cdoan1/rotate-certificate.sh

## rotate-certificate.sh
#!/bin/bash

function convert() {
    echo $(date -d "$1" "+%s")
}
function dlog() {
    echo $(date -u +"%Y-%m-%d-%I:%M:%S") $1
}

for certificate in $(oc get certificate -n default -o name)
do
    _before=$(oc get $certificate -n default -ojson | jq -r ".status.notBefore")
    _renew=$(oc get $certificate -n default -ojson | jq -r ".status.renewalTime")
    _DELTA=$(expr $(convert $_renew) - $(convert $_before))

    _a=$((_DELTA/3600))
    _b=$((_a - 4))
    _renewBefore=$_b

    dlog " delta           : $_DELTA"
    dlog " set renewBefore : $_renewBefore"
    oc patch $certificate -n default --patch '
- op: replace
  path: /spec/renewBefore
  value: '$_renewBefore'h
- op: replace
  path: /spec/duration
  value: '$_a'h
' --type=json

done
	#!/bin/bash

	function convert() {
	echo $(date -d "$1" "+%s")
	}
	function dlog() {
	echo $(date -u +"%Y-%m-%d-%I:%M:%S") $1
	}

	for certificate in $(oc get certificate -n default -o name)
	do
	_before=$(oc get $certificate -n default -ojson \| jq -r ".status.notBefore")
	_renew=$(oc get $certificate -n default -ojson \| jq -r ".status.renewalTime")
	_DELTA=$(expr $(convert $_renew) - $(convert $_before))

	_a=$((_DELTA/3600))
	_b=$((_a - 4))
	_renewBefore=$_b

	dlog " delta : $_DELTA"
	dlog " set renewBefore : $_renewBefore"
	oc patch $certificate -n default --patch '
	- op: replace
	path: /spec/renewBefore
	value: '$_renewBefore'h
	- op: replace
	path: /spec/duration
	value: '$_a'h
	' --type=json

	done