[[projects]]
name = "github.com/Luzifer/go_helpers"
packages = ["str"]
revision = "94b91ff63a5db8e22c4d121e6c5c17b44135be4d"
version = "v2.5.0"
[[projects]] [[projects]]
name = "github.com/Luzifer/rconfig" name = "github.com/Luzifer/rconfig"
packages = ["."] packages = ["."]
@ -124,6 +130,6 @@
[solve-meta] [solve-meta]
analyzer-name = "dep" analyzer-name = "dep"
analyzer-version = 1 analyzer-version = 1
inputs-digest = "9e9921ed070369ec5c66299d9403b1d7dd184332dbf7f7e36c5d1ff493b88216" inputs-digest = "e443e1ce42c6da5794decc9e50a89f0cda1f1e191c2c5582f2443c0342cb6e37"
solver-name = "gps-cdcl" solver-name = "gps-cdcl"
solver-version = 1 solver-version = 1

4
Gopkg.toml
View file

@ -25,6 +25,10 @@
# unused-packages = true # unused-packages = true
[[constraint]]
name = "github.com/Luzifer/go_helpers"
version = "2.5.0"
[[constraint]] [[constraint]]
name = "github.com/Luzifer/rconfig" name = "github.com/Luzifer/rconfig"
version = "1.2.0" version = "1.2.0"

8
cert.go
View file

@ -8,6 +8,7 @@ import (
"strings" "strings"
"time" "time"
"github.com/Luzifer/go_helpers/str"
log "github.com/sirupsen/logrus" log "github.com/sirupsen/logrus"
) )
@ -31,11 +32,10 @@ func (p probeResult) String() string {
return "Certificate invalid / intermediate certificates not present" return "Certificate invalid / intermediate certificates not present"
case certificateNotFound: case certificateNotFound:
return "Did not find a certificate valid for this domain" return "Did not find a certificate valid for this domain"
case generalFailure:
default:
return "Something went wrong in the request" return "Something went wrong in the request"
} }
return "" // This does not happen.
} }
func checkCertificate(probeURL *url.URL) (probeResult, *x509.Certificate) { func checkCertificate(probeURL *url.URL) (probeResult, *x509.Certificate) {
@ -65,7 +65,7 @@ func checkCertificate(probeURL *url.URL) (probeResult, *x509.Certificate) {
for _, cert := range resp.TLS.PeerCertificates { for _, cert := range resp.TLS.PeerCertificates {
wildHost := "*" + host[strings.Index(host, "."):] wildHost := "*" + host[strings.Index(host, "."):]
if !inSlice(cert.DNSNames, host) && !inSlice(cert.DNSNames, wildHost) { if !str.StringInSlice(host, cert.DNSNames) && !str.StringInSlice(wildHost, cert.DNSNames) {
intermediatePool.AddCert(cert) intermediatePool.AddCert(cert)
continue continue
} }

2
http.go
View file

@ -11,7 +11,7 @@ import (
) )
func htmlHandler(res http.ResponseWriter, r *http.Request) { func htmlHandler(res http.ResponseWriter, r *http.Request) {
tplsrc, _ := Asset("display.html") tplsrc := MustAsset("display.html")
template, err := pongo2.FromString(string(tplsrc)) template, err := pongo2.FromString(string(tplsrc))
if err != nil { if err != nil {

49
main.go
View file

@ -1,4 +1,4 @@
package main // import "github.com/Luzifer/promcertcheck" package main
import ( import (
"crypto/tls" "crypto/tls"
@ -44,6 +44,27 @@ type probeMonitor struct {
Certificate *x509.Certificate Certificate *x509.Certificate
} }
func (p *probeMonitor) Update(status probeResult, cert *x509.Certificate) error {
p.Status = status
p.Certificate = cert
p.updatePrometheus(status, cert)
return nil
}
func (p probeMonitor) updatePrometheus(status probeResult, cert *x509.Certificate) {
if cert != nil {
p.Expires.Set(float64(cert.NotAfter.UTC().Unix()))
}
if status == certificateExpiresSoon || status == certificateOK {
p.IsValid.Set(1)
} else {
p.IsValid.Set(0)
}
}
func init() { func init() {
if err := rconfig.Parse(&cfg); err != nil { if err := rconfig.Parse(&cfg); err != nil {
log.Fatalf("Unable to parse CLI parameters: %s", err) log.Fatalf("Unable to parse CLI parameters: %s", err)
@ -174,29 +195,9 @@ func refreshCertificateStatus() {
} }
probeLog.Debug("Probe finished") probeLog.Debug("Probe finished")
if verifyCert != nil { if err := probeMonitors[probeURL.Host].Update(verificationResult, verifyCert); err != nil {
probeMonitors[probeURL.Host].Expires.Set(float64(verifyCert.NotAfter.UTC().Unix())) probeLog.WithError(err).Error("Unable to update probe state")
} return
switch verificationResult {
case certificateExpiresSoon, certificateOK:
probeMonitors[probeURL.Host].IsValid.Set(1)
case certificateInvalid, certificateNotFound:
probeMonitors[probeURL.Host].IsValid.Set(0)
default:
probeMonitors[probeURL.Host].IsValid.Set(0)
}
probeMonitors[probeURL.Host].Status = verificationResult
probeMonitors[probeURL.Host].Certificate = verifyCert
}
}
func inSlice(slice []string, needle string) bool {
for _, i := range slice {
if i == needle {
return true
} }
} }
return false
} }

21
vendor/github.com/Luzifer/go_helpers/str/slice.go generated vendored Normal file
View file

@ -0,0 +1,21 @@
package str
// AppendIfMissing adds a string to a slice when it's not present yet
func AppendIfMissing(slice []string, s string) []string {
for _, e := range slice {
if e == s {
return slice
}
}
return append(slice, s)
}
// StringInSlice checks for the existence of a string in the slice
func StringInSlice(a string, list []string) bool {
for _, b := range list {
if b == a {
return true
}
}
return false
}