fluent-plugin-ssl-check 1.0.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: db98f212ffba0fa6f4caad4e3dcedb88da99d298f1ee2f2e71a42374fdca90df
4
- data.tar.gz: 301dcadeb5f03df68afab76dd3a8c170fea09cb6bd5e5eab5a7d79aa204cf794
3
+ metadata.gz: b2f7b5486c0f7706d4894b8095fdb61bae4ef4c13f737c50b0bd27c84f38d53d
4
+ data.tar.gz: '0186c6d987c747656417d61517e49d45de4a871e2a58dbb27c39aefedd0f1760'
5
5
  SHA512:
6
- metadata.gz: 1efffe3228c31202824cbfb64e85b9c0a72cb54ecf618b23f5270c6f834b41005134df4f2c6880ba53fa84f2aac4763e05084f34dae35c7ee2e964c13e6f2a42
7
- data.tar.gz: 2d993e6609baccf618080b6ec80d764db82a81e5321f6485687ac874c16ab483f0c288a96c8f71ca6a0a3fcf4d68d37bdd1ed26afcb1621ae6b6c42912cbe8bf
6
+ metadata.gz: 6001e67a1e89cfad9cb37cc826e21b7af532c4ec12d2966fe3e0a3c790cec50ec5d028cd103b7bf105f0f38060db2e8de6f1eb285714d597b01dfe2e47f00a4d
7
+ data.tar.gz: c61103f0171fda24ef6f8323a018f7c012795e258993e46132940b69bcb152e1fdba80ec416105eec93debfe542895a8d1211da006cbaab5d0a28eb3bd4ca233
data/.rubocop.yml CHANGED
@@ -8,6 +8,11 @@ AllCops:
8
8
  Gemspec/DevelopmentDependencies:
9
9
  Enabled: false
10
10
 
11
+ Metrics/AbcSize:
12
+ Max: 40
13
+ # Exclude:
14
+ # - lib/fluent/plugin/in_ssl_check.rb
15
+
11
16
  Metrics/BlockLength:
12
17
  Exclude:
13
18
  - fluent-plugin-ssl-check.gemspec
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- fluent-plugin-ssl-check (1.0.0)
4
+ fluent-plugin-ssl-check (2.0.0)
5
5
  fluentd (>= 0.14.10, < 2)
6
6
 
7
7
  GEM
data/README.md CHANGED
@@ -15,8 +15,7 @@ Example:
15
15
  @type ssl_check
16
16
  tag ssl_check
17
17
 
18
- host my-service.com
19
- port 443
18
+ hosts my-service.com:4443
20
19
 
21
20
  interval 600
22
21
 
@@ -27,12 +26,12 @@ Example:
27
26
 
28
27
  Options are:
29
28
  * tag: Tag to emit events on
30
- * host: host of the service to check
31
- * port: port of the service to check
29
+ * hosts: list of <host>:<port> to check
32
30
  * interval: check every X seconds
33
31
  * ca_path: directory that contains CA files
34
32
  * ca_file: specify a CA file directly
35
33
 
34
+ If no port is specified with host, default port is 443.
36
35
 
37
36
  ## Installation
38
37
 
@@ -48,8 +47,8 @@ Add to Gemfile with:
48
47
  ## Compatibility
49
48
 
50
49
  plugin in 1.x.x will work with:
51
- - ruby >= 2.4.10
52
- - td-agent >= 3.8.1-0
50
+ - ruby >= 2.7.7
51
+ - td-agent >= 4.0.0
53
52
 
54
53
 
55
54
  ## Copyright
@@ -5,7 +5,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
5
 
6
6
  Gem::Specification.new do |spec|
7
7
  spec.name = 'fluent-plugin-ssl-check'
8
- spec.version = '1.0.0'
8
+ spec.version = '2.0.0'
9
9
  spec.authors = ['Thomas Tych']
10
10
  spec.email = ['thomas.tych@gmail.com']
11
11
 
