Fix potential panic

Add basic duration comparison

.dockerignore

@@ -1,3 +1,5 @@
 example
+Dockerfile
 .github
 .idea
+.git

Dockerfile

@@ -1,9 +1,13 @@
 # Build the go application into a binary
 FROM golang:alpine as builder
-WORKDIR /app
-ADD . ./
-RUN CGO_ENABLED=0 GOOS=linux go build -mod vendor -a -installsuffix cgo -o gatus .
 RUN apk --update add ca-certificates
+WORKDIR /app
+COPY . ./
+RUN CGO_ENABLED=0 GOOS=linux go build -mod vendor -a -installsuffix cgo -o gatus .
+
+# Run Tests inside docker image if you don't have a configured go environment
+#RUN apk update && apk add --virtual build-dependencies build-base gcc
+#RUN go test ./... -mod vendor
 
 # Run the binary on an empty container
 FROM scratch
@@ -13,4 +17,4 @@ COPY --from=builder /app/static static/
 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
 ENV PORT=8080
 EXPOSE ${PORT}
-ENTRYPOINT ["/gatus"]
+ENTRYPOINT ["/gatus"]

README.md

@@ -26,6 +26,7 @@ core applications: https://status.twinnation.org/
     - [Configuring Slack alerts](#configuring-slack-alerts)
     - [Configuring PagerDuty alerts](#configuring-pagerduty-alerts)
     - [Configuring Twilio alerts](#configuring-twilio-alerts)
+    - [Configuring Mattermost alerts](#configuring-mattermost-alerts)
     - [Configuring custom alerts](#configuring-custom-alerts)
   - [Kubernetes (ALPHA)](#kubernetes-alpha)
     - [Auto Discovery](#auto-discovery)
@@ -48,7 +49,7 @@ The main features of Gatus are:
 - **Highly flexible health check conditions**: While checking the response status may be enough for some use cases, Gatus goes much further and allows you to add conditions on the response time, the response body and even the IP address.
 - **Ability to use Gatus for user acceptance tests**: Thanks to the point above, you can leverage this application to create automated user acceptance tests.
 - **Very easy to configure**: Not only is the configuration designed to be as readable as possible, it's also extremely easy to add a new service or a new endpoint to monitor.
-- **Alerting**: While having a pretty visual dashboard is useful to keep track of the state of your application(s), you probably don't want to stare at it all day. Thus, notifications via Slack, PagerDuty and Twilio are supported out of the box with the ability to configure a custom alerting provider for any needs you might have, whether it be a different provider or a custom application that manages automated rollbacks. 
+- **Alerting**: While having a pretty visual dashboard is useful to keep track of the state of your application(s), you probably don't want to stare at it all day. Thus, notifications via Slack, Mattermost, PagerDuty and Twilio are supported out of the box with the ability to configure a custom alerting provider for any needs you might have, whether it be a different provider or a custom application that manages automated rollbacks. 
 - **Metrics**
 - **Low resource consumption**: As with most Go applications, the resource footprint that this application requires is negligibly small.
 - **Service auto discovery in Kubernetes** (ALPHA)
@@ -95,14 +96,14 @@ Note that you can also add environment variables in the configuration file (i.e.
