Last active
October 29, 2018 03:21
-
-
Save renier/fe9a96d8accddd6d6f23d6c1e9e96075 to your computer and use it in GitHub Desktop.
OpenWhisk action to take the web hook from IBM Cert Manager and send it to Pager Duty
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const crypto = require('crypto'); | |
const https = require('https'); | |
function main(params) { | |
// Decode JWT data | |
let data = params.data, header, payload, signature, | |
pubKey = new Buffer(params.public_key, 'base64').toString('utf8'); | |
[header, payload, signature] = data.split('.'); | |
// Verify signature | |
verifier = crypto.createVerify('RSA-SHA256'); | |
verifier.update(header + '.' + payload); | |
verifier.end(); | |
header = JSON.parse(new Buffer(header, 'base64').toString('utf8')); | |
payload = JSON.parse(new Buffer(payload, 'base64').toString('utf8')); | |
if (!verifier.verify(pubKey, signature, 'base64')) { | |
throw `Could not verify signature! ${header}; Check algorithm and public key.` | |
} | |
// Create request for pager duty | |
let incident_key = payload.instance_crn, client_url = payload.certificate_manager_url, | |
details = {}, pd_data; | |
details.expiry_date = payload.expiry_date; | |
for (let cert of payload.expiring_certificates) { | |
details[cert.domains] = cert.cert_crn; | |
} | |
pd_data = { | |
service_key: params.pagerduty_key, | |
event_type: 'trigger', | |
incident_key, | |
description: 'A web certificate is expiring', | |
details, | |
client: "My Cert Manager", | |
client_url | |
} | |
const options = { | |
hostname: 'events.pagerduty.com', | |
port: 443, | |
path: '/generic/2010-04-15/create_event.json', | |
method: 'POST', | |
headers: {'Content-Type': 'application/json'} | |
} | |
let promise = new Promise((resolve, reject) => { | |
const req = https.request(options, (res) => { | |
console.log(`PD request statusCode: ${res.statusCode}`) | |
res.on('data', (d) => { | |
console.log('PD response:', d.toString('utf8')); | |
resolve({statusCode: 200, headers:{'Content-Type':'application/json'}, body: { status: 'ok' }}); | |
}); | |
}); | |
req.on('error', (e) => { | |
console.error('PD error:', e); | |
reject(e); | |
}); | |
req.write(JSON.stringify(pd_data)); | |
req.end(); | |
}); | |
return promise; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment