From f61098b87412bc4693b4916f1cd4f577750da404 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Tue, 10 Apr 2018 14:28:53 -0700
Subject: [PATCH 01/22] WIP: Add support for Acme/LetsEncrypt with DNS Provider
 integration

---
 lemur/authorities/models.py                   |  1 +
 lemur/authorities/service.py                  |  5 ++
 lemur/certificates/models.py                  |  1 +
 lemur/models.py                               | 17 +++++-
 lemur/plugins/lemur_acme/plugin.py            | 48 +++++++++++++++--
 .../authorities/authority/authority.js        |  1 +
 .../authorities/authority/options.tpl.html    | 52 ++++++++++++++++++-
 .../certificate/tracking.tpl.html             |  2 +-
 .../destinations/destination/destination.js   |  6 ++-
 9 files changed, 124 insertions(+), 9 deletions(-)

diff --git a/lemur/authorities/models.py b/lemur/authorities/models.py
index 45744144..9a7521a9 100644
--- a/lemur/authorities/models.py
+++ b/lemur/authorities/models.py
@@ -42,6 +42,7 @@ class Authority(db.Model):
         self.description = kwargs.get('description')
         self.authority_certificate = kwargs['authority_certificate']
         self.plugin_name = kwargs['plugin']['slug']
+        self.options = kwargs.get('options')
 
     @property
     def plugin(self):
diff --git a/lemur/authorities/service.py b/lemur/authorities/service.py
index 0b475e0b..8c80757d 100644
--- a/lemur/authorities/service.py
+++ b/lemur/authorities/service.py
@@ -8,6 +8,9 @@
 .. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
 
 """
+
+import json
+
 from lemur import database
 from lemur.common.utils import truthiness
 from lemur.extensions import metrics
@@ -107,6 +110,8 @@ def create(**kwargs):
 
     cert = upload(**kwargs)
     kwargs['authority_certificate'] = cert
+    if kwargs.get('plugin', {}).get('plugin_options', []):
+        kwargs['options'] = json.dumps(kwargs.get('plugin', {}).get('plugin_options', []))
 
     authority = Authority(**kwargs)
     authority = database.create(authority)
diff --git a/lemur/certificates/models.py b/lemur/certificates/models.py
index a9bb60cc..d8354d94 100644
--- a/lemur/certificates/models.py
+++ b/lemur/certificates/models.py
@@ -102,6 +102,7 @@ class Certificate(db.Model):
     serial = Column(String(128))
     cn = Column(String(128))
     deleted = Column(Boolean, index=True)
+    dns_provider = Column(Integer(), nullable=True)
 
     not_before = Column(ArrowType)
     not_after = Column(ArrowType)
diff --git a/lemur/models.py b/lemur/models.py
index 02c64dbe..3a9cf121 100644
--- a/lemur/models.py
+++ b/lemur/models.py
@@ -8,7 +8,9 @@
     :license: Apache, see LICENSE for more details.
 .. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
 """
-from sqlalchemy import Column, Integer, ForeignKey, Index, UniqueConstraint
+from sqlalchemy import Column, Integer, ForeignKey, Index, PrimaryKeyConstraint, String, text, UniqueConstraint
+from sqlalchemy.dialects.postgresql import JSON
+from sqlalchemy_utils import ArrowType
 
 from lemur.database import db
 
@@ -130,3 +132,16 @@ pending_cert_role_associations = db.Table('pending_cert_role_associations',
                                          )
 
 Index('pending_cert_role_associations_ix', pending_cert_role_associations.c.pending_cert_id, pending_cert_role_associations.c.role_id)
+
+dns_providers = db.Table('dns_providers',
+                         Column('id', Integer(), nullable=False),
+                         Column('name', String(length=256), nullable=True),
+                         Column('description', String(length=1024), nullable=True),
+                         Column('provider_type', String(length=256), nullable=True),
+                         Column('credentials', String(length=256), nullable=True),
+                         Column('api_endpoint', String(length=256), nullable=True),
+                         Column('date_created', ArrowType(), server_default=text('now()'), nullable=False),
+                         Column('status', String(length=128), nullable=True),
+                         Column('options', JSON),
+                         PrimaryKeyConstraint('id'),
+                         UniqueConstraint('name'))
diff --git a/lemur/plugins/lemur_acme/plugin.py b/lemur/plugins/lemur_acme/plugin.py
index 5bdb5514..e5fd1730 100644
--- a/lemur/plugins/lemur_acme/plugin.py
+++ b/lemur/plugins/lemur_acme/plugin.py
@@ -11,6 +11,7 @@
 .. moduleauthor:: Mikhail Khodorovskiy <mikhail.khodorovskiy@jivesoftware.com>
 """
 import josepy as jose
+import json
 
 from flask import current_app
 
@@ -105,8 +106,9 @@ def request_certificate(acme_client, authorizations, csr):
     return pem_certificate, pem_certificate_chain
 
