Merge "Improvements to output adding custom title to certs"

2021-09-24 12:57:05 +00:00 · 2021-09-24 12:57:05 +00:00 · 55c9075d46
commit 55c9075d46
parent bca4390216 83fdbfed87
1 changed files with 26 additions and 10 deletions
--- a/utilities/platform-util/scripts/show-certs.sh
+++ b/utilities/platform-util/scripts/show-certs.sh
@ -118,8 +118,12 @@ PrintCertInfo-fromTlsSecret () {

        kubectl --kubeconfig /etc/kubernetes/admin.conf -n $NAMESPACE get secret $SECRET -o yaml | fgrep tls.crt | fgrep -v "f:tls.crt" | awk '{print $2}' | base64 --decode > $TMP_SECRET_SECRET_FILE

+        if [ ! -z "$NAME" ]; then
+            NAME=$(echo $NAME " / ")
+        fi
+
        echo
-        echo "$BOLD" $NAMESPACE " / " $SECRET " CERTIFICATE:" "$RESET"
+        echo "$BOLD" $NAME $NAMESPACE " / " $SECRET " CERTIFICATE:" "$RESET"
        echo "$BOLD" "------------------------------------------" "$RESET"

        echo -e '\t' "Renewal    \t: " $RENEWAL
@ -162,10 +166,14 @@ PrintCertInfo-fromGenericSecret () {
            fi
        fi

+        if [ ! -z "$NAME" ]; then
+            NAME=$(echo $NAME " / ")
+        fi
+
        echo "$SECRET_VALUE" | base64 --decode > $TMP_GEN_SECRET_FILE

        echo
-        echo "$BOLD" $NAMESPACE " / " $SECRET " / " $SECRETFILE " CERTIFICATE:" "$RESET"
+        echo "$BOLD" $NAME $NAMESPACE " / " $SECRET " / " $SECRETFILE " CERTIFICATE:" "$RESET"
        echo "$BOLD" "------------------------------------------" "$RESET"

        echo -e '\t' "Renewal    \t: " "${RENEWAL}"
@ -360,9 +368,10 @@ PrintCertInfo-fromFile "openstack CA" "/etc/ssl/private/openstack/ca-cert.pem" "
 # OIDC
 PrintCertInfo-for-OIDC-Certificates

-PrintCertInfo-fromGenericSecret "" "monitor" "mon-elastic-services-secrets" "ca.crt"
-PrintCertInfo-fromGenericSecret "" "monitor" "mon-elastic-services-secrets" "ext-ca.crt"
-PrintCertInfo-fromGenericSecret "" "monitor" "mon-elastic-services-secrets" "kibana.crt"
+# analytics certificates
+PrintCertInfo-fromGenericSecret "Internal Analytics CA Certificate" "monitor" "mon-elastic-services-secrets" "ca.crt"
+PrintCertInfo-fromGenericSecret "External Analytics CA Certificate" "monitor" "mon-elastic-services-secrets" "ext-ca.crt"
+PrintCertInfo-fromGenericSecret "External Kibana Certificate" "monitor" "mon-elastic-services-secrets" "kibana.crt"

 # Kubernetes Certificates
 echo
@ -371,7 +380,14 @@ echo "$BOLD" "------------------------------------------" "$RESET"
 echo "Note: 'CERTIFICATES'            are Renewal: ${GREEN}Automatic${RESET}"
 echo "Note: 'CERTIFICATE AUTHORITIES' are Renewal: ${RED}Manual${RESET}"
 echo
+
+# works with stable and experimenal certs subcommand
+kubeadm certs &> /dev/null
+if [ $? -eq 0 ]; then
+    kubeadm certs check-expiration
+else
    kubeadm alpha certs check-expiration
+fi
 echo
 CleanUp
 exit 0