sensu-plugins-http 2.3.0 → 2.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -1
- data/README.md +4 -2
- data/bin/check-https-cert.rb +33 -9
- data/lib/sensu-plugins-http/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ca57c0e31d8ed570c39220d5e53e58f0f0ab1653
|
4
|
+
data.tar.gz: 4bb90f34c4cbe01c73620dc70d0cee45049f0a9d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 05165b0c233127001b007ca723bd3dec67e911b3f8eb3fa98c65d45421a64c6b69b18c411c5944914a1da0492f2252143297f88df118d0cafc8794b6c381d81b
|
7
|
+
data.tar.gz: b216a8da06a548df33a1a64a8faf70db40524e95928663d40a05624ba7034bf6ebad2529e5b4fe1ad2e0fb5ffd585c6ff5fe56015573db07d5ec4acffa54d726
|
data/CHANGELOG.md
CHANGED
@@ -5,6 +5,11 @@ This CHANGELOG follows the format listed at [Keep A Changelog](http://keepachang
|
|
5
5
|
|
6
6
|
## [Unreleased]
|
7
7
|
|
8
|
+
## [2.4.0] - 2017-06-19
|
9
|
+
### Added
|
10
|
+
- Initial set of tests for `check-https-cert.rb` (@pgporada)
|
11
|
+
- `check-https-cert.rb`: Allow checking for a successfully expired certificate (@pgporada)
|
12
|
+
|
8
13
|
## [2.3.0] - 2017-06-01
|
9
14
|
### Added
|
10
15
|
- check-http.rb: support PUT requests (@majormoses)
|
@@ -134,7 +139,8 @@ This CHANGELOG follows the format listed at [Keep A Changelog](http://keepachang
|
|
134
139
|
### Added
|
135
140
|
- Initial release
|
136
141
|
|
137
|
-
[Unreleased]: https://github.com/sensu-plugins/sensu-plugins-http/compare/2.
|
142
|
+
[Unreleased]: https://github.com/sensu-plugins/sensu-plugins-http/compare/2.4.0...HEAD
|
143
|
+
[2.4.0]: https://github.com/sensu-plugins/sensu-plugins-http/compare/2.3.0...2.4.0
|
138
144
|
[2.3.0]: https://github.com/sensu-plugins/sensu-plugins-http/compare/2.2.0...2.3.0
|
139
145
|
[2.2.0]: https://github.com/sensu-plugins/sensu-plugins-http/compare/2.1.0...2.2.0
|
140
146
|
[2.1.0]: https://github.com/sensu-plugins/sensu-plugins-http/compare/2.0.2...2.1.0
|
data/README.md
CHANGED
@@ -21,10 +21,12 @@
|
|
21
21
|
|
22
22
|
## Usage
|
23
23
|
|
24
|
-
check-head-redirect.rb and check-last-modified.rb can be used in conjunction with AWS to pull configuration from a specific bucket and file.
|
24
|
+
`check-head-redirect.rb` and `check-last-modified.rb` can be used in conjunction with AWS to pull configuration from a specific bucket and file.
|
25
25
|
|
26
26
|
This is helpful if you do not want to configure connection information as an argument to the sensu checks. If a bucket and key are specified that the environment the sensu check executes in has access to, or you provide an AWS key and token, the checks will pull the specified JSON file from S3 and merge the JSON config in to the current check configuration.
|
27
27
|
|
28
|
+
`check-https-cert.rb` can be used to test for valid and successfully expired certs, amongst other things.
|
29
|
+
|
28
30
|
## Installation
|
29
31
|
|
30
32
|
[Installation and Setup](http://sensu-plugins.io/docs/installation_instructions.html)
|
@@ -32,4 +34,4 @@ This is helpful if you do not want to configure connection information as an arg
|
|
32
34
|
## Notes
|
33
35
|
|
34
36
|
### check-http.rb and check-https-cert.rb
|
35
|
-
This check is not really geared to check all of the complexities of ssl which is why there is a separate repo and set of checks for that: https://github.com/sensu-plugins/sensu-plugins-ssl. If you are trying to say verify cert exipiration you will notice that in some cases it does not do what you always expect it to do. For example it might appear that when using using `-k` option you see different expiration times. This is due to the fact that when using `-k` it does not check expiration of all of the certs in the chain. Rather than duplicate this behavior in this check use the other repo where we handle those more complicated ssl checks better. For more information see: https://github.com/sensu-plugins/sensu-plugins-http/issues/67
|
37
|
+
This check is not really geared to check all of the complexities of ssl which is why there is a separate repo and set of checks for that: https://github.com/sensu-plugins/sensu-plugins-ssl. If you are trying to say verify cert exipiration you will notice that in some cases it does not do what you always expect it to do. For example it might appear that when using using `-k` option you see different expiration times. This is due to the fact that when using `-k` it does not check expiration of all of the certs in the chain. Rather than duplicate this behavior in this check use the other repo where we handle those more complicated ssl checks better. For more information see: https://github.com/sensu-plugins/sensu-plugins-http/issues/67
|
data/bin/check-https-cert.rb
CHANGED
@@ -24,11 +24,17 @@
|
|
24
24
|
# Check an insecure certificate that will warn 1 week prior and critical 3 days prior
|
25
25
|
# ./check-https-cert.rb -u https://my.site.com -k -w 7 -c 3
|
26
26
|
#
|
27
|
+
# Check that a certificate has successfully expired
|
28
|
+
# ./check-https-cert.rb -u https://my.site.com -k -e
|
29
|
+
#
|
27
30
|
# NOTES:
|
28
31
|
#
|
29
32
|
# LICENSE:
|
30
33
|
# Copyright 2014 Rhommel Lamas <roml@rhommell.com>
|
31
|
-
# Updated
|
34
|
+
# Updated 2017 Phil Porada <philporada@gmail.com>
|
35
|
+
# - Provide more clear usage documentation and messages
|
36
|
+
# - Added check for successfully expired certificate
|
37
|
+
# - Added long flags
|
32
38
|
# Released under the same terms as Sensu (the MIT license); see LICENSE
|
33
39
|
# for details.
|
34
40
|
#
|
@@ -60,8 +66,16 @@ class CheckHttpCert < Sensu::Plugin::Check::CLI
|
|
60
66
|
default: 25,
|
61
67
|
description: 'Critical EXPIRE days before cert expires'
|
62
68
|
|
69
|
+
option :expired,
|
70
|
+
short: '-e',
|
71
|
+
long: '--expired',
|
72
|
+
boolean: true,
|
73
|
+
description: 'Expect certificate to be expired',
|
74
|
+
default: false
|
75
|
+
|
63
76
|
option :insecure,
|
64
77
|
short: '-k',
|
78
|
+
long: '--insecure',
|
65
79
|
boolean: true,
|
66
80
|
description: 'Enabling insecure connections',
|
67
81
|
default: false
|
@@ -81,14 +95,24 @@ class CheckHttpCert < Sensu::Plugin::Check::CLI
|
|
81
95
|
end
|
82
96
|
days_until = ((@cert.not_after - Time.now) / (60 * 60 * 24)).to_i
|
83
97
|
|
84
|
-
if
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
98
|
+
if config[:expired]
|
99
|
+
if days_until >= 0
|
100
|
+
critical "TLS/SSL certificate expires on #{@cert.not_after} - #{days_until} days left."
|
101
|
+
else
|
102
|
+
ok "TLS/SSL certificate expired #{days_until.abs} days ago."
|
103
|
+
end
|
104
|
+
end
|
105
|
+
|
106
|
+
unless config[:expired]
|
107
|
+
if days_until <= 0
|
108
|
+
critical "TLS/SSL certificate expired #{days_until.abs} days ago."
|
109
|
+
elsif days_until < config[:critical].to_i
|
110
|
+
critical "TLS/SSL certificate expires on #{@cert.not_after} - #{days_until} days left."
|
111
|
+
elsif days_until < config[:warning].to_i
|
112
|
+
warning "TLS/SSL certificate expires on #{@cert.not_after} - #{days_until} days left."
|
113
|
+
else
|
114
|
+
ok "TLS/SSL certificate expires on #{@cert.not_after} - #{days_until} days left."
|
115
|
+
end
|
92
116
|
end
|
93
117
|
rescue
|
94
118
|
critical "Could not connect to #{config[:url]}"
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sensu-plugins-http
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sensu-Plugins and contributors
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-06-
|
11
|
+
date: 2017-06-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: sensu-plugin
|