airshipctl/docs/source/cli/airshipctl_cluster_check-certificate-expiration.md
guhaneswaran20 dd03db0916 Adds command objects for cluster check-certificate-expiration
Reference:- https://hackmd.io/aGaz7YXSSHybGcyol8vYEw
Previous work:- https://review.opendev.org/#/c/755291/

Below is the complete ordered flow of PS for the feature:
https://review.opendev.org/#/c/760498/ - Cobra command
https://review.opendev.org/#/c/760501/ - Command Objects
https://review.opendev.org/#/c/760504/ - TLS check
https://review.opendev.org/#/c/760517/ - Kubeconf check
https://review.opendev.org/#/c/760532/ - Node check
https://review.opendev.org/#/c/760537/ - Combined Unit tests

Change-Id: Ie0fac7799724b7fb2255e387b7e90b26159bda5c
Relates-To: #391
2020-11-06 13:14:21 +00:00

61 lines
2.0 KiB
Markdown

## airshipctl cluster check-certificate-expiration
Check for expiring TLS certificates, secrets and kubeconfigs in the kubernetes cluster
### Synopsis
Displays a list of certificate expirations from both the management and
workload clusters, or in a self-managed cluster. Checks for TLS Secrets,
kubeconf secrets (which gets created while creating the workload cluster) and
also the node certificates present inside /etc/kubernetes/pki directory for
each node
```
airshipctl cluster check-certificate-expiration [flags]
```
### Examples
```
# To display all the expiring entities in the cluster
airshipctl cluster check-certificate-expiration --kubeconfig testconfig
# To display the entities whose expiration is within threshold of 30 days
airshipctl cluster check-certificate-expiration -t 30 --kubeconfig testconfig
# To output the contents to json (default operation)
airshipctl cluster check-certificate-expiration -o json --kubeconfig testconfig
or
airshipctl cluster check-certificate-expiration --kubeconfig testconfig
# To output the contents to yaml
airshipctl cluster check-certificate-expiration -o yaml --kubeconfig testconfig
# To output the contents whose expiration is within 30 days to yaml
airshipctl cluster check-certificate-expiration -t 30 -o yaml --kubeconfig testconfig
```
### Options
```
-h, --help help for check-certificate-expiration
--kubeconfig string Path to kubeconfig associated with cluster being managed
--kubecontext string Kubeconfig context to be used
-o, --output string Convert output to yaml or json (default "json")
-t, --threshold int The max expiration threshold in days before a certificate is expiring. Displays all the certificates by default (default -1)
```
### Options inherited from parent commands
```
--airshipconf string Path to file for airshipctl configuration. (default "$HOME/.airship/config")
--debug enable verbose output
```
### SEE ALSO
* [airshipctl cluster](airshipctl_cluster.md) - Manage Kubernetes clusters