blob: 75970c7a021171c1009ab4644e52d88dccd90c7b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
OpenShift Certificate Expiration Checker
========================================
OpenShift certificate expiration checking. Be warned of certificates
expiring within a configurable window of days, and notified of
certificates which have already expired. Certificates examined
include:
* Master/Node Service Certificates
* Router/Registry Service Certificates from etcd secrets
* Master/Node/Router/Registry/Admin `kubeconfig`s
* Etcd certificates
Requirements
------------
* None
Role Variables
--------------
From this role:
| Name | Default value | Description |
|--------------------------|---------------|-------------------------------------------------------------------------------------|
| `config_base` | `/etc/origin` | Base openshift config directory |
| `warning_days` | `30` | Flag certificates which will expire in this many days from now |
| `show_all` | `False` | Include healthy (non-expired and non-warning) certificates in results |
| `generate_report` | `False` | Generate an HTML report of the expiry check results |
| `save_json_results` | `False` | Save expiry check results as a json file |
| `result_dir` | `/tmp` | Directory in which to put check results and generated reports |
Dependencies
------------
* None
Example Playbook
----------------
```
- name: Check cert expirys
hosts: all
become: yes
gather_facts: no
roles:
- role: openshift_certificate_expiry
```
License
-------
Apache License, Version 2.0
Author Information
------------------
Tim Bielawa (tbielawa@redhat.com)
|
