Documentation
¶
Index ¶
- func PrometheusMetricsregister()
- func ValidateConfig(config *Config) bool
- type CertMonitor
- func (certMonitor *CertMonitor) GetCertificateFromRemoteAddress(address string, port int, servername, tlsVersion string) ([]*x509.Certificate, error)
- func (certMonitor *CertMonitor) GetCertificateFromRemoteURL(address string, servername, tlsVersion string) ([]*x509.Certificate, error)
- func (c *CertMonitor) GetHttpClientWithConfiguration() http.Client
- func (c *CertMonitor) GetJWKCertificates(jwkUri string) ([]*CertMonitorJWK, error)
- func (certMonitor *CertMonitor) GetSAMLMetadataCertificates(metadataURL string) ([]*x509.Certificate, error)
- func (certMonitor *CertMonitor) LoadRemoteCertificateMetrics()
- func (certMonitor *CertMonitor) LoadStaticMetrics() error
- func (certMonitor *CertMonitor) ScheduleCheckCertificatesJob()
- type CertMonitorJWK
- type Config
- type RemoteJWKEndpoint
- type RemoteSAMLMetdataEndpoint
- type RemoteTCPTLSEndpoint
- type RemoteTLSEndpoint
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func PrometheusMetricsregister ¶
func PrometheusMetricsregister()
PrometheusMetricsregister Regiter metrics with prometheus
Types ¶
type CertMonitor ¶
type CertMonitor struct {
// contains filtered or unexported fields
}
CertMonitor Cert Monitor Object
func NewCertMonitor ¶
func NewCertMonitor(logger hclog.Logger, config *Config) *CertMonitor
NewCertMonitor Create a new CertMonitor
func (*CertMonitor) GetCertificateFromRemoteAddress ¶
func (certMonitor *CertMonitor) GetCertificateFromRemoteAddress(address string, port int, servername, tlsVersion string) ([]*x509.Certificate, error)
GetCertificateFromRemoteAddress return list of X509 certificate from the remote address
func (*CertMonitor) GetCertificateFromRemoteURL ¶
func (certMonitor *CertMonitor) GetCertificateFromRemoteURL(address string, servername, tlsVersion string) ([]*x509.Certificate, error)
func (*CertMonitor) GetHttpClientWithConfiguration ¶
func (c *CertMonitor) GetHttpClientWithConfiguration() http.Client
GetHttpClientWithConfiguration return http client from CertMonitor Config
func (*CertMonitor) GetJWKCertificates ¶
func (c *CertMonitor) GetJWKCertificates(jwkUri string) ([]*CertMonitorJWK, error)
GetJWKCertificates returns the list of CertMonitorJWK with alg, kid, x5c field
func (*CertMonitor) GetSAMLMetadataCertificates ¶
func (certMonitor *CertMonitor) GetSAMLMetadataCertificates(metadataURL string) ([]*x509.Certificate, error)
GetSAMLMetadataCertificates returns the X509 certificates from the SAML metadata url
func (*CertMonitor) LoadRemoteCertificateMetrics ¶
func (certMonitor *CertMonitor) LoadRemoteCertificateMetrics()
LoadRemoteCertificateMetrics load Certifcate from Remote endpoints
func (*CertMonitor) LoadStaticMetrics ¶
func (certMonitor *CertMonitor) LoadStaticMetrics() error
LoadStaticMetrics loads one time static metric
func (*CertMonitor) ScheduleCheckCertificatesJob ¶
func (certMonitor *CertMonitor) ScheduleCheckCertificatesJob()
ScheduleCheckCertificatesJob Check certificate in Dir
type CertMonitorJWK ¶
type CertMonitorJWK struct {
Certs []*x509.Certificate
Alg string
Kid string
Kty string
}
type Config ¶
type Config struct {
LogFile string `yaml:"log_file"`
LogJSONFormat bool `yaml:"log_json_format"`
// When to alert that certificate will expire
ClockSkewDays int `yaml:"clock_skew_day"`
// Schedule Checks in Hours
ScheduleJobHours int `yaml:"schedule_job_hours"`
// Directory containing certificate to monitor
CertificatesDir string `yaml:"certificate_dir"`
// a list RemoteTLSEndpoint
RemoteTLSEndpoints []*RemoteTLSEndpoint `yaml:"remote_tls_endpoints"`
// A list of RemoteTCPTLSEndpoint
RemoteTCPTLSEndpoints []*RemoteTCPTLSEndpoint `yaml:"remote_tcp_tls_endpoints"`
// A list of RemoteSAMLMetdataEndpoints
RemoteSAMLMetdataEndpoints []*RemoteSAMLMetdataEndpoint `yaml:"remote_saml_metadata_endpoints"`
// A list of RemoteJWKEndpoint
RemoteJWKEndpoints []*RemoteJWKEndpoint `yaml:"remote_jwk_endpoints"`
// Timeout when calling the remote endpoint
RemoteEndpointTimeout int `yaml:"remote_endpoint_timeout"`
// Prometheus metrics port
PrometheusListeningPort int `yaml:"prometheus_listening_port" validate:"required"`
// Skip Tls Validation
SkipTLSValidation bool `yaml:"skip_tls_validation"`
ExpirationDuration time.Duration `yaml:"expiration_warning_duration"`
}
Config has been created
func ParseConfig ¶
ParseConfig Parse config file
type RemoteJWKEndpoint ¶
type RemoteJWKEndpoint struct {
JWKURL string `yaml:"url" validate:"required"`
Alg string `yaml:"alg"`
Kid string `yaml:"kid"`
Kty string `yaml:"kty"`
}
RemoteJWKEndpoint a remote URL exposing JSON Web Keys
type RemoteSAMLMetdataEndpoint ¶
type RemoteSAMLMetdataEndpoint struct {
MetadataURL string `yaml:"url" validate:"required"`
}
RemoteSAMLMetdataEndpoint a remote URL exposing SAML Metadata
type RemoteTCPTLSEndpoint ¶
type RemoteTCPTLSEndpoint struct {
Address string `yaml:"address" validate:"required,omitempty"`
Port int `yaml:"port" validate:"required,omitempty"`
ServerName string `yaml:"servername"`
TlsVersion string `yaml:"tls_version"`
}
RemoteTCPTLSEndpoint a remote tls endpoint to monitor
type RemoteTLSEndpoint ¶
type RemoteTLSEndpoint struct {
Address string `yaml:"address" validate:"required,omitempty"`
ServerName string `yaml:"servername"`
TlsVersion string `yaml:"tls_version"`
}
RemoteTLSEndpoint a remote tls endpoint to monitor
Source Files
Click to show internal directories.
Click to hide internal directories.