 | `services`                               | List of services to monitor                                                   | Required `[]`  |
 | `services[].name`                        | Name of the service. Can be anything.                                         | Required `""`  |
 | `services[].url`                         | URL to send the request to                                                    | Required `""`  |
-| `services[].conditions`                  | Conditions used to determine the health of the service                        | `[]`           |
-| `services[].insecure`                    | Whether to skip verifying the server's certificate chain and host name        | `false`        |
-| `services[].interval`                    | Duration to wait between every status check                                   | `60s`          |
 | `services[].method`                      | Request method                                                                | `GET`          |
+| `services[].insecure`                    | Whether to skip verifying the server's certificate chain and host name        | `false`        |
+| `services[].conditions`                  | Conditions used to determine the health of the service                        | `[]`           |
+| `services[].interval`                    | Duration to wait between every status check                                   | `60s`          |
 | `services[].graphql`                     | Whether to wrap the body in a query param (`{"query":"$body"}`)               | `false`        |
 | `services[].body`                        | Request body                                                                  | `""`           |
 | `services[].headers`                     | Request headers                                                               | `{}`           |
-| `services[].alerts[].type`               | Type of alert. Valid types: `slack`, `pagerduty`, `twilio`, `custom`          | Required `""`  |
+| `services[].alerts[].type`               | Type of alert. Valid types: `slack`, `pagerduty`, `twilio`, `mattermost`, `custom` | Required `""`  |
 | `services[].alerts[].enabled`            | Whether to enable the alert                                                   | `false`        |
 | `services[].alerts[].failure-threshold`  | Number of failures in a row needed before triggering the alert                | `3`            |
 | `services[].alerts[].success-threshold`  | Number of successes in a row before an ongoing incident is marked as resolved | `2`            |
@@ -118,8 +119,13 @@ Note that you can also add environment variables in the configuration file (i.e.
 | `alerting.twilio.token`                  | Twilio auth token                                                             | Required `""`  |
 | `alerting.twilio.from`                   | Number to send Twilio alerts from                                             | Required `""`  |
 | `alerting.twilio.to`                     | Number to send twilio alerts to                                               | Required `""`  |
+| `alerting.mattermost`                    | Configuration for alerts of type `mattermost`                                 | `{}`           |
+| `alerting.mattermost.webhook-url`        | Mattermost Webhook URL                                                        | Required `""`  |
+| `alerting.mattermost.insecure`           | Whether to skip verifying the server's certificate chain and host name        | `false`        |
 | `alerting.custom`                        | Configuration for custom actions on failure or alerts                         | `{}`           |
 | `alerting.custom.url`                    | Custom alerting request url                                                   | Required `""`  |
+| `alerting.custom.method`                 | Request method                                                                | `GET`          |
