Comment 1 Alec Warner (RETIRED) 2019-01-01 16:25:22 UTC

I added some tests, but I'm not sure I did it correctly, will audit later.

-A

Comment 2 Alec Warner (RETIRED) 2019-01-02 08:20:12 UTC

(In reply to Alec Warner from comment #1)
> I added some tests, but I'm not sure I did it correctly, will audit later.
> 
> -A

Followup.

1) Each key has to be manually fetched on initial setup. This is done for the 4 keys, but we should consider doing it in check_gpg.

2) Each test needs a unique name, and I believe the current config is not doing this, leading monitoring to essentially only check the last key in teh config. This should be easily fixable.

-A

Comment 3 Alec Warner (RETIRED) 2019-01-02 16:38:45 UTC

(In reply to Alec Warner from comment #2)
> (In reply to Alec Warner from comment #1)
> > I added some tests, but I'm not sure I did it correctly, will audit later.
> > 
> > -A
> 
> Followup.
> 
> 1) Each key has to be manually fetched on initial setup. This is done for
> the 4 keys, but we should consider doing it in check_gpg.
> 
> 2) Each test needs a unique name, and I believe the current config is not
> doing this, leading monitoring to essentially only check the last key in teh
> config. This should be easily fixable.
> 
> -A

2) is fixed and we should get alerts 30days before expiration.

-A