@gazzehamine/armada-watch-agent 1.3.2 → 1.4.0

package/dist/collector.js

@@ -7,8 +7,13 @@ exports.getSystemInfo = getSystemInfo;
 exports.collectMetrics = collectMetrics;
 exports.collectProcesses = collectProcesses;
 exports.collectDockerContainers = collectDockerContainers;
+exports.collectSSLCertificates = collectSSLCertificates;
 const systeminformation_1 = __importDefault(require("systeminformation"));
 const os_1 = __importDefault(require("os"));
+const fs_1 = __importDefault(require("fs"));
+const child_process_1 = require("child_process");
+const util_1 = require("util");
+const execAsync = (0, util_1.promisify)(child_process_1.exec);
 let lastNetworkStats = null;
 let lastDiskStats = null;
 async function getSystemInfo() {
@@ -136,9 +141,16 @@ async function collectMetrics() {
 }
 async function collectProcesses() {
     const processes = await systeminformation_1.default.processes();
+    // Sort by CPU first, then by memory as tiebreaker
+    // Don't filter by cpu > 0 since CPU usage fluctuates rapidly
     return processes.list
-        .filter((p) => p.cpu > 0 || p.mem > 0)
-        .sort((a, b) => b.cpu - a.cpu)
+        .sort((a, b) => {
+        // Sort by CPU descending, then by memory descending
+        if (b.cpu !== a.cpu) {
+            return b.cpu - a.cpu;
+        }
+        return b.mem - a.mem;
+    })
         .slice(0, 20)
         .map((p) => ({
         pid: p.pid,
@@ -207,3 +219,82 @@ async function collectDockerContainers() {
         return [];
     }
 }
+/**
+ * Get SSL certificate information from a PEM file
+ */
+async function getCertificateInfo(certPath, domain) {
+    try {
+        // Read the certificate file
+        const certPem = await fs_1.default.promises.readFile(certPath, 'utf8');
+        // Use openssl command to parse the certificate
+        const { stdout } = await execAsync(`openssl x509 -in "${certPath}" -noout -dates -issuer -serial -text`);
+        // Parse the output
+        const notBeforeMatch = stdout.match(/notBefore=(.+)/);
+        const notAfterMatch = stdout.match(/notAfter=(.+)/);
+        const issuerMatch = stdout.match(/issuer=(.+)/);
+        const serialMatch = stdout.match(/serial=(.+)/);
+        const algMatch = stdout.match(/Signature Algorithm: (.+)/);
+        if (!notBeforeMatch || !notAfterMatch) {
+            return null;
+        }
+        const validFrom = new Date(notBeforeMatch[1]);
+        const validTo = new Date(notAfterMatch[1]);
+        const now = new Date();
+        const daysUntilExpiry = Math.floor((validTo.getTime() - now.getTime()) / (1000 * 60 * 60 * 24));
+        const isExpired = daysUntilExpiry < 0;
+        const isExpiringSoon = daysUntilExpiry <= 30 && daysUntilExpiry >= 0;
+        const isValid = !isExpired && validFrom <= now;
+        return {
+            domain,
+            issuer: issuerMatch ? issuerMatch[1].trim() : 'Unknown',
+            validFrom,
+            validTo,
+            daysUntilExpiry,
+            isValid,
+            isExpired,
+            isExpiringSoon,
+            serialNumber: serialMatch ? serialMatch[1].trim() : 'Unknown',
+            algorithm: algMatch ? algMatch[1].trim() : 'Unknown',
+        };
+    }
+    catch (error) {
+        console.error(`Error reading certificate for ${domain}:`, error);
+        return null;
+    }
+}
+/**
+ * Collect SSL certificate information from Certbot certificates
+ */
+async function collectSSLCertificates() {
+    const certificates = [];
+    const certbotLivePath = '/etc/letsencrypt/live';
+    try {
+        // Check if certbot directory exists
+        if (!fs_1.default.existsSync(certbotLivePath)) {
+            return certificates;
+        }
+        // Read all domain directories
+        const domains = await fs_1.default.promises.readdir(certbotLivePath);
+        for (const domain of domains) {
+            // Skip README file
+            if (domain === 'README')
+                continue;
+            const certPath = `${certbotLivePath}/${domain}/fullchain.pem`;
+            // Check if certificate file exists
+            if (!fs_1.default.existsSync(certPath)) {
+                continue;
+            }
+            const certInfo = await getCertificateInfo(certPath, domain);
+            if (certInfo) {
+                certificates.push(certInfo);
+            }
+        }
+        // Sort by days until expiry (most urgent first)
+        return certificates.sort((a, b) => a.daysUntilExpiry - b.daysUntilExpiry);
+    }
+    catch (error) {
+        // Permission error or certbot not installed
+        console.error('Error collecting SSL certificates:', error);
+        return certificates;
+    }
+}