+| `alerting.custom.insecure`               | Whether to skip verifying the server's certificate chain and host name        | `false`        |
 | `alerting.custom.body`                   | Custom alerting request body.                                                 | `""`           |
 | `alerting.custom.headers`                | Custom alerting request headers                                               | `{}`           |
 | `security`                               | Security configuration                                                        | `{}`           |
@@ -151,17 +157,19 @@ Here are some examples of conditions you can use:
 | `len([BODY].data) < 5`       | Array at JSONPath `$.data` has less than 5 elements     | `{"data":[{"id":1}]}`      |  |
 | `len([BODY].name) == 8`      | String at JSONPath `$.name` has a length of 8           | `{"name":"john.doe"}`      | `{"name":"bob"}` |
 | `[BODY].name == pat(john*)`  | String at JSONPath `$.name` matches pattern `john*`     | `{"name":"john.doe"}`      | `{"name":"bob"}` |
+| `[CERTIFICATE_EXPIRATION] > 48h` | Certificate expiration is more than 48h away        | 49h, 50h, 123h             | 1h, 24h, ... |
 
 
 #### Placeholders
 
-| Placeholder             | Description                                             | Example of resolved value |
-|:----------------------- |:------------------------------------------------------- |:------------------------- |
-| `[STATUS]`              | Resolves into the HTTP status of the request            | 404
-| `[RESPONSE_TIME]`       | Resolves into the response time the request took, in ms | 10
-| `[IP]`                  | Resolves into the IP of the target host                 | 192.168.0.232
-| `[BODY]`                | Resolves into the response body. Supports JSONPath.     | `{"name":"john.doe"}`
-| `[CONNECTED]`           | Resolves into whether a connection could be established | `true`
+| Placeholder                | Description                                                     | Example of resolved value |
+|:-------------------------- |:--------------------------------------------------------------- |:------------------------- |
+| `[STATUS]`                 | Resolves into the HTTP status of the request                    | 404
+| `[RESPONSE_TIME]`          | Resolves into the response time the request took, in ms         | 10
+| `[IP]`                     | Resolves into the IP of the target host                         | 192.168.0.232
+| `[BODY]`                   | Resolves into the response body. Supports JSONPath.             | `{"name":"john.doe"}`
+| `[CONNECTED]`              | Resolves into whether a connection could be established         | `true`
+| `[CERTIFICATE_EXPIRATION]` | Resolves into the duration before certificate expiration        | `24h`, `48h`, 0 (if not using HTTPS)
 
 
 #### Functions
@@ -263,6 +271,33 @@ services:
 ```
 
 
+#### Configuring Mattermost alerts
+
+```yaml
+alerting:
+  mattermost: 
+    webhook-url: "http://**********/hooks/**********"
+    insecure: true
+services:
+  - name: twinnation
+    url: "https://twinnation.org/health"
+    interval: 30s
+    alerts:
+      - type: mattermost
+        enabled: true
+        description: "healthcheck failed 3 times in a row"
+        send-on-resolved: true
+    conditions:
+      - "[STATUS] == 200"
+      - "[BODY].status == UP"
+      - "[RESPONSE_TIME] < 300"
+```
+
+Here's an example of what the notifications look like:
+
+![Mattermost notifications](.github/assets/mattermost-alerts.png)
+
+
 #### Configuring custom alerts
 
 While they're called alerts, you can use this feature to call anything. 
@@ -285,6 +320,7 @@ alerting:
   custom:
     url: "https://hooks.slack.com/services/**********/**********/**********"
     method: "POST"
+    insecure: true
     body: |
