2015-06-22 22:47:27 +02:00
|
|
|
"""
|
|
|
|
.. module: lemur.factory
|
|
|
|
:platform: Unix
|
|
|
|
:synopsis: This module contains all the needed functions to allow
|
|
|
|
the factory app creation.
|
|
|
|
|
2018-05-29 19:18:16 +02:00
|
|
|
:copyright: (c) 2018 by Netflix Inc., see AUTHORS for more
|
2015-06-22 22:47:27 +02:00
|
|
|
:license: Apache, see LICENSE for more details.
|
|
|
|
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
|
|
|
|
|
|
|
"""
|
|
|
|
import os
|
2020-10-30 22:35:37 +01:00
|
|
|
import importlib
|
2015-06-22 22:47:27 +02:00
|
|
|
import errno
|
2015-07-04 21:47:57 +02:00
|
|
|
import pkg_resources
|
2019-05-17 17:48:26 +02:00
|
|
|
import socket
|
2015-06-22 22:47:27 +02:00
|
|
|
|
2016-06-27 23:40:46 +02:00
|
|
|
from logging import Formatter, StreamHandler
|
2015-06-22 22:47:27 +02:00
|
|
|
from logging.handlers import RotatingFileHandler
|
|
|
|
|
|
|
|
from flask import Flask
|
2019-05-28 21:45:39 +02:00
|
|
|
from flask_replicated import FlaskReplicated
|
2019-05-17 17:48:26 +02:00
|
|
|
import logmatic
|
2017-08-29 02:35:56 +02:00
|
|
|
|
|
|
|
from lemur.certificates.hooks import activate_debug_dump
|
2015-06-22 22:47:27 +02:00
|
|
|
from lemur.common.health import mod as health
|
2018-04-11 00:55:02 +02:00
|
|
|
from lemur.extensions import db, migrate, principal, smtp_mail, metrics, sentry, cors
|
2015-06-22 22:47:27 +02:00
|
|
|
|
|
|
|
|
2019-05-16 16:57:02 +02:00
|
|
|
DEFAULT_BLUEPRINTS = (health,)
|
2015-06-22 22:47:27 +02:00
|
|
|
|
|
|
|
API_VERSION = 1
|
|
|
|
|
|
|
|
|
|
|
|
def create_app(app_name=None, blueprints=None, config=None):
|
|
|
|
"""
|
|
|
|
Lemur application factory
|
|
|
|
|
|
|
|
:param config:
|
|
|
|
:param app_name:
|
|
|
|
:param blueprints:
|
|
|
|
:return:
|
|
|
|
"""
|
|
|
|
if not blueprints:
|
|
|
|
blueprints = DEFAULT_BLUEPRINTS
|
|
|
|
else:
|
|
|
|
blueprints = blueprints + DEFAULT_BLUEPRINTS
|
|
|
|
|
|
|
|
if not app_name:
|
|
|
|
app_name = __name__
|
|
|
|
|
|
|
|
app = Flask(app_name)
|
|
|
|
configure_app(app, config)
|
|
|
|
configure_blueprints(app, blueprints)
|
|
|
|
configure_extensions(app)
|
|
|
|
configure_logging(app)
|
2019-05-28 21:45:39 +02:00
|
|
|
configure_database(app)
|
2015-07-04 21:47:57 +02:00
|
|
|
install_plugins(app)
|
2015-06-25 01:48:40 +02:00
|
|
|
|
|
|
|
@app.teardown_appcontext
|
|
|
|
def teardown(exception=None):
|
|
|
|
if db.session:
|
|
|
|
db.session.remove()
|
|
|
|
|
2015-06-22 22:47:27 +02:00
|
|
|
return app
|
|
|
|
|
|
|
|
|
|
|
|
def from_file(file_path, silent=False):
|
|
|
|
"""
|
|
|
|
Updates the values in the config from a Python file. This function
|
|
|
|
behaves as if the file was imported as module with the
|
|
|
|
|
|
|
|
:param file_path:
|
|
|
|
:param silent:
|
|
|
|
"""
|
2020-10-30 22:35:37 +01:00
|
|
|
module_spec = importlib.util.spec_from_file_location("config", file_path)
|
|
|
|
d = importlib.util.module_from_spec(module_spec)
|
|
|
|
|
2015-06-22 22:47:27 +02:00
|
|
|
try:
|
|
|
|
with open(file_path) as config_file:
|
2019-05-16 17:14:46 +02:00
|
|
|
exec( # nosec: config file safe
|
|
|
|
compile(config_file.read(), file_path, "exec"), d.__dict__