 
-def setup_acme_client():
-    email = current_app.config.get('ACME_EMAIL')
+def setup_acme_client(authority):
+    options = json.loads(authority.get('options', '[]'))
+    email = options.getcurrent_app.config.get('ACME_EMAIL')
     tel = current_app.config.get('ACME_TEL')
     directory_url = current_app.config.get('ACME_DIRECTORY_URL')
     contact = ('mailto:{}'.format(email), 'tel:{}'.format(tel))
@@ -174,6 +176,36 @@ class ACMEIssuerPlugin(IssuerPlugin):
     author = 'Kevin Glisson'
     author_url = 'https://github.com/netflix/lemur.git'
 
+    options = [
+        {
+            'name': 'acme_url',
+            'type': 'str',
+            'required': True,
+            'validation': '/^http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+$/',
+            'helpMessage': 'Must be a valid web url starting with http[s]://',
+        },
+        {
+            'name': 'telephone',
+            'type': 'str',
+            'default': '',
+            'helpMessage': 'Telephone to use'
+        },
+        {
+            'name': 'email',
+            'type': 'str',
+            'default': '',
+            'validation': '/^?([-a-zA-Z0-9.`?{}]+@\w+\.\w+)$/',
+            'helpMessage': 'Email to use'
+        },
+        {
+            'name': 'certificate',
+            'type': 'textarea',
+            'default': '',
+            'validation': '/^-----BEGIN CERTIFICATE-----/',
+            'helpMessage': 'Certificate to use'
+        },
+    ]
+
     def __init__(self, *args, **kwargs):
         required_vars = [
             'ACME_DIRECTORY_URL',
@@ -198,7 +230,8 @@ class ACMEIssuerPlugin(IssuerPlugin):
         :return: :raise Exception:
         """
         current_app.logger.debug("Requesting a new acme certificate: {0}".format(issuer_options))
-        acme_client, registration = setup_acme_client()
+        acme_client, registration = setup_acme_client(issuer_options.get(issuer_options.get('authority')))
+        # Deal with account number per certificate
         account_number = current_app.config.get('ACME_AWS_ACCOUNT_NUMBER')
         domains = get_domains(issuer_options)
         authorizations = get_authorizations(acme_client, account_number, domains, self.dns_provider)
@@ -216,4 +249,11 @@ class ACMEIssuerPlugin(IssuerPlugin):
         :return:
         """
         role = {'username': '', 'password': '', 'name': 'acme'}
-        return current_app.config.get('ACME_ROOT'), "", [role]
+        plugin_options = options.get('plugin').get('plugin_options')
+        # Define static acme_root based off configuration variable by default. However, if user has passed a
+        # certificate, use this certificate as the root.
+        acme_root = current_app.config.get('ACME_ROOT')
+        for option in plugin_options:
+            if option.get('name') == 'certificate':
+                acme_root = option.get('value')
+        return acme_root, "", [role]
diff --git a/lemur/static/app/angular/authorities/authority/authority.js b/lemur/static/app/angular/authorities/authority/authority.js
index 9863bf4d..223d8fc6 100644
--- a/lemur/static/app/angular/authorities/authority/authority.js
+++ b/lemur/static/app/angular/authorities/authority/authority.js
@@ -51,6 +51,7 @@ angular.module('lemur')
           }
       });
     });
+    console.log("HERE2")
 
