#!/bin/bash
############################################
############################################
LOCK_FILE="/tmp/devops-guardian.lock" LOG_FILE="/var/log/devops-guardian.log" SLACK_WEBHOOK="YOUR_SLACK_WEBHOOK_URL" EMAIL="[email protected]"
ALERTS=""
if [ -f $LOCK_FILE ]; then echo "Script already running. Exiting." exit 1 fi
touch $LOCK_FILE trap "rm -f $LOCK_FILE" EXIT
log() { echo "$(date) : $1" >> $LOG_FILE }
############################################
############################################
check_kubernetes() { log "Checking Kubernetes pods..."
PROBLEM_PODS=$(kubectl get pods -A --no-headers |
grep -E "CrashLoopBackOff|ImagePullBackOff|Error" |
awk '{print $1":"$2}')
if [ ! -z "$PROBLEM_PODS" ]; then ALERTS+="K8s Issues Found:\n$PROBLEM_PODS\n" fi }
############################################
############################################
auto_heal() { if [ ! -z "$PROBLEM_PODS" ]; then log "Auto-healing triggered..."
for entry in $PROBLEM_PODS; do
NAMESPACE=$(echo $entry | cut -d':' -f1)
POD=$(echo $entry | cut -d':' -f2)
kubectl delete pod $POD -n $NAMESPACE
ALERTS+="Restarted pod $POD in $NAMESPACE\n"
log "Restarted pod $POD"
done
fi }
############################################
############################################
check_cost() { log "Checking unused AWS resources..."
UNUSED_VOLUMES=$(aws ec2 describe-volumes
--filters Name=status,Values=available
--query "Volumes[*].VolumeId"
--output text)
if [ ! -z "$UNUSED_VOLUMES" ]; then ALERTS+="Unused EBS Volumes:\n$UNUSED_VOLUMES\n" fi
STOPPED_EC2=$(aws ec2 describe-instances
--query "Reservations[*].Instances[?State.Name=='stopped'].InstanceId"
--output text)
if [ ! -z "$STOPPED_EC2" ]; then ALERTS+="Stopped EC2 Instances:\n$STOPPED_EC2\n" fi }
############################################
############################################
check_security() { log "Checking security misconfigurations..."
OPEN_SG=$(aws ec2 describe-security-groups
--query "SecurityGroups[].IpPermissions[].IpRanges[*].CidrIp"
--output text | grep "0.0.0.0/0")
if [ ! -z "$OPEN_SG" ]; then ALERTS+="Open Security Group (0.0.0.0/0) detected\n" fi
PRIVILEGED_PODS=$(kubectl get pods -A -o jsonpath="{..securityContext.privileged}" | grep true)
if [ ! -z "$PRIVILEGED_PODS" ]; then ALERTS+="Privileged containers detected\n" fi }
############################################
############################################
send_alerts() { if [ ! -z "$ALERTS" ]; then log "Sending alerts..."
# Slack
curl -s -X POST -H 'Content-type: application/json' \
--data "{\"text\":\"$ALERTS\"}" \
$SLACK_WEBHOOK > /dev/null
# Email
echo -e "$ALERTS" | mail -s "DevOps Guardian Alert" $EMAIL
else log "No issues detected." fi }
############################################
############################################
log "Script started"
check_kubernetes auto_heal check_cost check_security send_alerts
log "Script completed"