summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-02-22If a test has a subject used, then use it.Steve Kemp
2018-02-22Allow tests to set a subject.Steve Kemp
This updates the parser, globally, to allow: .... with subject 'xxx'
2018-02-22Removed obsolete code.Steve Kemp
The intention of this series of changes is to allow subjects to be replaced for specific tests. The idea of replacement replaced the idea of a custom-prefix - so I've removed that code before proceeding.
2017-09-22Merge branch 'new-release' into 'master'Jamie Nguyen
New release See merge request !14
2017-09-22New releaseSteve Kemp
2017-09-20Always ensure we send a trailing \n to graphite.Steve Kemp
This is required for the metrics to be submitted correctly.
2017-09-20Merge branch '19-user-agent' into 'master'Jamie Nguyen
Resolve "Can custodian send a user agent string please" Closes #19 See merge request !13
2017-09-20New release19-user-agentSteve Kemp
2017-09-20Update our metric-submission.Steve Kemp
We'll want to handle timeouts more cleanly now, and use TCP.
2017-09-20Added a User-Agent to our HTTP/HTTPS checks.Steve Kemp
2017-08-09Merge branch '13-catch-bogus-dns' into 'master'Patrick J Cherry
Resolve "Custodian temporary DNS failure" Closes #13 See merge request !11
2017-08-08Moved case statement outside timeout block.13-catch-bogus-dnsSteve Kemp
Also removed a redudant `begin`.
2017-08-08Use a case-statement for both kinds of IP-matching.Steve Kemp
2017-08-08Sanity-check DNS on a per-protocol basis.Steve Kemp
When a failure occurs in looking up IPv4 addresses we confirm that, similarly when/if IPv6 lookups fail we confirm that before raising the alert.
2017-08-08Updated to move ignore-dns-failure code into routine.Steve Kemp
That is then tested when resolve-errors are handled.
2017-08-08Added changelog entry for this abomination.Steve Kemp
2017-08-08Ignore bogus DNS results.Steve Kemp
We've had a problem for the past few weeks (?) where we see false DNS errors when making http/https requests with `curb`/`libcurl`. To resolve these issues properly we're going to have to rewrite the code to avoid the current gem. However that is considerable work because of the hole we've back ourself into - wanting to test both IPv4 and IPv6 "properly". We'll have to duplicate that work if we use `net/http`, or even mroe so if we use `open3` and exec `curl -4|-6 ..` For the moment this commit changes how things are handled to deal with the issue we see - which doesn't solve the problem but will mask it. When custodian runs a test it will return a status-code: * Custodian::TestResult::TEST_FAILED * The test failed, such that an alert should be raised. * Custodian::TestResult::TEST_PASSED * The test succeeded, such that any previous alert should be cleared. * Custodian::TestResult::TEST_SKIPPED * Nothing should be done. As the failure we see is very very specific - an exception is thrown of the type `Curl::Err::HostResolutionError` - we can catch that and return `TEST_SKIPPED`. That means that there will be no (urgent) alert. Obviously the potential risk of swallowing all DNS-failures is that a domain might expire and we'd never know. So we'll do a little better than merely skipping the test if there are DNS failures: * If we see a DNS failure. * Then we try to lookup the host as an A & AAAA record. * If that succeeds we decide the issue was bogus. * If that fails then the host legitimately doesn't resolve so we raise an alert. To recap: * If a host fails normally - bogus status-code, or missing text - we behave as we did in the past. * Only in the case of a DNS-error from curb/curl do we go down this horrid path. * Where we try to confirm the error, and swallow it if false. This closes #13.
2017-07-13Merge branch 'only-alert-on-both-dns-errors' into 'master'Steve Kemp
Alert in more detail on DNS failures. See merge request !10
2017-07-13Alert in more detail on DNS failures.Steve Kemp
2017-07-11Merge branch '13-log-dns-errors' into 'master'James Hannah
Updated to log the exact DNS error. See merge request !9
2017-07-11Updated to log the exact DNS error.13-log-dns-errorsSteve Kemp
This is part of #13.
