From 415e2e3012cd7f8b7c0ba0c6ddd5a83f377265c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=B3berta=20Andersen?= Date: Fri, 13 Dec 2024 10:37:53 +0000 Subject: [PATCH] fix: Reccomended fixes --- scripts/certs.sh | 34 +++++++++++++++++++++++----------- 1 file changed, 23 insertions(+), 11 deletions(-) diff --git a/scripts/certs.sh b/scripts/certs.sh index e444190853b7c..d85c348829395 100755 --- a/scripts/certs.sh +++ b/scripts/certs.sh @@ -1,5 +1,4 @@ #!/bin/bash -#!/bin/bash set -euo pipefail # Configuration @@ -27,7 +26,7 @@ aws sts get-caller-identity >/dev/null 2>&1 || { echo "Error: AWS credentials no # Fetch certificates pending validation echo "Fetching certificates pending validation..." arns=$(aws acm list-certificates \ - --certificate-statuses PENDING_VALIDATION \ + --certificate-statuses FAILED \ --includes keyTypes=RSA_1024,RSA_2048,RSA_3072,RSA_4096,EC_prime256v1,EC_secp384r1,EC_secp521r1 \ 2>/dev/null | \ jq -r '.CertificateSummaryList[] | .CertificateArn') || \ @@ -39,15 +38,28 @@ if [ -z "$arns" ]; then exit 0 fi for arn in $arns; do - cert=$(aws acm describe-certificate --certificate-arn "$arn" | jq '.Certificate.DomainValidationOptions') - domains=$(echo "$cert" | jq -r '.[] | .DomainName') - INDEX=0 - for i in $domains; do - printf "* Domain Name: $i\n" >>email.md - printf "\t* CNAME_VALUE: $(echo "$cert" | jq -r '.['$INDEX'] | .ResourceRecord | .Name')\n" >>email.md - printf "\t* CNAME_NAME: $(echo "$cert" | jq -r '.['$INDEX'] | .ResourceRecord | .Value')\n\n" >>email.md - let INDEX=${INDEX}+1 - done + # Fetch certificate details + cert=$(aws acm describe-certificate --certificate-arn "$arn" 2>/dev/null) || \ + { echo "Error: Failed to fetch certificate details for $arn"; continue; } + + # Extract validation options + validation_options=$(echo "$cert" | jq -r '.Certificate.DomainValidationOptions') + if [ -z "$validation_options" ] || [ "$validation_options" = "null" ]; then + echo "Warning: No validation options found for $arn" + continue + fi + + # Process each domain + echo "$validation_options" | jq -r ' + to_entries | .[] | @sh "DOMAIN=\(.value.DomainName) NAME=\(.value.ResourceRecord.Name) VALUE=\(.value.ResourceRecord.Value)" + ' | while read -r line; do + eval "$line" + { + printf "* Domain Name: %s\n" "$DOMAIN" + printf "\t* CNAME_VALUE: %s\n" "$NAME" + printf "\t* CNAME_NAME: %s\n\n" "$VALUE" + } >> "$OUTPUT_FILE" || { echo "Error: Failed to write domain details"; exit 1; } + done done printf "Með kveðju\n\nApró ehf." >>email.md