|
2019-05-16 16:57:02 +02:00
|
|
|
)
|
2015-06-22 22:47:27 +02:00
|
|
|
except IOError as e:
|
|
|
|
if silent and e.errno in (errno.ENOENT, errno.EISDIR):
|
|
|
|
return False
|
2019-05-16 16:57:02 +02:00
|
|
|
e.strerror = "Unable to load configuration file (%s)" % e.strerror
|
2015-06-22 22:47:27 +02:00
|
|
|
raise
|
|
|
|
return d
|
|
|
|
|
|
|
|
|
|
|
|
def configure_app(app, config=None):
|
|
|
|
"""
|
|
|
|
Different ways of configuration
|
|
|
|
|
|
|
|
:param app:
|
|
|
|
:param config:
|
|
|
|
:return:
|
|
|
|
"""
|
2016-11-17 18:31:37 +01:00
|
|
|
# respect the config first
|
2019-05-16 16:57:02 +02:00
|
|
|
if config and config != "None":
|
|
|
|
app.config["CONFIG_PATH"] = config
|
2016-11-17 18:31:37 +01:00
|
|
|
app.config.from_object(from_file(config))
|
2016-11-21 18:19:14 +01:00
|
|
|
else:
|
|
|
|
try:
|
|
|
|
app.config.from_envvar("LEMUR_CONF")
|
|
|
|
except RuntimeError:
|
|
|
|
# look in default paths
|
|
|
|
if os.path.isfile(os.path.expanduser("~/.lemur/lemur.conf.py")):
|
2019-05-16 16:57:02 +02:00
|
|
|
app.config.from_object(
|
|
|
|
from_file(os.path.expanduser("~/.lemur/lemur.conf.py"))
|
|
|
|
)
|
2016-11-21 18:19:14 +01:00
|
|
|
else:
|
2019-05-16 16:57:02 +02:00
|
|
|
app.config.from_object(
|
|
|
|
from_file(
|
|
|
|
os.path.join(
|
|
|
|
os.path.dirname(os.path.realpath(__file__)),
|
|
|
|
"default.conf.py",
|
|
|
|
)
|
|
|
|
)
|
|
|
|
)
|
2016-11-21 18:19:14 +01:00
|
|
|
|
2016-12-14 22:23:50 +01:00
|
|
|
# we don't use this
|
2019-05-16 16:57:02 +02:00
|
|
|
app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False
|
2016-12-14 22:23:50 +01:00
|
|
|
|
2015-06-22 22:47:27 +02:00
|
|
|
|
|
|
|
def configure_extensions(app):
|
|
|
|
"""
|
|
|
|
Attaches and configures any needed flask extensions
|
|
|
|
to our app.
|
|
|
|
|
|
|
|
:param app:
|
|
|
|
"""
|
|
|
|
db.init_app(app)
|
|
|
|
migrate.init_app(app, db)
|
|
|
|
principal.init_app(app)
|
2015-07-23 22:46:54 +02:00
|
|
|
smtp_mail.init_app(app)
|
2016-04-05 19:23:33 +02:00
|
|
|
metrics.init_app(app)
|
2017-06-29 23:12:38 +02:00
|
|
|
sentry.init_app(app)
|
2018-04-25 02:10:38 +02:00
|
|
|
|
2019-05-16 16:57:02 +02:00
|
|
|
if app.config["CORS"]:
|
|
|
|
app.config["CORS_HEADERS"] = "Content-Type"
|
|
|
|
cors.init_app(
|
|
|
|
app,
|
|
|
|
resources=r"/api/*",
|
|
|
|
headers="Content-Type",
|
|
|
|
origin="*",
|
|
|
|
supports_credentials=True,
|
|
|
|
)
|
2015-06-22 22:47:27 +02:00
|
|
|
|
|
|
|
|
|
|
|
def configure_blueprints(app, blueprints):
|
|
|
|
"""
|
|
|
|
We prefix our APIs with their given version so that we can support
|
|
|
|
multiple concurrent API versions.
|
|
|
|
|
|
|
|
:param app:
|
|
|
|
:param blueprints:
|
|
|
|
"""
|
|
|
|
for blueprint in blueprints:
|
|
|
|
app.register_blueprint(blueprint, url_prefix="/api/{0}".format(API_VERSION))
|
|
|
|
|
|
|
|
|
2019-05-28 21:45:39 +02:00
|
|
|
def configure_database(app):
|
|
|
|
if app.config.get("SQLALCHEMY_ENABLE_FLASK_REPLICATED"):
|
|
|
|
FlaskReplicated(app)
|
|
|
|
|
|
|
|
|
2015-06-22 22:47:27 +02:00
|
|
|
def configure_logging(app):
|
|
|
|
"""
|
|
|
|
Sets up application wide logging.
