Misc fixed around certificate notifications

This commit is contained in:
kevgliss 2015-08-19 10:06:30 -07:00
parent 1883f3c0e7
commit 28e12a973f
3 changed files with 25 additions and 23 deletions

View File

@ -59,6 +59,10 @@ def _deduplicate(messages):
for m, r, o in roll_ups: for m, r, o in roll_ups:
if r == targets: if r == targets:
for cert in m:
if cert['body'] == data['body']:
break
else:
m.append(data) m.append(data)
current_app.logger.info( current_app.logger.info(
"Sending expiration alert about {0} to {1}".format( "Sending expiration alert about {0} to {1}".format(
@ -66,6 +70,7 @@ def _deduplicate(messages):
break break
else: else:
roll_ups.append(([data], targets, options)) roll_ups.append(([data], targets, options))
return roll_ups return roll_ups

View File

@ -53,12 +53,12 @@ class EmailNotificationPlugin(ExpirationNotificationPlugin):
# jinja template depending on type # jinja template depending on type
template = env.get_template('{}.html'.format(event_type)) template = env.get_template('{}.html'.format(event_type))
body = template.render(**kwargs) body = template.render(dict(messages=message, hostname=current_app.config.get('LEMUR_HOSTNAME')))
s_type = current_app.config.get("LEMUR_EMAIL_SENDER", 'ses').lower() s_type = current_app.config.get("LEMUR_EMAIL_SENDER", 'ses').lower()
if s_type == 'ses': if s_type == 'ses':
conn = boto.connect_ses() conn = boto.connect_ses()
conn.send_email(current_app.config.get("LEMUR_EMAIL"), subject, body, ['kglisson@netflix.com'], format='html') conn.send_email(current_app.config.get("LEMUR_EMAIL"), subject, body, targets, format='html')
elif s_type == 'smtp': elif s_type == 'smtp':
msg = Message(subject, recipients=targets) msg = Message(subject, recipients=targets)

View File

@ -52,8 +52,13 @@
<span style="color: #29abe0">Notice: Your SSL certificates are expiring!</span> <span style="color: #29abe0">Notice: Your SSL certificates are expiring!</span>
<hr /> <hr />
</div> </div>
<p>
Lemur, Netflix's SSL management portal has noticed that the following certificates are expiring soon, if you rely on these certificates Lemur, Netflix's SSL management portal has noticed that the following certificates are expiring soon, if you rely on these certificates
you should create new certificates to replace the certificates that are expiring. Visit https://lemur.netflix.com/#/certificates/create to reissue them. you should create new certificates to replace the certificates that are expiring.
</p>
<p>
Visit https://{{ hostname }}/#/certificates/create to reissue them.
</p>
</td> </td>
</tr> </tr>
{% for message in messages %} {% for message in messages %}
@ -78,6 +83,12 @@
<tr> <tr>
<td>{{ message.creator }}</td> <td>{{ message.creator }}</td>
</tr> </tr>
<tr>
<td><strong>Description</strong></td>
</tr>
<tr>
<td>{{ message.description }}</td>
</tr>
<tr> <tr>
<td><strong>Not Before</strong></td> <td><strong>Not Before</strong></td>
</tr> </tr>
@ -104,20 +115,6 @@
<td>Unknown</td> <td>Unknown</td>
</tr> </tr>
{% endif %} {% endif %}
<tr>
<td><strong>Associated ELBs</strong></td>
</tr>
{% if message.listeners %}
{% for name in message.listeners %}
<tr>
<td>{{ name }}</td>
</tr>
{% endfor %}
{% else %}
<tr>
<td>None</td>
</tr>
{% endif %}
<tr> <tr>
<td><strong>Potentially Superseded by</strong> (Lemur's best guess)</td> <td><strong>Potentially Superseded by</strong> (Lemur's best guess)</td>
</tr> </tr>
@ -139,7 +136,7 @@
</tr> </tr>
<tr> <tr>
<td style="padding-top: 0px" align="center" valign="top"> <td style="padding-top: 0px" align="center" valign="top">
<em style="font-style:italic; font-size: 12px; color: #aaa;">Lemur is broken regularly by <a style="color: #29abe0; text-decoration: none;" href="mailto:secops@netflix.com">Security Operations</a></em> <em style="font-style:italic; font-size: 12px; color: #aaa;">Lemur is broken regularly by Netflix</em>
</td> </td>
</tr> </tr>
</table> </table>