       {
         "text": "[ALERT_TRIGGERED_OR_RESOLVED]: [SERVICE_NAME] - [ALERT_DESCRIPTION]"

alerting/config.go

@@ -4,6 +4,7 @@ import (
 	"github.com/TwinProduction/gatus/alerting/provider/custom"
 	"github.com/TwinProduction/gatus/alerting/provider/pagerduty"
 	"github.com/TwinProduction/gatus/alerting/provider/slack"
+	"github.com/TwinProduction/gatus/alerting/provider/mattermost"
 	"github.com/TwinProduction/gatus/alerting/provider/twilio"
 )
 
@@ -12,6 +13,9 @@ type Config struct {
 	// Slack is the configuration for the slack alerting provider
 	Slack *slack.AlertProvider `yaml:"slack"`
 
+	// Mattermost is the configuration for the mattermost alerting provider
+	Mattermost *mattermost.AlertProvider `yaml:"mattermost"`
+
 	// Pagerduty is the configuration for the pagerduty alerting provider
 	PagerDuty *pagerduty.AlertProvider `yaml:"pagerduty"`
 

alerting/provider/custom/custom.go

@@ -3,20 +3,22 @@ package custom
 import (
 	"bytes"
 	"fmt"
-	"github.com/TwinProduction/gatus/client"
-	"github.com/TwinProduction/gatus/core"
 	"io/ioutil"
 	"net/http"
 	"strings"
+
+	"github.com/TwinProduction/gatus/client"
+	"github.com/TwinProduction/gatus/core"
 )
 
 // AlertProvider is the configuration necessary for sending an alert using a custom HTTP request
 // Technically, all alert providers should be reachable using the custom alert provider
 type AlertProvider struct {
-	URL     string            `yaml:"url"`
-	Method  string            `yaml:"method,omitempty"`
-	Body    string            `yaml:"body,omitempty"`
-	Headers map[string]string `yaml:"headers,omitempty"`
+	URL      string            `yaml:"url"`
+	Method   string            `yaml:"method,omitempty"`
+	Insecure bool              `yaml:"insecure,omitempty"`
+	Body     string            `yaml:"body,omitempty"`
+	Headers  map[string]string `yaml:"headers,omitempty"`
 }
 
 // IsValid returns whether the provider's configuration is valid
@@ -73,7 +75,7 @@ func (provider *AlertProvider) buildRequest(serviceName, alertDescription string
 // Send a request to the alert provider and return the body
 func (provider *AlertProvider) Send(serviceName, alertDescription string, resolved bool) ([]byte, error) {
 	request := provider.buildRequest(serviceName, alertDescription, resolved)
-	response, err := client.GetHTTPClient(false).Do(request)
+	response, err := client.GetHTTPClient(provider.Insecure).Do(request)
 	if err != nil {
 		return nil, err
 	}

alerting/provider/mattermost/mattermost.go

@@ -0,0 +1,73 @@
+package mattermost
+
+import (
+	"fmt"
+	"github.com/TwinProduction/gatus/alerting/provider/custom"
+	"github.com/TwinProduction/gatus/core"
+)
+
+// AlertProvider is the configuration necessary for sending an alert using Mattermost
+type AlertProvider struct {
+	WebhookURL string `yaml:"webhook-url"`
+	Insecure   bool   `yaml:"insecure,omitempty"`
+}
+
+// IsValid returns whether the provider's configuration is valid
+func (provider *AlertProvider) IsValid() bool {
+	return len(provider.WebhookURL) > 0
+}
+
+// ToCustomAlertProvider converts the provider into a custom.AlertProvider
+func (provider *AlertProvider) ToCustomAlertProvider(service *core.Service, alert *core.Alert, result *core.Result, resolved bool) *custom.AlertProvider {
+	var message string
+	var color string
+	if resolved {
+		message = fmt.Sprintf("An alert for *%s* has been resolved after passing successfully %d time(s) in a row", service.Name, alert.SuccessThreshold)
+		color = "#36A64F"
+	} else {
+		message = fmt.Sprintf("An alert for *%s* has been triggered due to having failed %d time(s) in a row", service.Name, alert.FailureThreshold)
+		color = "#DD0000"
+	}
+	var results string
+	for _, conditionResult := range result.ConditionResults {
+		var prefix string
+		if conditionResult.Success {
+			prefix = ":white_check_mark:"
+		} else {
+			prefix = ":x:"
+		}