@@ -1,6 +1,9 @@
1
1
  # frozen_string_literal: true
2
2
 
3
-
3
+ # extensions for Time class
4
+ # provides formater
5
+ # - to epoch millisecond format
6
+ # - to iso format with millisecond
4
7
  class Time
5
8
  def to_epochmillis
6
9
  (to_f * 1000).to_i
@@ -45,9 +45,7 @@ module Fluent
45
45
  config_param :tag, :string, default: DEFAULT_TAG
46
46
 
47
47
  desc 'Host of the service to check'
48
- config_param :host, :string, default: DEFAULT_HOST
49
- desc 'Port of the service to check'
50
- config_param :port, :integer, default: DEFAULT_PORT
48
+ config_param :hosts, :array, default: [], value_type: :string
51
49
  desc 'Interval for the check execution'
52
50
  config_param :interval, :time, default: DEFAULT_TIME
53
51
  desc 'CA path to load'
@@ -69,24 +67,17 @@ module Fluent
69
67
 
70
68
  helpers :timer
71
69
 
72
- # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
70
+ # rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
73
71
  def configure(conf)
74
72
  super
75
73
 
76
74
  raise Fluent::ConfigError, 'tag can not be empty.' if !tag || tag.empty?
77
- raise Fluent::ConfigError, 'host can not be empty.' if !host || host.empty?
78
- raise Fluent::ConfigError, 'port can not be < 1' if !port || port < 1
75
+ raise Fluent::ConfigError, 'hosts can not be empty.' if !hosts || hosts.empty?
79
76
  raise Fluent::ConfigError, 'interval can not be < 1.' if !interval || interval < 1
80
77
  raise Fluent::ConfigError, 'ca_path should be a dir.' if ca_path && !File.directory?(ca_path)
81
78
  raise Fluent::ConfigError, 'ca_file should be a file.' if ca_file && !File.file?(ca_file)
82
-
83
- @ssl_client = SslClient.new(
84
- host: host, port: port,
85
- ca_path: ca_path, ca_file: ca_file,
86
- timeout: timeout
87
- )
88
79
  end
89
- # rubocop:enable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
80
+ # rubocop:enable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
90
81
 
91
82
  def start
92
83
  super
@@ -94,28 +85,40 @@ module Fluent
94
85
  timer_execute(:ssl_check_timer, interval, repeat: true, &method(:check))
95
86
  end
96
87
 
88
+ # rubocop:disable Lint/SuppressedException
97
89
  def check
98
- ssl_info = fetch_ssl_info
99
-
100
- emit_logs(ssl_info) if log_events
101
- emit_metrics(ssl_info) if metric_events
90
+ hosts.each do |host_full|
91
+ host, port = host_full.split(':')
92
+ port = (port || DEFAULT_PORT).to_i
93
+ ssl_info = fetch_ssl_info(host, port)
94
+ emit_logs(ssl_info) if log_events
95
+ emit_metrics(ssl_info) if metric_events
96
+ rescue StandardError
97
+ end
102
98
  end
99
+ # rubocop:enable Lint/SuppressedException
103
100
 
104
- def fetch_ssl_info
105
- @ssl_client.ssl_info
101
+ def fetch_ssl_info(host, port)
102
+ ssl_client = SslClient.new(
103
+ host: host, port: port,
104
+ ca_path: ca_path, ca_file: ca_file,
105
+ timeout: timeout
106
+ )
107
+ ssl_client.ssl_info
106
108
  end
107
109
 
108
110
  def emit_logs(ssl_info)
109
111
  record = {
110
112
  'timestamp' => ssl_info.time.send("to_#{timestamp_format}"),
111
113
  'status' => ssl_info.status,
112
- 'host' => host,
113
- 'port' => port,
114
+ 'host' => ssl_info.host,
115
+ 'port' => ssl_info.port,
114
116
  'ssl_version' => ssl_info.ssl_version,
115
117
  'ssl_dn' => ssl_info.subject_s,
116
118
  'ssl_not_after' => ssl_info.not_after,
117
119
  'expire_in_days' => ssl_info.expire_in_days
118
120
  }
121
+ record.update('error_class' => ssl_info.error_class) if ssl_info.error_class
119
122
  router.emit(tag, Fluent::EventTime.from_time(ssl_info.time), record)
120
123
  end
121
124
 
@@ -124,21 +127,19 @@ module Fluent
124
127
  emit_metric_expirency(ssl_info)
125
128
  end
126
129
 
