mirror of
https://github.com/Luzifer/promcertcheck.git
synced 2024-11-09 16:30:04 +00:00
Some refactorings
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
parent
ce6a18fbf3
commit
1d1fbb1f43
6 changed files with 62 additions and 30 deletions
8
Gopkg.lock
generated
8
Gopkg.lock
generated
|
@ -1,6 +1,12 @@
|
|||
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
|
||||
|
||||
|
||||
[[projects]]
|
||||
name = "github.com/Luzifer/go_helpers"
|
||||
packages = ["str"]
|
||||
revision = "94b91ff63a5db8e22c4d121e6c5c17b44135be4d"
|
||||
version = "v2.5.0"
|
||||
|
||||
[[projects]]
|
||||
name = "github.com/Luzifer/rconfig"
|
||||
packages = ["."]
|
||||
|
@ -124,6 +130,6 @@
|
|||
[solve-meta]
|
||||
analyzer-name = "dep"
|
||||
analyzer-version = 1
|
||||
inputs-digest = "9e9921ed070369ec5c66299d9403b1d7dd184332dbf7f7e36c5d1ff493b88216"
|
||||
inputs-digest = "e443e1ce42c6da5794decc9e50a89f0cda1f1e191c2c5582f2443c0342cb6e37"
|
||||
solver-name = "gps-cdcl"
|
||||
solver-version = 1
|
||||
|
|
|
@ -25,6 +25,10 @@
|
|||
# unused-packages = true
|
||||
|
||||
|
||||
[[constraint]]
|
||||
name = "github.com/Luzifer/go_helpers"
|
||||
version = "2.5.0"
|
||||
|
||||
[[constraint]]
|
||||
name = "github.com/Luzifer/rconfig"
|
||||
version = "1.2.0"
|
||||
|
|
8
cert.go
8
cert.go
|
@ -8,6 +8,7 @@ import (
|
|||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/Luzifer/go_helpers/str"
|
||||
log "github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
|
@ -31,11 +32,10 @@ func (p probeResult) String() string {
|
|||
return "Certificate invalid / intermediate certificates not present"
|
||||
case certificateNotFound:
|
||||
return "Did not find a certificate valid for this domain"
|
||||
case generalFailure:
|
||||
|
||||
default:
|
||||
return "Something went wrong in the request"
|
||||
}
|
||||
|
||||
return "" // This does not happen.
|
||||
}
|
||||
|
||||
func checkCertificate(probeURL *url.URL) (probeResult, *x509.Certificate) {
|
||||
|
@ -65,7 +65,7 @@ func checkCertificate(probeURL *url.URL) (probeResult, *x509.Certificate) {
|
|||
|
||||
for _, cert := range resp.TLS.PeerCertificates {
|
||||
wildHost := "*" + host[strings.Index(host, "."):]
|
||||
if !inSlice(cert.DNSNames, host) && !inSlice(cert.DNSNames, wildHost) {
|
||||
if !str.StringInSlice(host, cert.DNSNames) && !str.StringInSlice(wildHost, cert.DNSNames) {
|
||||
intermediatePool.AddCert(cert)
|
||||
continue
|
||||
}
|
||||
|
|
2
http.go
2
http.go
|
@ -11,7 +11,7 @@ import (
|
|||
)
|
||||
|
||||
func htmlHandler(res http.ResponseWriter, r *http.Request) {
|
||||
tplsrc, _ := Asset("display.html")
|
||||
tplsrc := MustAsset("display.html")
|
||||
|
||||
template, err := pongo2.FromString(string(tplsrc))
|
||||
if err != nil {
|
||||
|
|
49
main.go
49
main.go
|
@ -1,4 +1,4 @@
|
|||
package main // import "github.com/Luzifer/promcertcheck"
|
||||
package main
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
|
@ -44,6 +44,27 @@ type probeMonitor struct {
|
|||
Certificate *x509.Certificate
|
||||
}
|
||||
|
||||
func (p *probeMonitor) Update(status probeResult, cert *x509.Certificate) error {
|
||||
p.Status = status
|
||||
p.Certificate = cert
|
||||
|
||||
p.updatePrometheus(status, cert)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (p probeMonitor) updatePrometheus(status probeResult, cert *x509.Certificate) {
|
||||
if cert != nil {
|
||||
p.Expires.Set(float64(cert.NotAfter.UTC().Unix()))
|
||||
}
|
||||
|
||||
if status == certificateExpiresSoon || status == certificateOK {
|
||||
p.IsValid.Set(1)
|
||||
} else {
|
||||
p.IsValid.Set(0)
|
||||
}
|
||||
}
|
||||
|
||||
func init() {
|
||||
if err := rconfig.Parse(&cfg); err != nil {
|
||||
log.Fatalf("Unable to parse CLI parameters: %s", err)
|
||||
|
@ -174,29 +195,9 @@ func refreshCertificateStatus() {
|
|||
}
|
||||
probeLog.Debug("Probe finished")
|
||||
|
||||
if verifyCert != nil {
|
||||
probeMonitors[probeURL.Host].Expires.Set(float64(verifyCert.NotAfter.UTC().Unix()))
|
||||
}
|
||||
|
||||
switch verificationResult {
|
||||
case certificateExpiresSoon, certificateOK:
|
||||
probeMonitors[probeURL.Host].IsValid.Set(1)
|
||||
case certificateInvalid, certificateNotFound:
|
||||
probeMonitors[probeURL.Host].IsValid.Set(0)
|
||||
default:
|
||||
probeMonitors[probeURL.Host].IsValid.Set(0)
|
||||
}
|
||||
probeMonitors[probeURL.Host].Status = verificationResult
|
||||
probeMonitors[probeURL.Host].Certificate = verifyCert
|
||||
}
|
||||
}
|
||||
|
||||
func inSlice(slice []string, needle string) bool {
|
||||
for _, i := range slice {
|
||||
if i == needle {
|
||||
return true
|
||||
if err := probeMonitors[probeURL.Host].Update(verificationResult, verifyCert); err != nil {
|
||||
probeLog.WithError(err).Error("Unable to update probe state")
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
|
21
vendor/github.com/Luzifer/go_helpers/str/slice.go
generated
vendored
Normal file
21
vendor/github.com/Luzifer/go_helpers/str/slice.go
generated
vendored
Normal file
|
@ -0,0 +1,21 @@
|
|||
package str
|
||||
|
||||
// AppendIfMissing adds a string to a slice when it's not present yet
|
||||
func AppendIfMissing(slice []string, s string) []string {
|
||||
for _, e := range slice {
|
||||
if e == s {
|
||||
return slice
|
||||
}
|
||||
}
|
||||
return append(slice, s)
|
||||
}
|
||||
|
||||
// StringInSlice checks for the existence of a string in the slice
|
||||
func StringInSlice(a string, list []string) bool {
|
||||
for _, b := range list {
|
||||
if b == a {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
Loading…
Reference in a new issue