diff options
author | Igor Pashev <pashev.igor@gmail.com> | 2018-10-07 12:33:33 +0300 |
---|---|---|
committer | Igor Pashev <pashev.igor@gmail.com> | 2018-10-07 13:36:23 +0300 |
commit | 3d1d3f7440a1bebe9f82e03747fe558f5f0b5435 (patch) | |
tree | 24a2c91e55e4d336a8e0f44b77b14190b9181bff /modules | |
parent | ee61b02e5411ea769a3b3de8b573d44822f8a577 (diff) | |
download | nixsap-3d1d3f7440a1bebe9f82e03747fe558f5f0b5435.tar.gz |
Add check_aws_s3_file
Diffstat (limited to 'modules')
-rwxr-xr-x | modules/pkgs/check_aws_s3_file/check_aws_s3_file | 163 | ||||
-rw-r--r-- | modules/pkgs/check_aws_s3_file/check_aws_s3_file.conf | 18 | ||||
-rw-r--r-- | modules/pkgs/check_aws_s3_file/default.nix | 22 |
3 files changed, 203 insertions, 0 deletions
diff --git a/modules/pkgs/check_aws_s3_file/check_aws_s3_file b/modules/pkgs/check_aws_s3_file/check_aws_s3_file new file mode 100755 index 0000000..82c8745 --- /dev/null +++ b/modules/pkgs/check_aws_s3_file/check_aws_s3_file @@ -0,0 +1,163 @@ +#!/usr/bin/env bash + +set -euo pipefail + +sizeWarn='' +sizeCrit='' +timeWarn='' +timeCrit='' +bucket='' +key='' + +usage() { + cat <<USAGE + +$0: check objects size and time at Amazon S3 + +Usage: + $0 [options] + +Options: + + -f <path> AWS CLI credentials file + + -b <bucket> S3 bucket name, required + -k <key> object key, e. g. "hosts/foo/bar.gz" + + -s <spec in bytes> object size warning threshold + -S <spec in bytes> object size critical threshold + + -t <spec in sec> object age warning threshold + -T <spec in sec> object age critical threshold + +Examples: + + $0 -b foobucket # check the bucket is available + $0 -b foobucket -k hosts/foo/file.gz + $0 -b foobucket -k hosts/foo/file.gz -t 86400 + $0 -b foobucket -k hosts/foo/file.gz -t 3600: -s 1000: + +USAGE +} + +die () { + echo "$0: " "$@" >&2 + exit 1 +} + +while [ $# -gt 0 ]; do + case "$1" in + -f) export AWS_SHARED_CREDENTIALS_FILE="$2"; shift 2;; + -b) bucket="$2"; shift 2;; + -k) key="$2"; shift 2;; + -s) sizeWarn="$2"; shift 2;; + -S) sizeCrit="$2"; shift 2;; + -t) timeWarn="$2"; shift 2;; + -T) timeCrit="$2"; shift 2;; + -h|--help) usage; exit 1;; + *) die "unsupported argument: $1";; + esac +done + +inrange () { + local r v + local v1 v2 + local outter + local sIFS + + r="$1" + v="$2" + + case "$r" in + @*) outter=true; r="${r/@/}";; + *) outter=false;; + esac + + sIFS=$IFS + + IFS=: + set -- $r + v1=${1-} + v2=${2-} + IFS=$sIFS + + case "$v1" in + $r) v2=$v1; v1=0;; + ~*) v1=;; + esac + + if $outter; then + { [ -n "$v1" ] && [ "$v" -lt "$v1" ]; } || { [ -n "$v2" ] && [ "$v" -gt "$v2" ]; } + else + { [ -z "$v1" ] || [ "$v" -gt "$v1" ]; } && { [ -z "$v2" ] || [ "$v" -lt "$v2" ]; } + fi +} + +humanSize() { + local n u + + n=$1 + for u in B KiB MiB GiB TiB; do + if (( n > 1024 )); then + (( n /= 1024 )) + else + break + fi + done + + echo "${n} ${u}" +} + + +[ -n "$bucket" ] || die "missing S3 bucket" + +if [ -z "$key" ]; then + if out=$(aws s3api head-bucket --bucket "$bucket" 2>&1); then + echo "OK: bucket $bucket exists and is accessible" + exit 0 + else + printf 'CRITICAL: %s\n' "$(echo "$out" | grep .)" + exit 2 + fi +fi + +if ! out=$(aws s3api head-object --bucket "$bucket" --key "$key" 2>&1); then + printf 'UNKNOWN: %s\n' "$(echo "$out" | grep .)" + exit 3 +fi + +json=$out + +size=$(echo "$json" | jq -r .ContentLength) +date=$(echo "$json" | jq -r .LastModified) + +date_s=$(date -d "$date" +%s) +now_s=$(date -d now +%s) +age_s=$((now_s - date_s)) +size_h=$(humanSize "$size") + +stat="size=${size}B;${sizeWarn};${sizeCrit};0 age=${age_s}s;${timeWarn};${timeCrit}" + +if [ -n "$timeCrit" ] && ! inrange "$timeCrit" "$age_s"; then + echo "CRITICAL: last modified $date|$stat" + exit 2 +fi + +if [ -n "$sizeCrit" ] && ! inrange "$sizeCrit" "$size"; then + echo "CRITICAL: size $size_h|$stat" + exit 2 +fi + +if [ -n "$timeWarn" ] && ! inrange "$timeWarn" "$age_s"; then + echo "WARNING: last modified $date|$stat" + exit 1 +fi + +if [ -n "$sizeWarn" ] && ! inrange "$sizeWarn" "$size"; then + echo "WARNING: size $size_h|$stat" + exit 1 +fi + +echo "OK: size $size_h, last modified $date|$stat" +exit 0 + diff --git a/modules/pkgs/check_aws_s3_file/check_aws_s3_file.conf b/modules/pkgs/check_aws_s3_file/check_aws_s3_file.conf new file mode 100644 index 0000000..e2ec2b5 --- /dev/null +++ b/modules/pkgs/check_aws_s3_file/check_aws_s3_file.conf @@ -0,0 +1,18 @@ +object CheckCommand "aws-s3-file" { + import "plugin-check-command" + + command = [ "check_aws_s3_file" ] + + arguments = { + "-f" = "$aws_s3_file_credentials$" + "-b" = "$aws_s3_file_bucket$" + "-k" = "$aws_s3_file_key$" + "-s" = "$aws_s3_file_size_warn$" + "-S" = "$aws_s3_file_size_crit$" + "-t" = "$aws_s3_file_age_warn$" + "-T" = "$aws_s3_file_age_crit$" + } + vars.aws_s3_file_bucket = "$host.name$" + vars.aws_s3_file_key = "$service.name$" +} + diff --git a/modules/pkgs/check_aws_s3_file/default.nix b/modules/pkgs/check_aws_s3_file/default.nix new file mode 100644 index 0000000..df84c79 --- /dev/null +++ b/modules/pkgs/check_aws_s3_file/default.nix @@ -0,0 +1,22 @@ +{ stdenv, pkgs, makeWrapper }: + +stdenv.mkDerivation { + name = "check_aws_s3_file"; + outputs = [ "out" "conf" ]; + unpackPhase = ":"; + nativeBuildInputs = [ makeWrapper ]; + installPhase = '' + mkdir -p $out/bin + + cp ${./check_aws_s3_file} $out/bin/check_aws_s3_file + cp ${./check_aws_s3_file.conf} $conf + + chmod +x "$out/bin/"* + + substituteInPlace "$conf" \ + --replace check_aws_s3_file "$out/bin/check_aws_s3_file" + + wrapProgram "$out/bin/check_aws_s3_file" \ + --prefix PATH : "${pkgs.awscli}/bin:${pkgs.gnugrep}/bin:${pkgs.jq}/bin" + ''; +} |