+		results += fmt.Sprintf("%s - `%s`\n", prefix, conditionResult.Condition)
+	}
+	return &custom.AlertProvider{
+		URL:    provider.WebhookURL,
+		Method: "POST",
+		Insecure: provider.Insecure,
+		Body: fmt.Sprintf(`{
+  "text": "",
+  "username": "gatus",
+  "icon_url": "https://raw.githubusercontent.com/TwinProduction/gatus/master/static/logo.png",
+  "attachments": [
+    {
+      "title": ":rescue_worker_helmet: Gatus",
+      "fallback": "Gatus - %s",
+      "text": "%s:\n> %s",
+      "short": false,
+      "color": "%s",
+      "fields": [
+        {
+          "title": "URL",
+          "value": "%s",
+          "short": false
+        },
+        {
+          "title": "Condition results",
+          "value": "%s",
+          "short": false
+        }
+      ]
+    }
+  ]
+}`, message, message, alert.Description, color, service.URL, results),
+		Headers: map[string]string{"Content-Type": "application/json"},
+	}
+}

alerting/provider/mattermost/mattermost_test.go

@@ -0,0 +1,40 @@
+package mattermost
+
+import (
+	"github.com/TwinProduction/gatus/core"
+	"strings"
+	"testing"
+)
+
+func TestAlertProvider_IsValid(t *testing.T) {
+	invalidProvider := AlertProvider{WebhookURL: ""}
+	if invalidProvider.IsValid() {
+		t.Error("provider shouldn't have been valid")
+	}
+	validProvider := AlertProvider{WebhookURL: "http://example.com"}
+	if !validProvider.IsValid() {
+		t.Error("provider should've been valid")
+	}
+}
+
+func TestAlertProvider_ToCustomAlertProviderWithResolvedAlert(t *testing.T) {
+	provider := AlertProvider{WebhookURL: "http://example.com"}
+	customAlertProvider := provider.ToCustomAlertProvider(&core.Service{}, &core.Alert{}, &core.Result{ConditionResults: []*core.ConditionResult{{Condition: "SUCCESSFUL_CONDITION", Success: true}}}, true)
+	if customAlertProvider == nil {
+		t.Error("customAlertProvider shouldn't have been nil")
+	}
+	if !strings.Contains(customAlertProvider.Body, "resolved") {
+		t.Error("customAlertProvider.Body should've contained the substring resolved")
+	}
+}
+
+func TestAlertProvider_ToCustomAlertProviderWithTriggeredAlert(t *testing.T) {
+	provider := AlertProvider{WebhookURL: "http://example.com"}
+	customAlertProvider := provider.ToCustomAlertProvider(&core.Service{}, &core.Alert{}, &core.Result{ConditionResults: []*core.ConditionResult{{Condition: "UNSUCCESSFUL_CONDITION", Success: false}}}, false)
+	if customAlertProvider == nil {
+		t.Error("customAlertProvider shouldn't have been nil")
+	}
+	if !strings.Contains(customAlertProvider.Body, "triggered") {
+		t.Error("customAlertProvider.Body should've contained the substring triggered")
+	}
+}

alerting/provider/provider.go

@@ -4,6 +4,7 @@ import (
 	"github.com/TwinProduction/gatus/alerting/provider/custom"
 	"github.com/TwinProduction/gatus/alerting/provider/pagerduty"
 	"github.com/TwinProduction/gatus/alerting/provider/slack"
+	"github.com/TwinProduction/gatus/alerting/provider/mattermost"
 	"github.com/TwinProduction/gatus/alerting/provider/twilio"
 	"github.com/TwinProduction/gatus/core"
 )
@@ -22,5 +23,6 @@ var (
 	_ AlertProvider = (*custom.AlertProvider)(nil)
 	_ AlertProvider = (*twilio.AlertProvider)(nil)
 	_ AlertProvider = (*slack.AlertProvider)(nil)
+	_ AlertProvider = (*mattermost.AlertProvider)(nil)
 	_ AlertProvider = (*pagerduty.AlertProvider)(nil)
 )

alerting/provider/slack/slack.go

@@ -55,7 +55,7 @@ func (provider *AlertProvider) ToCustomAlertProvider(service *core.Service, aler
           "short": false
         }
       ]
-    },
+    }
   ]
 }`, message, alert.Description, color, results),
 		Headers: map[string]string{"Content-Type": "application/json"},

config/config.go

@@ -179,6 +179,7 @@ func validateAlertingConfig(config *Config) {
 	}
 	alertTypes := []core.AlertType{
 		core.SlackAlert,
+		core.MattermostAlert,
 		core.TwilioAlert,
 		core.PagerDutyAlert,
 		core.CustomAlert,
