Orphaned certificates (#406)

* Fixing whitespace.

* Fixing syncing.

* Fixing tests

lemur/plugins/bases/source.py

@@ -25,6 +25,12 @@ class SourcePlugin(Plugin):
     def get_certificates(self):
         raise NotImplemented
 
+    def get_endpoints(self):
+        raise NotImplemented
+
+    def clean(self):
+        raise NotImplemented
+
     @property
     def options(self):
         return list(self.default_options) + self.additional_options

lemur/plugins/lemur_aws/iam.py

@@ -33,15 +33,15 @@ def upload_cert(account_number, name, body, private_key, cert_chain=None):
                                                                     cert_chain=str(cert_chain))
 
 
-def delete_cert(account_number, cert):
+def delete_cert(account_number, cert_name):
     """
     Delete a certificate from AWS
 
     :param account_number:
-    :param cert:
+    :param cert_name:
     :return:
     """
-    return assume_service(account_number, 'iam').delete_server_cert(cert.name)
+    return assume_service(account_number, 'iam').delete_server_cert(cert_name)
 
 
 def get_all_server_certs(account_number):

lemur/plugins/lemur_aws/plugin.py

@@ -155,6 +155,22 @@ class AWSSourcePlugin(SourcePlugin):
 
         return endpoints
 
+    def clean(self, options, **kwargs):
+        account_number = self.get_option('accountNumber', options)
+        certificates = self.get_certificates(options)
+        endpoints = self.get_endpoints(options)
+
+        orphaned = []
+        for certificate in certificates:
+            for endpoint in endpoints:
+                if certificate['name'] == endpoint['certificate_name']:
+                    break
+            else:
+                orphaned.append(certificate['name'])
+                iam.delete_cert(account_number, certificate)
+
+        return orphaned
+
 
 def format_elb_cipher_policy(policy):
     """