dyn support
This commit is contained in:
@ -5,14 +5,12 @@
|
||||
.. moduleauthor:: Curtis Castrapel <ccastrapel@netflix.com>
|
||||
"""
|
||||
from flask_script import Manager
|
||||
from multiprocessing import Pool
|
||||
|
||||
from lemur.pending_certificates import service as pending_certificate_service
|
||||
from lemur.plugins.base import plugins
|
||||
from lemur.users import service as user_service
|
||||
|
||||
manager = Manager(usage="Handles pending certificate related tasks.")
|
||||
agents = 20
|
||||
|
||||
|
||||
# Need to call this multiple times and store status of the cert in DB. If it is being worked on by a worker, and which
|
||||
@ -55,31 +53,32 @@ def fetch(ids):
|
||||
)
|
||||
|
||||
|
||||
def fetch_all():
|
||||
@manager.command
|
||||
def fetch_all_acme():
|
||||
"""
|
||||
Attempt to get full certificates for each pending certificate listed.
|
||||
|
||||
Args:
|
||||
ids: a list of ids of PendingCertificates (passed in by manager options when run as CLI)
|
||||
`python manager.py pending_certs fetch -i 123 321 all`
|
||||
Attempt to get full certificates for each pending certificate listed for ACME.
|
||||
"""
|
||||
pending_certs = pending_certificate_service.get_pending_certs('all')
|
||||
user = user_service.get_by_username('lemur')
|
||||
new = 0
|
||||
failed = 0
|
||||
certs = authority.get_ordered_certificates(pending_certs)
|
||||
for cert in certs:
|
||||
authority = plugins.get(cert.authority.plugin_name)
|
||||
real_cert = authority.get_ordered_certificate(cert)
|
||||
authority = plugins.get("acme-issuer")
|
||||
resolved_certs = authority.get_ordered_certificates(pending_certs)
|
||||
|
||||
for cert in resolved_certs:
|
||||
real_cert = cert.get("cert")
|
||||
# It's necessary to reload the pending cert due to detached instance: http://sqlalche.me/e/bhk3
|
||||
pending_cert = pending_certificate_service.get(cert.get("pending_cert").id)
|
||||
|
||||
if real_cert:
|
||||
# If a real certificate was returned from issuer, then create it in Lemur and delete
|
||||
# the pending certificate
|
||||
pending_certificate_service.create_certificate(cert, real_cert, user)
|
||||
pending_certificate_service.delete(cert)
|
||||
pending_certificate_service.create_certificate(pending_cert, real_cert, user)
|
||||
pending_certificate_service.delete_by_id(pending_cert.id)
|
||||
# add metrics to metrics extension
|
||||
new += 1
|
||||
else:
|
||||
pending_certificate_service.increment_attempt(cert)
|
||||
pending_certificate_service.increment_attempt(pending_cert)
|
||||
failed += 1
|
||||
print(
|
||||
"[+] Certificates: New: {new} Failed: {failed}".format(
|
||||
|
@ -59,6 +59,10 @@ def delete(pending_certificate):
|
||||
database.delete(pending_certificate)
|
||||
|
||||
|
||||
def delete_by_id(id):
|
||||
database.delete(get(id))
|
||||
|
||||
|
||||
def get_pending_certs(pending_ids):
|
||||
"""
|
||||
Retrieve a list of pending certs given a list of ids
|
||||
|
Reference in New Issue
Block a user