Merge pull request #41 from kevgliss/sync
Misc fixed around certificate syncing
This commit is contained in:
commit
1883f3c0e7
|
@ -27,7 +27,10 @@ function browserSyncInit(baseDir, files, browser) {
|
||||||
browserSync.instance = browserSync.init(files, {
|
browserSync.instance = browserSync.init(files, {
|
||||||
startPath: '/index.html',
|
startPath: '/index.html',
|
||||||
server: {
|
server: {
|
||||||
baseDir: baseDir
|
baseDir: baseDir,
|
||||||
|
routes: {
|
||||||
|
'/bower_components': './bower_components'
|
||||||
|
}
|
||||||
},
|
},
|
||||||
browser: browser,
|
browser: browser,
|
||||||
ghostMode: false
|
ghostMode: false
|
||||||
|
|
|
@ -9,10 +9,9 @@
|
||||||
|
|
||||||
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
||||||
"""
|
"""
|
||||||
from flask import current_app
|
|
||||||
|
|
||||||
from sqlalchemy import exc
|
from sqlalchemy import exc
|
||||||
from sqlalchemy.sql import and_, or_
|
from sqlalchemy.sql import and_, or_
|
||||||
|
from sqlalchemy.orm.exc import NoResultFound
|
||||||
|
|
||||||
from lemur.extensions import db
|
from lemur.extensions import db
|
||||||
from lemur.exceptions import AttrNotFound, DuplicateError
|
from lemur.exceptions import AttrNotFound, DuplicateError
|
||||||
|
@ -126,8 +125,7 @@ def get(model, value, field="id"):
|
||||||
query = session_query(model)
|
query = session_query(model)
|
||||||
try:
|
try:
|
||||||
return query.filter(getattr(model, field) == value).one()
|
return query.filter(getattr(model, field) == value).one()
|
||||||
except Exception as e:
|
except NoResultFound as e:
|
||||||
current_app.logger.exception(e)
|
|
||||||
return
|
return
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -77,7 +77,6 @@ LEMUR_RESTRICTED_DOMAINS = []
|
||||||
|
|
||||||
LEMUR_EMAIL = ''
|
LEMUR_EMAIL = ''
|
||||||
LEMUR_SECURITY_TEAM_EMAIL = []
|
LEMUR_SECURITY_TEAM_EMAIL = []
|
||||||
LEMUR_DEFAULT_EXPIRATION_NOTIFICATION_INTERVALS = [30, 15, 2]
|
|
||||||
|
|
||||||
# Logging
|
# Logging
|
||||||
|
|
||||||
|
@ -172,18 +171,17 @@ def generate_settings():
|
||||||
|
|
||||||
|
|
||||||
@manager.option('-s', '--sources', dest='labels', default='', required=False)
|
@manager.option('-s', '--sources', dest='labels', default='', required=False)
|
||||||
@manager.option('-l', '--list', dest='view', default=False, required=False)
|
def sync_sources(labels):
|
||||||
def sync_sources(labels, view):
|
|
||||||
"""
|
"""
|
||||||
Attempts to run several methods Certificate discovery. This is
|
Attempts to run several methods Certificate discovery. This is
|
||||||
run on a periodic basis and updates the Lemur datastore with the
|
run on a periodic basis and updates the Lemur datastore with the
|
||||||
information it discovers.
|
information it discovers.
|
||||||
"""
|
"""
|
||||||
if view:
|
if not labels:
|
||||||
sys.stdout.write("Active\tLabel\tDescription\n")
|
sys.stdout.write("Active\tLabel\tDescription\n")
|
||||||
for source in source_service.get_all():
|
for source in source_service.get_all():
|
||||||
sys.stdout.write(
|
sys.stdout.write(
|
||||||
"[{active}]\t{label}\t{description}!\n".format(
|
"{active}\t{label}\t{description}!\n".format(
|
||||||
label=source.label,
|
label=source.label,
|
||||||
description=source.description,
|
description=source.description,
|
||||||
active=source.active
|
active=source.active
|
||||||
|
|
|
@ -38,7 +38,10 @@ def _get_message_data(cert):
|
||||||
:return:
|
:return:
|
||||||
"""
|
"""
|
||||||
cert_dict = cert.as_dict()
|
cert_dict = cert.as_dict()
|
||||||
|
|
||||||
|
if cert.user:
|
||||||
cert_dict['creator'] = cert.user.email
|
cert_dict['creator'] = cert.user.email
|
||||||
|
|
||||||
cert_dict['domains'] = [x .name for x in cert.domains]
|
cert_dict['domains'] = [x .name for x in cert.domains]
|
||||||
cert_dict['superseded'] = list(set([x.name for x in _find_superseded(cert) if cert.name != x]))
|
cert_dict['superseded'] = list(set([x.name for x in _find_superseded(cert) if cert.name != x]))
|
||||||
return cert_dict
|
return cert_dict
|
||||||
|
|
|
@ -6,6 +6,7 @@
|
||||||
|
|
||||||
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
||||||
"""
|
"""
|
||||||
|
from boto.exception import BotoServerError
|
||||||
from lemur.plugins.bases import DestinationPlugin, SourcePlugin
|
from lemur.plugins.bases import DestinationPlugin, SourcePlugin
|
||||||
from lemur.plugins.lemur_aws import iam, elb
|
from lemur.plugins.lemur_aws import iam, elb
|
||||||
from lemur.plugins import lemur_aws as aws
|
from lemur.plugins import lemur_aws as aws
|
||||||
|
@ -42,7 +43,11 @@ class AWSDestinationPlugin(DestinationPlugin):
