From 92a4ca33d6dae4aad3328aa5733d138a1bbe3e2c Mon Sep 17 00:00:00 2001
From: Marsell Kukuljevic <mk@spearhead.systems>
Date: Thu, 19 Oct 2023 11:55:47 +0200
Subject: [PATCH] Add support for CSV lists of key vaults to check, so the
 plugin can check more than one key vault.

---
 .../check_mk/base/plugins/agent_based/azure_keyvault.py  | 9 ++++++---
 local/share/check_mk/agents/special/agent_azure_keyvault | 5 ++++-
 local/share/check_mk/checks/agent_azure_keyvault         | 7 ++++++-
 local/share/check_mk/web/plugins/wato/azure_keyvault.py  | 4 ++--
 4 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/local/lib/check_mk/base/plugins/agent_based/azure_keyvault.py b/local/lib/check_mk/base/plugins/agent_based/azure_keyvault.py
index cd7213b..e26b458 100644
--- a/local/lib/check_mk/base/plugins/agent_based/azure_keyvault.py
+++ b/local/lib/check_mk/base/plugins/agent_based/azure_keyvault.py
@@ -8,13 +8,16 @@ from cmk.base.plugins.agent_based.agent_based_api.v1 import register, Result, Se
 # Convert JSON entries into dictionaries indexed by certificate name.
 def parse_keyvault(string_table):
     raw_json = ""
+    cert_data = []
 
     for row in string_table:
-        raw_json += row[0]
+        line = row[0]
+        raw_json += line
+        if line == "]":
+          cert_data.extend(json.loads(raw_json))
+          raw_json = ""
 
     lookup = {}
-    cert_data = json.loads(raw_json)
-
     for cert in cert_data:
         lookup[cert["name"]] = cert
 
diff --git a/local/share/check_mk/agents/special/agent_azure_keyvault b/local/share/check_mk/agents/special/agent_azure_keyvault
index 343a811..7ca3689 100755
--- a/local/share/check_mk/agents/special/agent_azure_keyvault
+++ b/local/share/check_mk/agents/special/agent_azure_keyvault
@@ -1,4 +1,7 @@
 #!/bin/bash
 
 echo "<<<azure_keyvault:sep(0)>>>"
-~/az "${@:1}"
+
+for vault in "${@:1}"; do
+  ~/az keyvault certificate list --vault-name="$vault"
+done
diff --git a/local/share/check_mk/checks/agent_azure_keyvault b/local/share/check_mk/checks/agent_azure_keyvault
index f92b19f..6cfc7d7 100644
--- a/local/share/check_mk/checks/agent_azure_keyvault
+++ b/local/share/check_mk/checks/agent_azure_keyvault
@@ -2,6 +2,11 @@
 
 
 def agent_azure_keyvault(params, hostname, ipaddress):
-    return ["keyvault", "certificate", "list", "--vault-name", params["vault_name"]]
+    args = []
+
+    for vault in params["vault_name"].split(","):
+        args.extend([vault.strip()])
+
+    return args
 
 special_agent_info["azure_keyvault"] = agent_azure_keyvault
diff --git a/local/share/check_mk/web/plugins/wato/azure_keyvault.py b/local/share/check_mk/web/plugins/wato/azure_keyvault.py
index 94e2ee9..4782528 100644
--- a/local/share/check_mk/web/plugins/wato/azure_keyvault.py
+++ b/local/share/check_mk/web/plugins/wato/azure_keyvault.py
@@ -53,9 +53,9 @@ def _valuespec_special_agents_azure_keyvault_discovery():
             (
                 "vault_name",
                 TextInput(
-                    title=_("Key Vault Name"),
+                    title=_("Key Vault Names (CSV)"),
                     help=_(
-                        "The name of the Azure Key Vault to perform checks on"
+                        "Comma-separated list of all the name of the Azure key vaults to perform certificate checks on. E.g. to check just the vault 'mkdev', enter 'mkdev'; to check 'mkdev' and 'mkdev2', enter 'mkdev,mkdev2'"
                     ),
                 ),
             ),