127
- # rubocop:disable Metrics/AbcSize
128
130
  def emit_metric_status(ssl_info)
129
131
  record = {
130
132
  'timestamp' => ssl_info.time.send("to_#{timestamp_format}"),
131
133
  'metric_name' => 'ssl_status',
132
134
  'metric_value' => ssl_info.status,
133
- "#{event_prefix}host" => host,
134
- "#{event_prefix}port" => port,
135
+ "#{event_prefix}host" => ssl_info.host,
136
+ "#{event_prefix}port" => ssl_info.port,
135
137
  "#{event_prefix}ssl_dn" => ssl_info.subject_s,
136
138
  "#{event_prefix}ssl_version" => ssl_info.ssl_version,
137
139
  "#{event_prefix}ssl_not_after" => ssl_info.not_after
138
140
  }
139
141
  router.emit(tag, Fluent::EventTime.from_time(ssl_info.time), record)
140
142
  end
141
- # rubocop:enable Metrics/AbcSize
142
143
 
143
144
  def emit_metric_expirency(ssl_info)
144
145
  return if ssl_info.error
@@ -147,8 +148,8 @@ module Fluent
147
148
  'timestamp' => ssl_info.time.send("to_#{timestamp_format}"),
148
149
  'metric_name' => 'ssl_expirency',
149
150
  'metric_value' => ssl_info.expire_in_days,
150
- "#{event_prefix}host" => host,
151
- "#{event_prefix}port" => port,
151
+ "#{event_prefix}host" => ssl_info.host,
152
+ "#{event_prefix}port" => ssl_info.port,
152
153
  "#{event_prefix}ssl_dn" => ssl_info.subject_s
153
154
  }
154
155
  router.emit(tag, Fluent::EventTime.from_time(ssl_info.time), record)
@@ -161,15 +162,19 @@ module Fluent
161
162
  KO = 0
162
163
 
163
164
  attr_reader :time
164
- attr_accessor :cert, :cert_chain, :ssl_version, :error
165
+ attr_accessor :host, :port, :cert, :cert_chain, :ssl_version, :error
165
166
 
166
- def initialize(cert: nil, cert_chain: nil, ssl_version: nil, error: nil, time: Time.now)
167
+ # rubocop:disable Metrics/ParameterLists
168
+ def initialize(host: nil, port: nil, cert: nil, cert_chain: nil, ssl_version: nil, error: nil, time: Time.now)
169
+ @host = host
170
+ @port = port
167
171
  @cert = cert
168
172
  @cert_chain = cert_chain
169
173
  @ssl_version = ssl_version
170
174
  @error = error
171
175
  @time = time
172
176
  end
177
+ # rubocop:enable Metrics/ParameterLists
173
178
 
174
179
  def subject_s
175
180
  cert.subject.to_s if cert&.subject
@@ -193,6 +198,12 @@ module Fluent
193
198
 
194
199
  OK
195
200
  end
201
+
202
+ def error_class
203
+ return unless error
204
+
205
+ error.class.to_s
206
+ end
196
207
  end
197
208
 
198
209
  # ssl client
@@ -208,9 +219,8 @@ module Fluent
208
219
  @timeout = timeout
209
220
  end
210
221
 
211
- # rubocop:disable Metrics/AbcSize
212
222
  def ssl_info
213
- info = SslInfo.new
223
+ info = SslInfo.new(host: host, port: port)
214
224
  begin
215
225
  Timeout.timeout(timeout) do
216
226
  tcp_socket = TCPSocket.open(host, port)
@@ -225,11 +235,10 @@ module Fluent
225
235
  info.ssl_version = ssl_socket.ssl_version
226
236
  end
227
237
  rescue StandardError => e
228
- info.error = e.to_s
238
+ info.error = e
229
239
  end
230
240
  info
231
241
  end
232
- # rubocop:enable Metrics/AbcSize
233
242
 
234
243
  def store
235
244
  OpenSSL::X509::Store.new.tap do |store|
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fluent-plugin-ssl-check
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Thomas Tych
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-08-12 00:00:00.000000000 Z
11
+ date: 2023-08-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bump