mirror of
https://github.com/Luzifer/promcertcheck.git
synced 2024-11-09 16:30:04 +00:00
Add status logging for checks
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
parent
0642ebfe7a
commit
d686bf1816
GPG key ID:
DC2729FDD34BE99E
4 changed files with 18 additions and 2 deletions
9
cert.go
9
cert.go
|
|
@ -7,6 +7,8 @@ import (
|
||||||
"net/url"
|
"net/url"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
log "github.com/sirupsen/logrus"
|
||||||
)
|
)
|
||||||
|
|
||||||
type probeResult uint
|
type probeResult uint
|
||||||
|
|
@ -37,6 +39,8 @@ func (p probeResult) String() string {
|
||||||
}
|
}
|
||||||
|
|
||||||
func checkCertificate(probeURL *url.URL) (probeResult, *x509.Certificate) {
|
func checkCertificate(probeURL *url.URL) (probeResult, *x509.Certificate) {
|
||||||
|
checkLogger := log.WithFields(log.Fields{"probe_url": probeURL})
|
||||||
|
|
||||||
req, _ := http.NewRequest("HEAD", probeURL.String(), nil)
|
req, _ := http.NewRequest("HEAD", probeURL.String(), nil)
|
||||||
req.Header.Set("User-Agent", fmt.Sprintf("Mozilla/5.0 (compatible; PromCertcheck/%s; +https://github.com/Luzifer/promcertcheck)", version))
|
req.Header.Set("User-Agent", fmt.Sprintf("Mozilla/5.0 (compatible; PromCertcheck/%s; +https://github.com/Luzifer/promcertcheck)", version))
|
||||||
|
|
||||||
|
|
@ -44,6 +48,7 @@ func checkCertificate(probeURL *url.URL) (probeResult, *x509.Certificate) {
|
||||||
switch err.(type) {
|
switch err.(type) {
|
||||||
case nil, redirectFoundError:
|
case nil, redirectFoundError:
|
||||||
default:
|
default:
|
||||||
|
checkLogger.WithError(err).Error("HTTP request failed")
|
||||||
if !strings.Contains(err.Error(), "Found a redirect.") {
|
if !strings.Contains(err.Error(), "Found a redirect.") {
|
||||||
return generalFailure, nil
|
return generalFailure, nil
|
||||||
}
|
}
|
||||||
|
|
@ -67,6 +72,7 @@ func checkCertificate(probeURL *url.URL) (probeResult, *x509.Certificate) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if verifyCert == nil {
|
if verifyCert == nil {
|
||||||
|
checkLogger.Debug("Certificate not found")
|
||||||
return certificateNotFound, nil
|
return certificateNotFound, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -78,12 +84,15 @@ func checkCertificate(probeURL *url.URL) (probeResult, *x509.Certificate) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if !verificationResult {
|
if !verificationResult {
|
||||||
|
checkLogger.Debug("Certificate invalid")
|
||||||
return certificateInvalid, verifyCert
|
return certificateInvalid, verifyCert
|
||||||
}
|
}
|
||||||
|
|
||||||
if verifyCert.NotAfter.Sub(time.Now()) < config.ExpireWarning {
|
if verifyCert.NotAfter.Sub(time.Now()) < config.ExpireWarning {
|
||||||
|
checkLogger.Debug("Certificate expires soon")
|
||||||
return certificateExpiresSoon, verifyCert
|
return certificateExpiresSoon, verifyCert
|
||||||
}
|
}
|
||||||
|
|
||||||
|
checkLogger.Debug("Certificate OK")
|
||||||
return certificateOK, verifyCert
|
return certificateOK, verifyCert
|
||||||
}
|
}
|
||||||
|
|
|
||||||
2
http.go
2
http.go
|
|
@ -4,10 +4,10 @@ package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"log"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
"github.com/flosch/pongo2"
|
"github.com/flosch/pongo2"
|
||||||
|
log "github.com/sirupsen/logrus"
|
||||||
)
|
)
|
||||||
|
|
||||||
func htmlHandler(res http.ResponseWriter, r *http.Request) {
|
func htmlHandler(res http.ResponseWriter, r *http.Request) {
|
||||||
|
|
|
||||||
9
main.go
9
main.go
|
|
@ -3,7 +3,6 @@ package main // import "github.com/Luzifer/promcertcheck"
|
||||||
import (
|
import (
|
||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"fmt"
|
"fmt"
|
||||||
"log"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
@ -13,12 +12,14 @@ import (
|
||||||
"github.com/gorilla/mux"
|
"github.com/gorilla/mux"
|
||||||
"github.com/prometheus/client_golang/prometheus"
|
"github.com/prometheus/client_golang/prometheus"
|
||||||
"github.com/robfig/cron"
|
"github.com/robfig/cron"
|
||||||
|
log "github.com/sirupsen/logrus"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
config = struct {
|
config = struct {
|
||||||
Debug bool `flag:"debug" default:"false" description:"Output debugging data"`
|
Debug bool `flag:"debug" default:"false" description:"Output debugging data"`
|
||||||
ExpireWarning time.Duration `flag:"expire-warning" default:"744h" description:"When to warn about a soon expiring certificate"`
|
ExpireWarning time.Duration `flag:"expire-warning" default:"744h" description:"When to warn about a soon expiring certificate"`
|
||||||
|
LogLevel string `flag:"log-level" default:"info" description:"Verbosity of logs to use (debug, info, warning, error, ...)"`
|
||||||
Probes []string `flag:"probe" default:"" description:"URLs to check for certificate issues"`
|
Probes []string `flag:"probe" default:"" description:"URLs to check for certificate issues"`
|
||||||
}{}
|
}{}
|
||||||
version = "dev"
|
version = "dev"
|
||||||
|
|
@ -42,6 +43,12 @@ func init() {
|
||||||
if err := rconfig.Parse(&config); err != nil {
|
if err := rconfig.Parse(&config); err != nil {
|
||||||
log.Fatalf("Unable to parse CLI parameters: %s", err)
|
log.Fatalf("Unable to parse CLI parameters: %s", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if logLevel, err := log.ParseLevel(config.LogLevel); err == nil {
|
||||||
|
log.SetLevel(logLevel)
|
||||||
|
} else {
|
||||||
|
log.Fatalf("Unable to parse log level: %s", err)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
|
|
|
||||||
BIN
promcertcheck
BIN
promcertcheck
Binary file not shown.
Loading…
Reference in a new issue