@@ -209,6 +210,12 @@ func GetAlertingProviderByAlertType(config *Config, alertType core.AlertType) pr
 			return nil
 		}
 		return config.Alerting.Slack
+	case core.MattermostAlert:
+		if config.Alerting.Mattermost == nil {
+			// Since we're returning an interface, we need to explicitly return nil, even if the provider itself is nil
+			return nil
+		}
+		return config.Alerting.Mattermost
 	case core.TwilioAlert:
 		if config.Alerting.Twilio == nil {
 			// Since we're returning an interface, we need to explicitly return nil, even if the provider itself is nil

config/config_test.go

@@ -265,6 +265,85 @@ services:
 	}
 }
 
+func TestParseAndValidateConfigBytesWithCustomAlertingConfig(t *testing.T) {
+	config, err := parseAndValidateConfigBytes([]byte(`
+alerting:
+  custom:
+    url: "https://example.com"
+    body: |
+      {
+        "text": "[ALERT_TRIGGERED_OR_RESOLVED]: [SERVICE_NAME] - [ALERT_DESCRIPTION]"
+      }
+services:
+  - name: twinnation
+    url: https://twinnation.org/actuator/health
+    alerts:
+      - type: custom
+    conditions:
+      - "[STATUS] == 200"
+`))
+	if err != nil {
+		t.Error("No error should've been returned")
+	}
+	if config == nil {
+		t.Fatal("Config shouldn't have been nil")
+	}
+	if config.Alerting == nil {
+		t.Fatal("config.Alerting shouldn't have been nil")
+	}
+	if config.Alerting.Custom == nil {
+		t.Fatal("PagerDuty alerting config shouldn't have been nil")
+	}
+	if !config.Alerting.Custom.IsValid() {
+		t.Fatal("Custom alerting config should've been valid")
+	}
+	if config.Alerting.Custom.Insecure {
+		t.Fatal("config.Alerting.Custom.Insecure shouldn't have been true")
+	}
+}
+
+func TestParseAndValidateConfigBytesWithCustomAlertingConfigThatHasInsecureSetToTrue(t *testing.T) {
+	config, err := parseAndValidateConfigBytes([]byte(`
+alerting:
+  custom:
+    url: "https://example.com"
+    method: "POST"
+    insecure: true
+    body: |
+      {
+        "text": "[ALERT_TRIGGERED_OR_RESOLVED]: [SERVICE_NAME] - [ALERT_DESCRIPTION]"
+      }
+services:
+  - name: twinnation
+    url: https://twinnation.org/actuator/health
+    alerts:
+      - type: custom
+    conditions:
+      - "[STATUS] == 200"
+`))
+	if err != nil {
+		t.Error("No error should've been returned")
+	}
+	if config == nil {
+		t.Fatal("Config shouldn't have been nil")
+	}
+	if config.Alerting == nil {
+		t.Fatal("config.Alerting shouldn't have been nil")
+	}
+	if config.Alerting.Custom == nil {
+		t.Fatal("PagerDuty alerting config shouldn't have been nil")
+	}
+	if !config.Alerting.Custom.IsValid() {
+		t.Error("Custom alerting config should've been valid")
+	}
+	if config.Alerting.Custom.Method != "POST" {
+		t.Error("config.Alerting.Custom.Method should've been POST")
+	}
+	if !config.Alerting.Custom.Insecure {
+		t.Error("config.Alerting.Custom.Insecure shouldn't have been true")
+	}
+}
+
 func TestParseAndValidateConfigBytesWithInvalidSecurityConfig(t *testing.T) {
 	defer func() { recover() }()
 	_, _ = parseAndValidateConfigBytes([]byte(`

core/alert.go

@@ -37,6 +37,9 @@ const (
 	// SlackAlert is the AlertType for the slack alerting provider
 	SlackAlert AlertType = "slack"
 
+	// MattermostAlert is the AlertType for the mattermost alerting provider
+	MattermostAlert AlertType = "mattermost"
+
 	// PagerDutyAlert is the AlertType for the pagerduty alerting provider
 	PagerDutyAlert AlertType = "pagerduty"
 

core/condition.go

@@ -2,11 +2,13 @@ package core
 
 import (
 	"fmt"
-	"github.com/TwinProduction/gatus/jsonpath"
-	"github.com/TwinProduction/gatus/pattern"
 	"log"
 	"strconv"
 	"strings"
+	"time"
+
+	"github.com/TwinProduction/gatus/jsonpath"
+	"github.com/TwinProduction/gatus/pattern"
 )
 
 const (
@@ -35,6 +37,11 @@ const (
 	// Values that could replace the placeholder: true, false
 	ConnectedPlaceHolder = "[CONNECTED]"
 
+	// CertificateExpirationPlaceholder is a placeholder for the duration before certificate expiration, in milliseconds.
