From 19d90b8f1cb582d9867db6e24604f17ada0380fc Mon Sep 17 00:00:00 2001 From: Jasmine Schladen Date: Wed, 3 Feb 2021 17:08:25 -0800 Subject: [PATCH] Add issuer and ID fields to SNS notification format --- lemur/certificates/schemas.py | 1 + lemur/plugins/lemur_aws/sns.py | 2 + lemur/plugins/lemur_aws/tests/test_sns.py | 2 + .../lemur_email/templates/revocation.html | 163 ++++++++++++++++++ lemur/tests/factories.py | 1 + 5 files changed, 169 insertions(+) create mode 100644 lemur/plugins/lemur_email/templates/revocation.html diff --git a/lemur/certificates/schemas.py b/lemur/certificates/schemas.py index d3ed1776..691e554d 100644 --- a/lemur/certificates/schemas.py +++ b/lemur/certificates/schemas.py @@ -441,6 +441,7 @@ class CertificateExportInputSchema(LemurInputSchema): class CertificateNotificationOutputSchema(LemurOutputSchema): + id = fields.Integer() description = fields.String() issuer = fields.String() name = fields.String() diff --git a/lemur/plugins/lemur_aws/sns.py b/lemur/plugins/lemur_aws/sns.py index 14109c11..fab45b82 100644 --- a/lemur/plugins/lemur_aws/sns.py +++ b/lemur/plugins/lemur_aws/sns.py @@ -50,6 +50,8 @@ def format_message(certificate, notification_type): json_message = { "notification_type": notification_type, "certificate_name": certificate["name"], + "issuer": certificate["issuer"], + "id": certificate["id"], "expires": arrow.get(certificate["validityEnd"]).format("YYYY-MM-DDTHH:mm:ss"), # 2047-12-31T22:00:00 "endpoints_detected": len(certificate["endpoints"]), "owner": certificate["owner"], diff --git a/lemur/plugins/lemur_aws/tests/test_sns.py b/lemur/plugins/lemur_aws/tests/test_sns.py index 59ef30f2..c8688194 100644 --- a/lemur/plugins/lemur_aws/tests/test_sns.py +++ b/lemur/plugins/lemur_aws/tests/test_sns.py @@ -21,6 +21,8 @@ def test_format(certificate, endpoint): "notification_type": "expiration", "certificate_name": certificate["name"], "expires": arrow.get(certificate["validityEnd"]).format("YYYY-MM-DDTHH:mm:ss"), + "issuer": certificate["issuer"], + "id": certificate["id"], "endpoints_detected": 0, "owner": certificate["owner"], "details": "https://lemur.example.com/#/certificates/{name}".format(name=certificate["name"]) diff --git a/lemur/plugins/lemur_email/templates/revocation.html b/lemur/plugins/lemur_email/templates/revocation.html new file mode 100644 index 00000000..58625786 --- /dev/null +++ b/lemur/plugins/lemur_email/templates/revocation.html @@ -0,0 +1,163 @@ + + + + + + + + Lemur + + +
+ + + + + + + + + + +
+ + + + + + + + + + + + + + + + + + + + +
+ + + + + + +
+ Lemur +
+
+ + + + + + + + + + + + + + +
+ Your certificate has been revoked! +
+
+ + + + + + + + + + + + +
+ + + + + + + + + + + + + + + + + + + + + +
+ Hi, +
This is a Lemur certificate revocation notice. +
+ + + + + + + + +
+ {{ message.certificates.name }} + +
{{ message.certificates.endpoints | length }} Endpoints +
{{ message.certificates.owner }} +
{{ message.certificates.validityEnd | time }} +
{{ message.certificates.status }} +
Details + +
+
+ If this revocation was unexpected, please reach out to {{ ", ".join(message.certificates.security_email) }}. +
+
Best,
Lemur +
+ + + + + + +
*All times are in UTC
+
+
+
+ + + + + + + + + +
You received this mandatory email announcement to update you about + important changes to your TLS certificate. +
+
© 2016 Lemur
+
+
+
+
diff --git a/lemur/tests/factories.py b/lemur/tests/factories.py index fea4c59a..dd655510 100644 --- a/lemur/tests/factories.py +++ b/lemur/tests/factories.py @@ -55,6 +55,7 @@ class RotationPolicyFactory(BaseFactory): class CertificateFactory(BaseFactory): """Certificate factory.""" + id = Sequence(lambda n: n) name = Sequence(lambda n: "certificate{0}".format(n)) chain = INTERMEDIATE_CERT_STR body = SAN_CERT_STR