Celery task to enable autorotate for all certificates attached to endpoints without it enabled

2020-04-28 11:52:43 -07:00
parent f71a9e0ad2
commit 273c3e2793
2 changed files with 46 additions and 3 deletions
--- a/lemur/common/celery.py
+++ b/lemur/common/celery.py
@ -17,8 +17,10 @@ from celery.signals import task_failure, task_received, task_revoked, task_succe
 from datetime import datetime, timezone, timedelta
 from flask import current_app

+from lemur import database
 from lemur.authorities.service import get as get_authority
 from lemur.certificates import cli as cli_certificate
+from lemur.certificates.service import get_all_certs_attached_to_endpoint_without_rotate
 from lemur.common.redis import RedisHandler
 from lemur.destinations import service as destinations_service
 from lemur.dns_providers import cli as cli_dns_providers
@ -812,3 +814,25 @@ def notify_expirations():

    metrics.send(f"{function}.success", "counter", 1)
    return log_data
+
+
+@celery.task(soft_time_limit=3600)
+def enable_autorotate_for_certs_attached_to_endpoint():
+    function = f"{__name__}.{sys._getframe().f_code.co_name}"
+    task_id = None
+    if celery.current_task:
+        task_id = celery.current_task.request.id
+
+    log_data = {
+        "function": function,
+        "task_id": task_id,
+    }
+
+    eligible_certs = get_all_certs_attached_to_endpoint_without_rotate()
+    for cert in eligible_certs:
+        log_data["certificate"] = cert.name
+        log_data["certificate_id"] = cert.id
+        log_data["message"] = "Enabling auto-rotate for certificate"
+        current_app.logger.info(log_data)
+        cert.rotation = True
+        database.update(cert)