+	//
+	// Values that could replace the placeholder: 4461677039 (~52 days)
+	CertificateExpirationPlaceholder = "[CERTIFICATE_EXPIRATION]"
+
 	// LengthFunctionPrefix is the prefix for the length function
 	LengthFunctionPrefix = "len("
 
@@ -142,6 +149,8 @@ func sanitizeAndResolve(list []string, result *Result) []string {
 			element = body
 		case ConnectedPlaceHolder:
 			element = strconv.FormatBool(result.Connected)
+		case CertificateExpirationPlaceholder:
+			element = strconv.FormatInt(int64(result.CertificateExpiration.Milliseconds()), 10)
 		default:
 			// if contains the BodyPlaceHolder, then evaluate json path
 			if strings.Contains(element, BodyPlaceHolder) {
@@ -174,11 +183,13 @@ func sanitizeAndResolve(list []string, result *Result) []string {
 	return sanitizedList
 }
 
-func sanitizeAndResolveNumerical(list []string, result *Result) []int {
-	var sanitizedNumbers []int
+func sanitizeAndResolveNumerical(list []string, result *Result) []int64 {
+	var sanitizedNumbers []int64
 	sanitizedList := sanitizeAndResolve(list, result)
 	for _, element := range sanitizedList {
-		if number, err := strconv.Atoi(element); err != nil {
+		if duration, err := time.ParseDuration(element); duration != 0 && err == nil {
+			sanitizedNumbers = append(sanitizedNumbers, duration.Milliseconds())
+		} else if number, err := strconv.ParseInt(element, 10, 64); err != nil {
 			// Default to 0 if the string couldn't be converted to an integer
 			sanitizedNumbers = append(sanitizedNumbers, 0)
 		} else {

core/condition_test.go

@@ -1,6 +1,7 @@
 package core
 
 import (
+	"strconv"
 	"testing"
 	"time"
 )
@@ -59,7 +60,27 @@ func TestCondition_evaluateWithResponseTimeUsingLessThan(t *testing.T) {
 	}
 }
 
+func TestCondition_evaluateWithResponseTimeUsingLessThanDuration(t *testing.T) {
+	condition := Condition("[RESPONSE_TIME] < 1s")
+	result := &Result{Duration: time.Millisecond * 50}
+	condition.evaluate(result)
+	if !result.ConditionResults[0].Success {
+		t.Errorf("Condition '%s' should have been a success", condition)
+	}
+}
+
+func TestCondition_evaluateWithResponseTimeUsingLessThanInvalid(t *testing.T) {
+	condition := Condition("[RESPONSE_TIME] < potato")
+	result := &Result{Duration: time.Millisecond * 50}
+	condition.evaluate(result)
+	if result.ConditionResults[0].Success {
+		t.Errorf("Condition '%s' should have failed because the condition has an invalid numerical value that should've automatically resolved to 0", condition)
+	}
+}
+
 func TestCondition_evaluateWithResponseTimeUsingGreaterThan(t *testing.T) {
+	// Not exactly sure why you'd want to have a condition that checks if the response time is too fast,
+	// but hey, who am I to judge?
 	condition := Condition("[RESPONSE_TIME] > 500")
 	result := &Result{Duration: time.Millisecond * 750}
 	condition.evaluate(result)
@@ -68,6 +89,15 @@ func TestCondition_evaluateWithResponseTimeUsingGreaterThan(t *testing.T) {
 	}
 }
 
+func TestCondition_evaluateWithResponseTimeUsingGreaterThanDuration(t *testing.T) {
+	condition := Condition("[RESPONSE_TIME] > 1s")
+	result := &Result{Duration: time.Second * 2}
+	condition.evaluate(result)
+	if !result.ConditionResults[0].Success {
+		t.Errorf("Condition '%s' should have been a success", condition)
+	}
+}
+
 func TestCondition_evaluateWithResponseTimeUsingGreaterThanOrEqualTo(t *testing.T) {
 	condition := Condition("[RESPONSE_TIME] >= 500")
 	result := &Result{Duration: time.Millisecond * 500}
@@ -309,3 +339,50 @@ func TestCondition_evaluateWithConnectedFailure(t *testing.T) {
 		t.Errorf("Condition '%s' should have been a failure", condition)
 	}
 }
+