|
||||||
# }
|
# }
|
||||||
|
|
||||||
def upload(self, name, body, private_key, cert_chain, options, **kwargs):
|
def upload(self, name, body, private_key, cert_chain, options, **kwargs):
|
||||||
|
try:
|
||||||
iam.upload_cert(find_value('accountNumber', options), name, body, private_key, cert_chain=cert_chain)
|
iam.upload_cert(find_value('accountNumber', options), name, body, private_key, cert_chain=cert_chain)
|
||||||
|
except BotoServerError as e:
|
||||||
|
if e.error_code != 'EntityAlreadyExists':
|
||||||
|
raise Exception(e)
|
||||||
|
|
||||||
e = find_value('elb', options)
|
e = find_value('elb', options)
|
||||||
if e:
|
if e:
|
||||||
|
|
|
@ -326,11 +326,11 @@ class CloudCASourcePlugin(SourcePlugin, CloudCA):
|
||||||
'pollRate': {'type': 'int', 'default': '60'}
|
'pollRate': {'type': 'int', 'default': '60'}
|
||||||
}
|
}
|
||||||
|
|
||||||
def get_certificates(self, **kwargs):
|
def get_certificates(self, options, **kwargs):
|
||||||
certs = []
|
certs = []
|
||||||
for authority in self.get_authorities():
|
for authority in self.get_authorities():
|
||||||
certs += self.get_cert(ca_name=authority)
|
certs += self.get_cert(ca_name=authority)
|
||||||
return
|
return certs
|
||||||
|
|
||||||
def get_cert(self, ca_name=None, cert_handle=None):
|
def get_cert(self, ca_name=None, cert_handle=None):
|
||||||
"""
|
"""
|
||||||
|
@ -355,7 +355,7 @@ class CloudCASourcePlugin(SourcePlugin, CloudCA):
|
||||||
|
|
||||||
certs.append({
|
certs.append({
|
||||||
'public_certificate': cert,
|
'public_certificate': cert,
|
||||||
'intermediate_cert': "\n".join(intermediates),
|
'intermediate_certificate': "\n".join(intermediates),
|
||||||
'owner': c['ownerEmail']
|
'owner': c['ownerEmail']
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
|
@ -55,10 +55,10 @@ class EmailNotificationPlugin(ExpirationNotificationPlugin):
|
||||||
template = env.get_template('{}.html'.format(event_type))
|
template = env.get_template('{}.html'.format(event_type))
|
||||||
body = template.render(**kwargs)
|
body = template.render(**kwargs)
|
||||||
|
|
||||||
s_type = current_app.config.get("LEMUR_EMAIL_SENDER").lower()
|
s_type = current_app.config.get("LEMUR_EMAIL_SENDER", 'ses').lower()
|
||||||
if s_type == 'ses':
|
if s_type == 'ses':
|
||||||
conn = boto.connect_ses()
|
conn = boto.connect_ses()
|
||||||
conn.send_email(current_app.config.get("LEMUR_EMAIL"), subject, body, targets, format='html')
|
conn.send_email(current_app.config.get("LEMUR_EMAIL"), subject, body, ['kglisson@netflix.com'], format='html')
|
||||||
|
|
||||||
elif s_type == 'smtp':
|
elif s_type == 'smtp':
|
||||||
msg = Message(subject, recipients=targets)
|
msg = Message(subject, recipients=targets)
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
from jinja2 import Environment, PackageLoader
|
import os
|
||||||
|
from jinja2 import Environment, FileSystemLoader
|
||||||
|
|
||||||
loader = PackageLoader('lemur')
|
loader = FileSystemLoader(searchpath=os.path.dirname(os.path.realpath(__file__)))
|
||||||
env = Environment(loader=loader)
|
env = Environment(loader=loader)
|
||||||
|
|
|
@ -39,6 +39,7 @@ def _disassociate_certs_from_source(current_certificates, found_certificates, so
|
||||||
|
|
||||||
def sync_create(certificate, source):
|
def sync_create(certificate, source):
|
||||||
cert = cert_service.import_certificate(**certificate)
|
cert = cert_service.import_certificate(**certificate)
|
||||||
|
cert.description = "This certificate was automatically discovered by Lemur"
|
||||||
cert.sources.append(source)
|
cert.sources.append(source)
|
||||||
sync_update_destination(cert, source)
|
sync_update_destination(cert, source)
|
||||||
database.update(cert)
|
database.update(cert)
|
||||||
|
|
|
@ -34,16 +34,6 @@ angular.module('lemur')
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
PluginService.getByType('destination').then(function (plugins) {
|
|
||||||
$scope.plugins = plugins;
|
|
||||||
_.each($scope.plugins, function (plugin) {
|
|
||||||
if (plugin.slug === $scope.destination.pluginName) {
|
|
||||||
plugin.pluginOptions = $scope.destination.destinationOptions;
|
|
||||||
$scope.destination.plugin = plugin;
|
|
||||||
}
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
$scope.save = function (destination) {
|
$scope.save = function (destination) {
|
||||||
DestinationService.update(destination).then(function () {
|
DestinationService.update(destination).then(function () {
|
||||||
$modalInstance.close();
|
$modalInstance.close();
|
||||||
|
|
Loading…
Reference in New Issue