fluent-plugin-ssl-check 1.1.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: acb92c3a49bddffabb4e0c3a18903f4d1e4ebabb0a4bde9e4822fd4726c86bc7
4
- data.tar.gz: a4490494cc312a493be34012b70ec1f0d584bc3461d969f7b4c22711a1f57727
3
+ metadata.gz: b2f7b5486c0f7706d4894b8095fdb61bae4ef4c13f737c50b0bd27c84f38d53d
4
+ data.tar.gz: '0186c6d987c747656417d61517e49d45de4a871e2a58dbb27c39aefedd0f1760'
5
5
  SHA512:
6
- metadata.gz: 0c7eb0483748e41e824eceb5cdbeae2e6ec911b5ced44f3b3748bec530f095eee01a9ee2028731d6b80d2c7cedd2b57b831b7fc77ac2abc89c761a8bebe41aa8
7
- data.tar.gz: 0b50f77e08b75158651b553f18c9acb1497bf4ced4d0b95862fd1f034fb67fa10b4df5cd261b1c2f15bdde2d3d300ff5712182b89115a2b897124910bcebedc1
6
+ metadata.gz: 6001e67a1e89cfad9cb37cc826e21b7af532c4ec12d2966fe3e0a3c790cec50ec5d028cd103b7bf105f0f38060db2e8de6f1eb285714d597b01dfe2e47f00a4d
7
+ data.tar.gz: c61103f0171fda24ef6f8323a018f7c012795e258993e46132940b69bcb152e1fdba80ec416105eec93debfe542895a8d1211da006cbaab5d0a28eb3bd4ca233
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- fluent-plugin-ssl-check (1.1.0)
4
+ fluent-plugin-ssl-check (2.0.0)
5
5
  fluentd (>= 0.14.10, < 2)
6
6
 
7
7
  GEM
data/README.md CHANGED
@@ -15,8 +15,7 @@ Example:
15
15
  @type ssl_check
16
16
  tag ssl_check
17
17
 
18
- host my-service.com
19
- port 443
18
+ hosts my-service.com:4443
20
19
 
21
20
  interval 600
22
21
 
@@ -27,12 +26,12 @@ Example:
27
26
 
28
27
  Options are:
29
28
  * tag: Tag to emit events on
30
- * host: host of the service to check
31
- * port: port of the service to check
29
+ * hosts: list of <host>:<port> to check
32
30
  * interval: check every X seconds
33
31
  * ca_path: directory that contains CA files
34
32
  * ca_file: specify a CA file directly
35
33
 
34
+ If no port is specified with host, default port is 443.
36
35
 
37
36
  ## Installation
38
37
 
@@ -48,8 +47,8 @@ Add to Gemfile with:
48
47
  ## Compatibility
49
48
 
50
49
  plugin in 1.x.x will work with:
51
- - ruby >= 2.4.10
52
- - td-agent >= 3.8.1-0
50
+ - ruby >= 2.7.7
51
+ - td-agent >= 4.0.0
53
52
 
54
53
 
55
54
  ## Copyright
@@ -5,7 +5,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
5
 
6
6
  Gem::Specification.new do |spec|
7
7
  spec.name = 'fluent-plugin-ssl-check'
8
- spec.version = '1.1.0'
8
+ spec.version = '2.0.0'
9
9
  spec.authors = ['Thomas Tych']
10
10
  spec.email = ['thomas.tych@gmail.com']
11
11
 
@@ -45,9 +45,7 @@ module Fluent
45
45
  config_param :tag, :string, default: DEFAULT_TAG
46
46
 
47
47
  desc 'Host of the service to check'
48
- config_param :host, :string, default: DEFAULT_HOST
49
- desc 'Port of the service to check'
50
- config_param :port, :integer, default: DEFAULT_PORT
48
+ config_param :hosts, :array, default: [], value_type: :string
51
49
  desc 'Interval for the check execution'
52
50
  config_param :interval, :time, default: DEFAULT_TIME
53
51
  desc 'CA path to load'
@@ -74,17 +72,10 @@ module Fluent
74
72
  super
75
73
 
76
74
  raise Fluent::ConfigError, 'tag can not be empty.' if !tag || tag.empty?
77
- raise Fluent::ConfigError, 'host can not be empty.' if !host || host.empty?
78
- raise Fluent::ConfigError, 'port can not be < 1' if !port || port < 1
75
+ raise Fluent::ConfigError, 'hosts can not be empty.' if !hosts || hosts.empty?
79
76
  raise Fluent::ConfigError, 'interval can not be < 1.' if !interval || interval < 1
80
77
  raise Fluent::ConfigError, 'ca_path should be a dir.' if ca_path && !File.directory?(ca_path)
81
78
  raise Fluent::ConfigError, 'ca_file should be a file.' if ca_file && !File.file?(ca_file)
82
-
83
- @ssl_client = SslClient.new(
84
- host: host, port: port,
85
- ca_path: ca_path, ca_file: ca_file,
86
- timeout: timeout
87
- )
88
79
  end
89
80
  # rubocop:enable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
90
81
 