2017-06-26Merge branch '12-reap-old-tests' into 'master'James Carter
Resolve "The redis view of "known_tests" is often out-of-date" Closes #12 See merge request !8
2017-06-26Document previous change.12-reap-old-testsSteve Kemp
2017-06-26Added new cron.daily-task.Steve Kemp
This will prune old tests from the `redis`-alerter - if that alerter isn't used this will be harmless.
2017-04-10Remove username/password prior to testing URL with curb.Steve Kemp
2017-04-10Merge branch '10-support-http-basic-auth' into 'master' James Hannah
Resolve "We should support HTTP-basic auth for HTTP-based status-checks." Closes #10 See merge request !7
2017-04-10Use standard URL username/password holders.10-support-http-basic-authSteve Kemp
Rather than: with auth 'username:password' We use: http://user:pass@example.com/
2017-03-28Added testcases for HTTP basic-auth.Steve Kemp
2017-03-28Support HTTP BASIC-AUthentication.Steve Kemp
Supply this like so: http://example.com/ must run http with auth 'username:passw0rd' with status 200 otherwise 'failure'
2017-03-27Merge branch 'ssl-custom-expiry' into 'master' James Hannah
Allow tests to specify the number of days before an expiring SSL certificate will generate a warning See merge request !5
2017-03-27First stab at allowing custom SSL expiry daysJames Hannah
2017-03-17Merge branch '9-ci-run-tests' into 'master' Chris Elsworth
Resolve "gitlab-ci should run the test-cases." Closes #9 See merge request !6
2017-03-17StyleChris Elsworth
2017-03-17Skip DNS-tests under CI.Steve Kemp
They fail.
2017-03-17Use the -ruby environmentSteve Kemp
2017-03-17Attempt to run the test-cases in the CI environmentSteve Kemp
2017-03-16Merge branch '7-allow-custom-prefixes' into 'master' Jamie Nguyen
Resolve "Allow subject-lines to be prefixed with a custom string." See merge request !4
2017-03-16Bump changelogSteve Kemp
2017-03-16Use the subject-prefix if it is present.Steve Kemp
2017-03-16Added helper for reading a custom-prefix.Steve Kemp
This will allow classification (by human eyes) of raised-alerts.
2017-03-06Merge branch '6-move-to-gitlab-ci' into 'master' James Carter
Move to gitlab-CI. Closes #6 See merge request !3
2017-03-06Don't package for squeeze, silly\!Steve Kemp
2017-03-06Package for squeeze->stretch.Steve Kemp
2017-03-06Move to gitlab-CI.Steve Kemp
This closes #6.
2016-12-19New releaserelease-0.32Steve Kemp
2016-12-19Merge branch '4-show-host-port-when-timing-out' into 'master' Patrick J Cherry
Show host/port when TCP timeout occurs. This is a failure case which is not 100% clear. This closes #4. See merge request !2
2016-12-19Show host/port when TCP timeout occurs.Steve Kemp
This is a failure case which is not 100% clear. This closes #4.
2016-11-04New releaserelease-0.31Steve Kemp
2016-11-03Merge branch '3-send-sni-when-falling-back-to-openssl' into 'master' James Hannah
Send the server-name-indicator (SNI) when falling back to legacy. If ruby-based SSL negotiation fails then we fallback to invoking (horridly!) openssl directly. Until now this didn't send the SNI hostname to connect to, so it could only test the first/default SSL site that was listening upon a given IP address. This commit updates things such that we send the correct hostname, from the URL under-test. Closes #3 See merge request !1
2016-11-03Send the server-name-indicator (SNI) when falling back to legacy.3-send-sni-when-falling-back-to-opensslSteve Kemp
If ruby-based SSL negotiation fails then we fallback to invoking (horridly!) openssl directly. Until now this didn't send the SNI hostname to connect to, so it could only test the first/default SSL site that was listening upon a given IP address. This commit updates things such that we send the correct hostname, from the URL under-test.