From 831715e44cc8c6e9ded99bbd4d496b4d95809c31 Mon Sep 17 00:00:00 2001
From: Mathieu Trossevin <mtrossevin@evolix.fr>
Date: Fri, 7 Jul 2023 11:27:46 +0200
Subject: [PATCH] fix(nagios-nrpe): Fix check_ssl_local output

nrpe read output of plugins from stdout only, if there is no output it
return UNKNOWN regardless of return code.
---
 CHANGELOG.md                              | 1 +
 nagios-nrpe/files/plugins/check_ssl_local | 8 ++++----
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 83e893e6..143d8a65 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -42,6 +42,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
 * nagios-nrpe: remount /usr **after** installing the packages
 * packweb-apache,nagios-nrpe: add missing task and config for PHP 8.2 container
 * potsfix: add missing `localhost.$mydomain` to mydestination
+* nagios-nrpe: check\_ssl\_local now has an output that nrpe can understand when it isn't OK
 
 ### Removed
 
diff --git a/nagios-nrpe/files/plugins/check_ssl_local b/nagios-nrpe/files/plugins/check_ssl_local
index 860ed676..9ccd5965 100755
--- a/nagios-nrpe/files/plugins/check_ssl_local
+++ b/nagios-nrpe/files/plugins/check_ssl_local
@@ -25,7 +25,7 @@ certs_list=$(cat "$certs_list_path" | sed -E 's/(.*)#.*/\1/g' | grep -v -E '^$')
 for cert_path in $certs_list; do
     
     if [ ! -f "$cert_path" ] && [ ! -d "$cert_path" ]; then
-        >&2 echo "Warning: path '$cert_path' is not a file or a directory."
+        echo "Warning: path '$cert_path' is not a file or a directory."
         warning=1
         continue
     fi
@@ -35,21 +35,21 @@ for cert_path in $certs_list; do
     # Check cert expiré (critique)
     if ! openssl x509 -checkend 0 -in "$cert_path" &> /dev/null; then
         critical=1
-        >&2 echo "Critical: Cert '$cert_path' has expired on $enddate."
+        echo "Critical: Cert '$cert_path' has expired on $enddate."
         continue
     fi
 
     # Check cert expire < 10 jours (critique)
     if ! openssl x509 -checkend "$_10_days" -in "$cert_path" &> /dev/null; then
         critical=1
-        >&2 echo "Critical: Cert '$cert_path' will expire on $enddate."
+        echo "Critical: Cert '$cert_path' will expire on $enddate."
         continue
     fi
 
     # Check cert expire < 15 jours (warning)
     if ! openssl x509 -checkend "$_15_days" -in "$cert_path" &> /dev/null; then
         warning=1
-        >&2 echo "Warning: Cert '$cert_path' will expire on $enddate."
+        echo "Warning: Cert '$cert_path' will expire on $enddate."
         continue
     fi