cert-checker

cert-checker allows you to scan for certificates in a kubernetes cluster and alert you via slack when they are set to expire soon.

Parameters

--expires-in-days sets the number of days before the certificates expire to alert
--max-expired-in-days set the number of days after the certificates expire to stop alerting
--min-cert-length-in-days set the minimum number of days a certificate has to be valid for to alert
--slack-webhook defines the webhook URL of the slack app
--namespace can be passed multiple times to define each namespace that the app should scan (for all namespaces provide *)
--environment specifies the environment context for the slack message
--alert-no-flagged-certs enables a slack message for when no certificates are flagged

A slack app must be created for you to deploy this app. You can follow the steps here.

An example of a kubernetes deployment has been provided in deployment/kubernetes.yml which provides a namespace, service account and cronjob.

Name		Name	Last commit message	Last commit date
Latest commit History 34 Commits
.github		.github
deployment		deployment
example		example
.gitignore		.gitignore
Dockerfile		Dockerfile
README.md		README.md
alert_expiring_certs.go		alert_expiring_certs.go
alert_no_flagged_certs.go		alert_no_flagged_certs.go
cert.go		cert.go
check_certs.go		check_certs.go
check_certs_test.go		check_certs_test.go
go.mod		go.mod
go.sum		go.sum
grouped_cert.go		grouped_cert.go
kubernetes.go		kubernetes.go
main.go		main.go
parse_secret.go		parse_secret.go
slack.go		slack.go