|
|
|
|
|
|
|
|
:param app:
|
|
|
|
"""
|
2019-05-16 16:57:02 +02:00
|
|
|
handler = RotatingFileHandler(
|
|
|
|
app.config.get("LOG_FILE", "lemur.log"), maxBytes=10000000, backupCount=100
|
|
|
|
)
|
|
|
|
|
|
|
|
handler.setFormatter(
|
|
|
|
Formatter(
|
|
|
|
"%(asctime)s %(levelname)s: %(message)s " "[in %(pathname)s:%(lineno)d]"
|
|
|
|
)
|
|
|
|
)
|
|
|
|
|
2019-05-17 17:48:26 +02:00
|
|
|
if app.config.get("LOG_JSON", False):
|
|
|
|
handler.setFormatter(
|
|
|
|
logmatic.JsonFormatter(extra={"hostname": socket.gethostname()})
|
|
|
|
)
|
|
|
|
|
2019-05-16 16:57:02 +02:00
|
|
|
handler.setLevel(app.config.get("LOG_LEVEL", "DEBUG"))
|
|
|
|
app.logger.setLevel(app.config.get("LOG_LEVEL", "DEBUG"))
|
2015-06-22 22:47:27 +02:00
|
|
|
app.logger.addHandler(handler)
|
|
|
|
|
2016-06-27 23:40:46 +02:00
|
|
|
stream_handler = StreamHandler()
|
2019-05-16 16:57:02 +02:00
|
|
|
stream_handler.setLevel(app.config.get("LOG_LEVEL", "DEBUG"))
|
2016-06-27 23:40:46 +02:00
|
|
|
app.logger.addHandler(stream_handler)
|
|
|
|
|
2019-05-16 16:57:02 +02:00
|
|
|
if app.config.get("DEBUG_DUMP", False):
|
2017-08-29 02:35:56 +02:00
|
|
|
activate_debug_dump()
|
|
|
|
|
2015-07-04 21:47:57 +02:00
|
|
|
|
|
|
|
def install_plugins(app):
|
|
|
|
"""
|
|
|
|
Installs new issuers that are not currently bundled with Lemur.
|
|
|
|
|
2016-10-09 09:06:53 +02:00
|
|
|
:param app:
|
2015-07-04 21:47:57 +02:00
|
|
|
:return:
|
|
|
|
"""
|
2016-10-09 09:06:53 +02:00
|
|
|
from lemur.plugins import plugins
|
2015-07-04 21:47:57 +02:00
|
|
|
from lemur.plugins.base import register
|
2019-05-16 16:57:02 +02:00
|
|
|
|
2015-07-04 21:47:57 +02:00
|
|
|
# entry_points={
|
|
|
|
# 'lemur.plugins': [
|
|
|
|
# 'verisign = lemur_verisign.plugin:VerisignPlugin'
|
|
|
|
# ],
|
|
|
|
# },
|
2019-05-16 16:57:02 +02:00
|
|
|
for ep in pkg_resources.iter_entry_points("lemur.plugins"):
|
2015-07-04 21:47:57 +02:00
|
|
|
try:
|
|
|
|
plugin = ep.load()
|
|
|
|
except Exception:
|
|
|
|
import traceback
|
2019-05-16 16:57:02 +02:00
|
|
|
|
|
|
|
app.logger.error(
|
|
|
|
"Failed to load plugin %r:\n%s\n" % (ep.name, traceback.format_exc())
|
|
|
|
)
|
2015-07-04 21:47:57 +02:00
|
|
|
else:
|
|
|
|
register(plugin)
|
2016-10-09 09:06:53 +02:00
|
|
|
|
|
|
|
# ensure that we have some way to notify
|
|
|
|
with app.app_context():
|
2017-09-26 00:33:42 +02:00
|
|
|
slug = app.config.get("LEMUR_DEFAULT_NOTIFICATION_PLUGIN", "email-notification")
|
2016-10-09 09:06:53 +02:00
|
|
|
try:
|
|
|
|
plugins.get(slug)
|
|
|
|
except KeyError:
|
2019-05-16 16:57:02 +02:00
|
|
|
raise Exception(
|
|
|
|
"Unable to location notification plugin: {slug}. Ensure that "
|
|
|
|
"LEMUR_DEFAULT_NOTIFICATION_PLUGIN is set to a valid and installed notification plugin.".format(
|
|
|
|
slug=slug
|
|
|
|
)
|
|
|
|
)
|