Merge pull request #5 from alphagov/cleanup

Remove old sensu-related code
alphagov · Mar 18, 2019 · 6b37a59 · 6b37a59
2 parents baffe0f + 00da11d
commit 6b37a59
Show file tree

Hide file tree

Showing 11 changed files with 19 additions and 192 deletions.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -14,9 +14,9 @@ PATH
   remote: .
   specs:
     metadata-checker (0.0.1)
+      mixlib-cli (~> 2.0)
       nokogiri (~> 1.6)
       prometheus-client
-      sensu-plugin (~> 1.1)
       sinatra
 
 GEM
@@ -52,15 +52,14 @@ GEM
     ffi (1.10.0)
     gherkin (2.12.2)
       multi_json (~> 1.3)
-    json (1.8.6)
     mini_portile2 (2.4.0)
-    mixlib-cli (1.7.0)
+    mixlib-cli (2.0.1)
     multi_json (1.13.1)
     multi_test (0.1.2)
     mustermann (1.0.3)
     nokogiri (1.10.1)
       mini_portile2 (~> 2.4.0)
-    prometheus-client (0.8.0)
+    prometheus-client (0.9.0)
       quantile (~> 0.2.1)
     quantile (0.2.1)
     r509 (1.0.1)
@@ -86,9 +85,6 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.8.0)
     rspec-support (3.8.0)
-    sensu-plugin (1.4.6)
-      json (< 2.0.0)
-      mixlib-cli (~> 1.5)
     signer (1.8.0)
       nokogiri (>= 1.5.1)
     sinatra (2.0.5)

diff --git a/README.md b/README.md
@@ -1,37 +1,23 @@
-# Metadata Checker
+# Metadata Exporter
 
-This contains three related binares:
-
- - `sensu-metadata-expiry-check`: a sensu check for whether certificates in a SAML metadata URL are expiring soon
- - `sensu-metadata-ocsp-check`: a sensu check for whether certificates in a SAML metadata URL are valid over OCSP, and that they chain to the appropriate CA
- - `prometheus-metadata-exporter`: a prometheus exporter that exports metrics about SAML metadata.
+A prometheus exporter that exports metrics about SAML metadata.
 
 ## Installation
 
-Add this line to your application's Gemfile:
+Install it yourself as:
 
-```ruby
-gem 'metadata-checker'
-```
+    $ gem install metadata-exporter
 
-And then execute:
+## Packaging
 
-    $ bundle
+To generate a package for metadata-exporter:
 
-Or install it yourself as:
+    docker build
 
-    $ gem install metadata-checker
+Then upload the image to the desired repository.
 
 ## Usage
 
-To generate a package that will distribute changes to the
-metadata-checker gem to hub:
-
-* run https://build.ida.digital.cabinet-office.gov.uk/job/package-sensu-client-gems to generate a new package
-* update the version of sensu-client-gems in ida-webops/tools/aptly/packages.yaml
-
-## Prometheus exporter
-
 To run the prometheus exporter:
 
     bundle exec bin/prometheus-metadata-exporter -m METADATA_URL --cas DIRECTORY_OF_CA_CERTIFICATE_FILES
@@ -44,7 +30,7 @@ The following metrics are exported:
 
 ## Contributing
 
-1. Fork it ( https://github.com/[my-github-username]/metadata-ocsp-checker/fork )
+1. Fork it ( https://github.com/[my-github-username]/metadata-exporter/fork )
 2. Create your feature branch (`git checkout -b my-new-feature`)
 3. Commit your changes (`git commit -am 'Add some feature'`)
 4. Push to the branch (`git push origin my-new-feature`)

diff --git a/bin/prometheus-metadata-exporter b/bin/prometheus-metadata-exporter
@@ -1,11 +1,13 @@
 #!/usr/bin/env ruby
 # coding: utf-8
 
+require 'metadata/certificate/certificate_factory'
 require 'metadata/checker'
+require 'metadata/expiry/certificate_result'
+require 'metadata/ocsp/pem_checker'
 require 'metadata/saml/parser'
 require 'metadata/saml/client'
-require 'metadata/expiry/certificate_result'
-require 'mixlib/cli' # pulled in implicitly by the sensu gem
+require 'mixlib/cli'
 require 'prometheus/middleware/exporter'
 require 'sinatra/base'
 

diff --git a/bin/sensu-metadata-expiry-check b/bin/sensu-metadata-expiry-check
diff --git a/bin/sensu-metadata-ocsp-check b/bin/sensu-metadata-ocsp-check
diff --git a/lib/metadata/checker.rb b/lib/metadata/checker.rb
@@ -1,14 +1,5 @@
-require 'metadata/checker/ocsp_checker'
-require 'metadata/checker/expiry_checker'
-
 module Metadata
   module Checker
-    def self.check_ocsp(host, ca_files, signing_ca_files, disable_hostname_verification)
-      OcspChecker.new.check_ocsp(host, ca_files, signing_ca_files, disable_hostname_verification)
-    end
-    def self.check_expiry(host, disable_hostname_verification, warning_threshold_days, critical_threshold_days)
-      ExpiryChecker.new.check_expiry(host, disable_hostname_verification, warning_threshold_days, critical_threshold_days)
-    end
   end
 end
 
diff --git a/lib/metadata/checker/expiry_checker.rb b/lib/metadata/checker/expiry_checker.rb
diff --git a/lib/metadata/checker/ocsp_checker.rb b/lib/metadata/checker/ocsp_checker.rb
diff --git a/metadata-checker.gemspec b/metadata-checker.gemspec
@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "sensu-plugin", "~>1.1"
+  spec.add_dependency "mixlib-cli", "~>2.0"
   spec.add_dependency "nokogiri", "~>1.6"
   spec.add_dependency "prometheus-client"
   spec.add_dependency "sinatra"

diff --git a/prometheus.yml b/prometheus.yml
@@ -1,5 +1,5 @@
 global:
-  scrape_interval:     15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
+  scrape_interval:     5s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
   evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
 
 scrape_configs:

diff --git a/spec/metadata/saml/parser_spec.rb b/spec/metadata/saml/parser_spec.rb
@@ -17,7 +17,7 @@ module SAML
           signed_metadata = sign_metadata(metadata, private_key, public_cert)
           doc = Nokogiri::XML(signed_metadata)
           hash = Parser.new.signing_certificate(doc)
-          expect(hash).to eql({ Base64.strict_encode64(public_cert.to_der) => [Entity.new("metadata_signature", "certificate")]})
+          expect(hash).to eql({ Base64.strict_encode64(public_cert.to_der) => [Entity.new("metadata_signing_certificate")]})
         end
       end