+func TestCondition_evaluateWithUnsetCertificateExpiration(t *testing.T) {
+	condition := Condition("[CERTIFICATE_EXPIRATION] == 0")
+	result := &Result{}
+	condition.evaluate(result)
+	if !result.ConditionResults[0].Success {
+		t.Errorf("Condition '%s' should have been a success", condition)
+	}
+}
+
+func TestCondition_evaluateWithCertificateExpirationGreaterThanNumerical(t *testing.T) {
+	acceptable := (time.Hour * 24 * 28).Milliseconds()
+	condition := Condition("[CERTIFICATE_EXPIRATION] > " + strconv.FormatInt(acceptable, 10))
+	result := &Result{CertificateExpiration: time.Hour * 24 * 60}
+	condition.evaluate(result)
+	if !result.ConditionResults[0].Success {
+		t.Errorf("Condition '%s' should have been a success", condition)
+	}
+}
+
+func TestCondition_evaluateWithCertificateExpirationGreaterThanNumericalFailure(t *testing.T) {
+	acceptable := (time.Hour * 24 * 28).Milliseconds()
+	condition := Condition("[CERTIFICATE_EXPIRATION] > " + strconv.FormatInt(acceptable, 10))
+	result := &Result{CertificateExpiration: time.Hour * 24 * 14}
+	condition.evaluate(result)
+	if result.ConditionResults[0].Success {
+		t.Errorf("Condition '%s' should have been a failure", condition)
+	}
+}
+
+func TestCondition_evaluateWithCertificateExpirationGreaterThanDuration(t *testing.T) {
+	condition := Condition("[CERTIFICATE_EXPIRATION] > 12h")
+	result := &Result{CertificateExpiration: 24 * time.Hour}
+	condition.evaluate(result)
+	if !result.ConditionResults[0].Success {
+		t.Errorf("Condition '%s' should have been a success", condition)
+	}
+}
+
+func TestCondition_evaluateWithCertificateExpirationGreaterThanDurationFailure(t *testing.T) {
+	condition := Condition("[CERTIFICATE_EXPIRATION] > 48h")
+	result := &Result{CertificateExpiration: 24 * time.Hour}
+	condition.evaluate(result)
+	if result.ConditionResults[0].Success {
+		t.Errorf("Condition '%s' should have been a failure", condition)
+	}
+}

core/service.go

@@ -169,6 +169,10 @@ func (service *Service) call(result *Result) {
 			result.Errors = append(result.Errors, err.Error())
 			return
 		}
+		if response.TLS != nil && len(response.TLS.PeerCertificates) > 0 {
+			certificate := response.TLS.PeerCertificates[0]
+			result.CertificateExpiration = certificate.NotAfter.Sub(time.Now())
+		}
 		result.HTTPStatus = response.StatusCode
 		result.Connected = response.StatusCode > 0
 		result.Body, err = ioutil.ReadAll(response.Body)

core/types.go

@@ -45,6 +45,9 @@ type Result struct {
 
 	// Timestamp when the request was sent
 	Timestamp time.Time `json:"timestamp"`
+
+	// CertificateExpiration is the duration before the certificate expires
+	CertificateExpiration time.Duration `json:"certificate-expiration,omitempty"`
 }
 
 // ConditionResult result of a Condition

example/docker-compose-mattermost/config.yaml

@@ -0,0 +1,6 @@
+services:
+  - name: example
+    url: http://example.org
+    interval: 30s
+    conditions:
+      - "[STATUS] == 200"

example/docker-compose-mattermost/docker-compose.yml

@@ -0,0 +1,13 @@
+version: "3.8"
+services:
+    gatus:
+        image: twinproduction/gatus:latest
+        ports:
+          - 8080:8080
+        volumes:
+          - ./config.yaml:/config/config.yaml
+
+    mattermost-preview:
+        image: mattermost/mattermost-preview:latest
+        ports:
+          - 8065:8065

watchdog/alerting.go

@@ -2,9 +2,10 @@ package watchdog
 
 import (
 	"encoding/json"
+	"log"
+
 	"github.com/TwinProduction/gatus/config"
 	"github.com/TwinProduction/gatus/core"
-	"log"
 )
 
 // HandleAlerting takes care of alerts to resolve and alerts to trigger based on result success or failure