@@ -94,23 +85,34 @@ module Fluent
94
85
  timer_execute(:ssl_check_timer, interval, repeat: true, &method(:check))
95
86
  end
96
87
 
88
+ # rubocop:disable Lint/SuppressedException
97
89
  def check
98
- ssl_info = fetch_ssl_info
99
-
100
- emit_logs(ssl_info) if log_events
101
- emit_metrics(ssl_info) if metric_events
90
+ hosts.each do |host_full|
91
+ host, port = host_full.split(':')
92
+ port = (port || DEFAULT_PORT).to_i
93
+ ssl_info = fetch_ssl_info(host, port)
94
+ emit_logs(ssl_info) if log_events
95
+ emit_metrics(ssl_info) if metric_events
96
+ rescue StandardError
97
+ end
102
98
  end
99
+ # rubocop:enable Lint/SuppressedException
103
100
 
104
- def fetch_ssl_info
105
- @ssl_client.ssl_info
101
+ def fetch_ssl_info(host, port)
102
+ ssl_client = SslClient.new(
103
+ host: host, port: port,
104
+ ca_path: ca_path, ca_file: ca_file,
105
+ timeout: timeout
106
+ )
107
+ ssl_client.ssl_info
106
108
  end
107
109
 
108
110
  def emit_logs(ssl_info)
109
111
  record = {
110
112
  'timestamp' => ssl_info.time.send("to_#{timestamp_format}"),
111
113
  'status' => ssl_info.status,
112
- 'host' => host,
113
- 'port' => port,
114
+ 'host' => ssl_info.host,
115
+ 'port' => ssl_info.port,
114
116
  'ssl_version' => ssl_info.ssl_version,
115
117
  'ssl_dn' => ssl_info.subject_s,
116
118
  'ssl_not_after' => ssl_info.not_after,
@@ -130,8 +132,8 @@ module Fluent
130
132
  'timestamp' => ssl_info.time.send("to_#{timestamp_format}"),
131
133
  'metric_name' => 'ssl_status',
132
134
  'metric_value' => ssl_info.status,
133
- "#{event_prefix}host" => host,
134
- "#{event_prefix}port" => port,
135
+ "#{event_prefix}host" => ssl_info.host,
136
+ "#{event_prefix}port" => ssl_info.port,
135
137
  "#{event_prefix}ssl_dn" => ssl_info.subject_s,
136
138
  "#{event_prefix}ssl_version" => ssl_info.ssl_version,
137
139
  "#{event_prefix}ssl_not_after" => ssl_info.not_after
@@ -146,8 +148,8 @@ module Fluent
146
148
  'timestamp' => ssl_info.time.send("to_#{timestamp_format}"),
147
149
  'metric_name' => 'ssl_expirency',
148
150
  'metric_value' => ssl_info.expire_in_days,
149
- "#{event_prefix}host" => host,
150
- "#{event_prefix}port" => port,
151
+ "#{event_prefix}host" => ssl_info.host,
152
+ "#{event_prefix}port" => ssl_info.port,
151
153
  "#{event_prefix}ssl_dn" => ssl_info.subject_s
152
154
  }
153
155
  router.emit(tag, Fluent::EventTime.from_time(ssl_info.time), record)
@@ -160,15 +162,19 @@ module Fluent
160
162
  KO = 0
161
163
 
162
164
  attr_reader :time
163
- attr_accessor :cert, :cert_chain, :ssl_version, :error
165
+ attr_accessor :host, :port, :cert, :cert_chain, :ssl_version, :error
164
166
 
165
- def initialize(cert: nil, cert_chain: nil, ssl_version: nil, error: nil, time: Time.now)
167
+ # rubocop:disable Metrics/ParameterLists
168
+ def initialize(host: nil, port: nil, cert: nil, cert_chain: nil, ssl_version: nil, error: nil, time: Time.now)
169
+ @host = host
170
+ @port = port
166
171
  @cert = cert
167
172
  @cert_chain = cert_chain
168
173
  @ssl_version = ssl_version
169
174
  @error = error
170
175
  @time = time
171
176
  end
177
+ # rubocop:enable Metrics/ParameterLists
172
178
 
173
179
  def subject_s
174
180
  cert.subject.to_s if cert&.subject
@@ -214,7 +220,7 @@ module Fluent
214
220
  end
215
221
 
216
222
  def ssl_info
217
- info = SslInfo.new
223
+ info = SslInfo.new(host: host, port: port)
218
224
  begin
219
225
  Timeout.timeout(timeout) do
220
226
  tcp_socket = TCPSocket.open(host, port)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fluent-plugin-ssl-check
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Thomas Tych
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-08-12 00:00:00.000000000 Z
11
+ date: 2023-08-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bump