Document cleanup command

application/clicommands/CleanupCommand.php

@@ -24,6 +24,10 @@ class CleanupCommand extends Command
  * after the specified period. Any certificates that are no longer used are also removed. This can either be
  * because the associated target has been removed or because it is presenting a new certificate chain.
  *
+ * This command will also remove jobs activities created before the given date/time. Jobs activities are usually
+ * some stats about the job runs performed by the scheduler or/and manually executed using the `scan` and/or
+ * `jobs` command.
+ *
  * USAGE
  *
  * icingacli x509 cleanup [OPTIONS]
@@ -45,6 +49,7 @@ class CleanupCommand extends Command
  */
  public function indexAction()
  {
+ /** @var string $sinceLastScan */
  $sinceLastScan = $this->params->get('since-last-scan', '-1 month');
  $lastScan = $sinceLastScan;
  if ($lastScan[0] !== '-') {
@@ -77,6 +82,11 @@ public function indexAction()
  );
  }
 
+ $query = $conn->delete('x509_job_run', ['start_time < ?' => $sinceLastScan->getTimestamp() * 1000]);
+ if ($query->rowCount() > 0) {
+ Logger::info('Removed %d jobs activities', $query->rowCount());
+ }
+
  CertificateUtils::cleanupNoLongerUsedCertificates($conn);
  } catch (Throwable $err) {
  Logger::error($err);

doc/11-Housekeeping.md

@@ -0,0 +1,38 @@
+# <a id="Datbase Housekeeping"></a>Database Housekeeping
+
+Your database may grow over time and contain some outdated information. Icinga Certificate Monitoring provides you
+the ability to clean up these outdated info in an easy way.
+
+## Certificates and Targets
+
+The default `cleanup` action removes targets whose last scan is older than a certain date/time and certificates that
+are no longer used.
+
+By default, any targets whose last scan is older than `1 month` are removed. The last scan information is always updated
+when scanning a target, regardless of whether a successful connection is made or not. Therefore, targets that have been
+decommissioned or are no longer part of a job configuration are removed after the specified period. Any certificates
+that are no longer used are also removed. This can either be because the associated target has been removed or because
+it is presenting a new certificate chain.
+
+The `cleanup` command will also remove additionally all jobs activities created before the given date/time.
+Jobs activities are usually just some stats about the job runs performed by the scheduler or/and manually
+executed using the [scan](04-Scanning.md#scan-command) and/or [jobs](04-Scanning.md#scheduling-jobs) command.
+
+### Usage
+
+This command can be used like any other Icinga Web cli operations like this: `icingacli x509 cleanup [OPTIONS]`
+
+**Options:**
+
+```
+--since-last-scan=<datetime> Clean up targets whose last scan is older than the specified date/time,
+ which can also be an English textual datetime description like "2 days".
+ Defaults to "1 month".
+```
+
+#### Example
+
+Remove any targets that have not been scanned for at least two months and any certificates that are no longer used.
+```
+icingacli x509 cleanup --since-last-scan="2 months"
+```

phpstan-baseline.neon

@@ -65,31 +65,11 @@ parameters:
  count: 3
  path: application/clicommands/CheckCommand.php
 
- -
- message: "#^Cannot access offset 0 on mixed\\.$#"
- count: 1
- path: application/clicommands/CleanupCommand.php
-
  -
  message: "#^Method Icinga\\\\Module\\\\X509\\\\Clicommands\\\\CleanupCommand\\:\\:indexAction\\(\\) has no return type specified\\.$#"
  count: 1
  path: application/clicommands/CleanupCommand.php
 
- -
- message: "#^Parameter \\#1 \\$datetime of class DateTime constructor expects string, mixed given\\.$#"
- count: 1
- path: application/clicommands/CleanupCommand.php
-
- -
- message: "#^Parameter \\#2 \\.\\.\\.\\$values of function sprintf expects bool\\|float\\|int\\|string\\|null, mixed given\\.$#"
- count: 1
- path: application/clicommands/CleanupCommand.php
-
- -
- message: "#^Part \\$lastScan \\(mixed\\) of encapsed string cannot be cast to string\\.$#"
- count: 1
- path: application/clicommands/CleanupCommand.php
-
  -
  message: "#^Method Icinga\\\\Module\\\\X509\\\\Clicommands\\\\ImportCommand\\:\\:indexAction\\(\\) has no return type specified\\.$#"
  count: 1