Skip to content

feat: add an tls option to the tcp-port monitor #5678

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 9 commits into
base: master
Choose a base branch
from
Open

feat: add an tls option to the tcp-port monitor #5678

wants to merge 9 commits into from
+190 −7

Conversation

@rouja
Copy link

@rouja rouja commented Mar 5, 2025
edited
Loading

Tick the checkbox if you understand [x]:

  • I have read and understand the pull request rules.

Description

Add a montior to check tls certificate on TCP connexion with others protocols thant HTTP.

Type of change

  • New feature (non-breaking change which adds functionality)

Checklist

  • My code follows the style guidelines of this project
  • I ran ESLint and other linters for modified files
  • I have performed a self-review of my own code and tested it
  • I have commented my code, particularly in hard-to-understand areas (including JSDoc for methods)
  • My changes generates no new warnings
  • My code needed automated testing. I have added them (this is optional task)

Screenshots

Monitor Configuration

2025-03-05_11-55

Monitor Résults when it's ok

2025-03-05_11-56

Change settings of certificate notification

2025-03-05_11-57

Résult when monitor failed

2025-03-05_11-58

github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 5, 2025
View reviewed changes
@rouja rouja force-pushed the add-simple-tcp-tls-check branch from 9b1e919 to e9fa79e Compare March 5, 2025 11:10
CommanderStorm
CommanderStorm reviewed Mar 7, 2025
View reviewed changes
src/pages/EditMonitor.vue Outdated
<option value="port">
TCP Port
</option>
<option value="tls">
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lets go back a step:
how is this different from TCP Port?
Why can this not be integrated/merged with said monitor?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are absolutely right. We can probably integrate things with this monitor. I think I was afraid of breaking something.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello

I rebased on master and pushed a new proposal. I kept the old commit, but once the proposal is approved, I will squash them. The behavior is slightly different because the probe will not go down when the certificate is about to expire. It will simply send a notification, as with other probes.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

once the proposal is approved, I will squash them

no need to squash (please don't). Makes reviewing a bit harder as I need to do this from scratch every time if you do.

The behavior is slightly different because the probe will not go down when the certificate is about to expire. It will simply send a notification, as with other probes.

If it is indeed expired or non responsive, it should go down. That would be a bug.

@CommanderStorm CommanderStorm added A:monitor Issues or PRs related to monitors pr:please address review comments this PR needs a bit more work to be mergable labels Mar 7, 2025
@rouja rouja force-pushed the add-simple-tcp-tls-check branch 2 times, most recently from 5be2b20 to 2e2acbd Compare March 17, 2025 14:30
CommanderStorm
CommanderStorm requested changes Mar 17, 2025
View reviewed changes
@CommanderStorm CommanderStorm changed the title feat: add TCP tls monitor feat: add an tls option to the tcp-port monitor Mar 17, 2025
@rouja
Copy link
Author

rouja commented Mar 25, 2025

Hello,

I just pushed a new version addressing all your remarks. I hope it’s all good now.

@rouja rouja requested a review from CommanderStorm March 28, 2025 16:20
chakflying
chakflying reviewed Apr 11, 2025
View reviewed changes
@CommanderStorm CommanderStorm added pr:needs review this PR needs a review by maintainers or other community members and removed pr:please address review comments this PR needs a bit more work to be mergable labels Apr 11, 2025
@rouja
Copy link
Author

rouja commented Apr 25, 2025

Hello,

Could I please have an update regarding this PR?

Thank you.

@CommanderStorm
Copy link
Collaborator

CommanderStorm commented Apr 25, 2025
edited
Loading

the update to this PR is that it needs looking at. It is on the to-review list.

Reviewer capacity from my side is severly limited this semester - I am taking 38 ECTS and have a working student job.
Might a while till I get to this. Feel free to help in reviewing, if you'd like ^^

chakflying
chakflying requested changes Apr 26, 2025
View reviewed changes
Copy link
Collaborator

@chakflying chakflying left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested working okay, only comment is that we can be more clear by reporting the TLS error in the message.

image

@rouja rouja force-pushed the add-simple-tcp-tls-check branch from 7bac05b to 1c69b24 Compare April 28, 2025 07:04
@rouja rouja force-pushed the add-simple-tcp-tls-check branch from 5d195f3 to 179d959 Compare May 1, 2025 08:47
@rouja
Copy link
Author

rouja commented Jun 10, 2025

Hello,

Could I please have an update regarding this PR?

Thank you.

@louislam
Copy link
Owner

I am late to this pr. Tested the feature is working fine, just the behaviour of Certificate Expiry Notification is not consistent with HTTPS/HTTP Monitor.

HTTPS/HTTP Monitor's Certificate Expiry Notification:

  • Checked = Check TLS with expiry notifications
  • Unchecked = Still check TLS , but no expiry notifications

This pr's Certificate Expiry Notification:

  • Checked = Check TLS with expiry notifications
  • Unchecked = No TLS checking

Since in http montior, we have the protocol http/https to determine. Maybe we need to add another checkbox to determine whether it is using TLS?

Remark for testing: https://badssl.com/ with port 443.

@louislam louislam added the question Further information is requested label Oct 27, 2025
@louislam louislam added this to the 2.1.0 milestone Oct 27, 2025
@louislam louislam mentioned this pull request Oct 31, 2025
Closed
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chakflying chakflying chakflying approved these changes

@CommanderStorm CommanderStorm Awaiting requested review from CommanderStorm

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

A:monitor Issues or PRs related to monitors pr:needs review this PR needs a review by maintainers or other community members question Further information is requested

Projects

None yet

Milestone

2.1.0

Development

Successfully merging this pull request may close these issues.

4 participants

@rouja @CommanderStorm @louislam @chakflying