taxilian/check_k8s_certs.sh

## check_k8s_certs.sh
#!/bin/bash

CONTEXT=$1

ALLCERTS=$(kubectl --context $CONTEXT get secret --field-selector type=kubernetes.io/tls -A | tail +2 | awk '{print $1 ":" $2}')

TODAY=$(date +%s)
COL1=30
COL2=10
COL3=15
COLPATTERN="%-${COL1}s %-${COL2}s %-${COL3}s / %s\n"

echo "Context: $CONTEXT"
printf "$COLPATTERN" "EXPIRES" "DAYS LEFT" "NAMESPACE" "TLS SECRET"
for certLine in $ALLCERTS; do

  IFS=":" read -r certNS secretName <<< "$certLine"

  EXPINFO=$(kubectl --context "${CONTEXT}" -n "${certNS}" get secret "${secretName}" -o "jsonpath={.data['tls\.crt']}" | base64 -D | openssl x509 -enddate -noout)

  EXPDATE="${EXPINFO#*notAfter=}"

  EXP_TS=$(date -jf '%b %d %H:%M:%S %Y %Z' "${EXPDATE}" +%s)
  EXP_DAYS=$(((EXP_TS - TODAY) / 86400))

  printf "$COLPATTERN" "${EXPINFO#notAfter=}" "$EXP_DAYS" "${certNS}" "${secretName}"

done
	#!/bin/bash

	CONTEXT=$1

	ALLCERTS=$(kubectl --context $CONTEXT get secret --field-selector type=kubernetes.io/tls -A \| tail +2 \| awk '{print $1 ":" $2}')

	TODAY=$(date +%s)
	COL1=30
	COL2=10
	COL3=15
	COLPATTERN="%-${COL1}s %-${COL2}s %-${COL3}s / %s\n"

	echo "Context: $CONTEXT"
	printf "$COLPATTERN" "EXPIRES" "DAYS LEFT" "NAMESPACE" "TLS SECRET"
	for certLine in $ALLCERTS; do

	IFS=":" read -r certNS secretName <<< "$certLine"

	EXPINFO=$(kubectl --context "${CONTEXT}" -n "${certNS}" get secret "${secretName}" -o "jsonpath={.data['tls\.crt']}" \| base64 -D \| openssl x509 -enddate -noout)

	EXPDATE="${EXPINFO#*notAfter=}"

	EXP_TS=$(date -jf '%b %d %H:%M:%S %Y %Z' "${EXPDATE}" +%s)
	EXP_DAYS=$(((EXP_TS - TODAY) / 86400))

	printf "$COLPATTERN" "${EXPINFO#notAfter=}" "$EXP_DAYS" "${certNS}" "${secretName}"

	done