package/dist/index.js

@@ -8,14 +8,27 @@ const dotenv_1 = __importDefault(require("dotenv"));
 const axios_1 = __importDefault(require("axios"));
 const os_1 = __importDefault(require("os"));
 const collector_1 = require("./collector");
+const fs_1 = require("fs");
+const path_1 = require("path");
 // Load environment variables
 dotenv_1.default.config();
+// Get agent version from package.json
+let AGENT_VERSION = "unknown";
+try {
+    const packageJson = JSON.parse((0, fs_1.readFileSync)((0, path_1.join)(__dirname, "..", "package.json"), "utf-8"));
+    AGENT_VERSION = packageJson.version;
+}
+catch (error) {
+    console.warn("Could not read agent version from package.json");
+}
 const SERVER_URL = process.env.SERVER_URL || "http://localhost:4000";
 const INSTANCE_NAME = process.env.INSTANCE_NAME || os_1.default.hostname();
 const REGION = process.env.REGION || "unknown";
 const INSTANCE_ID = process.env.INSTANCE_ID || os_1.default.hostname();
 const COLLECTION_INTERVAL = parseInt(process.env.COLLECTION_INTERVAL || "10") * 1000;
 let instanceInfo = null;
+let sslCheckCounter = 0;
+const SSL_CHECK_FREQUENCY = 30; // Check SSL every 30 metric collections (e.g., every 5 minutes if collection is 10s)
 async function initializeAgent() {
     try {
         console.log("🔄 Initializing Armada Watch Agent...");
@@ -35,8 +48,10 @@ async function initializeAgent() {
             hostname: sysInfo.hostname,
             cpuModel: sysInfo.cpuModel,
             cpuCores: sysInfo.cpuCores,
+            agentVersion: AGENT_VERSION,
         };
         console.log("✅ Agent initialized successfully");
+        console.log(`📦 Agent version: ${AGENT_VERSION}`);
         console.log(`🔁 Collection interval: ${COLLECTION_INTERVAL / 1000}s`);
     }
     catch (error) {
@@ -49,6 +64,16 @@ async function sendMetrics() {
         const metrics = await (0, collector_1.collectMetrics)();
         const processes = await (0, collector_1.collectProcesses)();
         const dockerContainers = await (0, collector_1.collectDockerContainers)();
+        // Check SSL certificates less frequently (every 5 minutes by default)
+        let sslCertificates = [];
+        sslCheckCounter++;
+        if (sslCheckCounter >= SSL_CHECK_FREQUENCY) {
+            sslCertificates = await (0, collector_1.collectSSLCertificates)();
+            sslCheckCounter = 0;
+            if (sslCertificates.length > 0) {
+                console.log(`🔐 SSL Certificates checked: ${sslCertificates.length} domain(s)`);
+            }
+        }
         const payload = {
             instanceInfo,
             metrics: {
@@ -57,6 +82,7 @@ async function sendMetrics() {
             },
             processes,
             dockerContainers,
+            sslCertificates: sslCertificates.length > 0 ? sslCertificates : undefined,
         };
         await axios_1.default.post(`${SERVER_URL}/api/metrics`, payload, {
             timeout: 5000,

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@gazzehamine/armada-watch-agent",
-  "version": "1.3.2",
-  "description": "Monitoring agent for Armada Watch - EC2 instance monitoring",
+  "version": "1.4.0",
+  "description": "Monitoring agent for Armada Watch - EC2 instance monitoring with SSL certificate tracking",
   "main": "dist/index.js",
   "bin": {
     "armada-watch-agent": "dist/index.js"