     $scope.getAuthoritiesByName = function (value) {
       return AuthorityService.findAuthorityByName(value).then(function (authorities) {
diff --git a/lemur/static/app/angular/authorities/authority/options.tpl.html b/lemur/static/app/angular/authorities/authority/options.tpl.html
index 57fc29e6..be4b27cc 100644
--- a/lemur/static/app/angular/authorities/authority/options.tpl.html
+++ b/lemur/static/app/angular/authorities/authority/options.tpl.html
@@ -51,8 +51,58 @@
     <label class="control-label col-sm-2">
       Plugin
     </label>
-    <div class="col-sm-10">
+    <div class="form-group col-sm-10">
       <select class="form-control" ng-model="authority.plugin" ng-options="plugin as plugin.title for plugin in plugins" required></select>
     </div>
+      <div class="form-group" ng-repeat="item in authority.plugin.pluginOptions">
+      <ng-form name="subForm" class="form-horizontal" role="form" novalidate>
+        <div ng-class="{'has-error': subForm.sub.$invalid, 'has-success': !subForm.sub.$invalid&&subForm.sub.$dirty}">
+          <label class="control-label col-sm-2">
+            {{ item.name | titleCase }}
+          </label>
+          <div class="col-sm-10">
+            <input name="sub" ng-if="item.type == 'int'" type="number" ng-pattern="item.validation?item.validation:'^[0-9]+$'"
+                   class="form-control" ng-model="item.value"/>
+            <select name="sub" ng-if="item.type == 'select'" class="form-control" ng-options="i for i in item.available"
+                    ng-model="item.value"></select>
+            <input name="sub" ng-if="item.type == 'bool'" class="form-control" type="checkbox" ng-model="item.value">
+            <input name="sub" ng-if="item.type == 'str'" type="text" class="form-control" ng-model="item.value"/>
+              <textarea name="sub" ng-if="item.type == 'textarea'" class="form-control" ng-model="item.value"></textarea>
+            <div ng-if="item.type == 'export-plugin'">
+              <form name="exportForm" class="form-horizontal" role="form" novalidate>
+                <select class="form-control" ng-model="item.value"
+                        ng-options="plugin.title for plugin in exportPlugins" required></select>
+                <div class="col-sm-10">
+                  <div class="form-group" ng-repeat="item in item.value.pluginOptions">
+                    <ng-form name="subForm" class="form-horizontal" role="form" novalidate>
+                        ng-class="{'has-error': subForm.sub.$invalid, 'has-success': !subForm.sub.$invalid&&subForm.sub.$dirty}">
+                        <label class="control-label col-sm-2">
+                          {{ item.name | titleCase }}
+                        </label>
+                        <div class="col-sm-10">
+                          <input name="sub" ng-if="item.type == 'int'" type="number" ng-pattern="item.validation?item.validation:'^[0-9]+$'"
+                                 class="form-control" ng-model="item.value"/>
+                          <select name="sub" ng-if="item.type == 'select'" class="form-control"
+                                  ng-options="i for i in item.available" ng-model="item.value"></select>
+                          <input name="sub" ng-if="item.type == 'bool'" class="form-control" type="checkbox"
+                                 ng-model="item.value">
+                          <input name="sub" ng-if="item.type == 'str'" type="text" class="form-control"
+                                 ng-model="item.value" ng-pattern="item.validation"/>
+                          <textarea name="sub" ng-if="item.type == 'textarea'" class="form-control"
+                                 ng-model="item.value" ng-pattern="item.validation"></textarea>
+                          <p ng-show="subForm.sub.$invalid && !subForm.sub.$pristine"
+                             class="help-block">{{ item.helpMessage }}</p>
+                        </div>
+                      </div>
+                    </ng-form>
+                  </div>
+                </div>
+              </form>
+            </div>
+            <p ng-show="subForm.sub.$invalid && !subForm.sub.$pristine" class="help-block">{{ item.helpMessage }}</p>
+          </div>
+        </div>
+      </ng-form>
+    </div>
   </div>
 </div>
diff --git a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
index 21277106..fa8425ad 100644
--- a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
@@ -1,4 +1,4 @@
-<form name="trackingForm" novalidate>
+static/app/angular/certificates/certificate/tracking.tpl.html<form name="trackingForm" novalidate>
   <div class="form-horizontal">
     <div class="form-group"
          ng-class="{'has-error': trackingForm.ownerEmail.$invalid, 'has-success': !trackingForm.$invalid&&trackingForm.ownerEmail.$dirty}">
diff --git a/lemur/static/app/angular/destinations/destination/destination.js b/lemur/static/app/angular/destinations/destination/destination.js
index 21f624c8..03533949 100644
--- a/lemur/static/app/angular/destinations/destination/destination.js
+++ b/lemur/static/app/angular/destinations/destination/destination.js
@@ -44,20 +44,22 @@ angular.module('lemur')
 
     DestinationApi.get(editId).then(function (destination) {
       $scope.destination = destination;
-
+      console.log("HERE1");
       PluginService.getByType('destination').then(function (plugins) {
         $scope.plugins = plugins;
-
         _.each($scope.plugins, function (plugin) {
+          console.log("HERE2");
           if (plugin.slug === $scope.destination.plugin.slug) {
             plugin.pluginOptions = $scope.destination.plugin.pluginOptions;
             $scope.destination.plugin = plugin;
             _.each($scope.destination.plugin.pluginOptions, function (option) {
+              console.log("HERE3");
               if (option.type === 'export-plugin') {
                 PluginService.getByType('export').then(function (plugins) {
                   $scope.exportPlugins = plugins;
 
                   _.each($scope.exportPlugins, function (plugin) {
+                    console.log("HERE4");
                     if (plugin.slug === option.value.slug) {
                       plugin.pluginOptions = option.value.pluginOptions;
                       option.value = plugin;

From 5beb319b2785866d6b84a111d559e041891483d8 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Tue, 10 Apr 2018 16:04:07 -0700
Subject: [PATCH 02/22] more stuff

---
 lemur/__init__.py                             |  2 +
 lemur/dns_providers/models.py                 | 20 ++++++
 lemur/dns_providers/service.py                | 10 +++
 lemur/dns_providers/views.py                  | 72 +++++++++++++++++++
 lemur/migrations/versions/3adfdd6598df_.py    | 39 ++++++++++
 lemur/migrations/versions/4e78b9e4e1dd_.py    | 22 ++++++
 lemur/models.py                               | 13 ----
 .../certificates/certificate/options.tpl.html |  9 +++
 8 files changed, 174 insertions(+), 13 deletions(-)
 create mode 100644 lemur/dns_providers/models.py
 create mode 100644 lemur/dns_providers/service.py
 create mode 100644 lemur/dns_providers/views.py
 create mode 100644 lemur/migrations/versions/3adfdd6598df_.py
 create mode 100644 lemur/migrations/versions/4e78b9e4e1dd_.py

diff --git a/lemur/__init__.py b/lemur/__init__.py
index 6f29733c..402bde71 100644
--- a/lemur/__init__.py
+++ b/lemur/__init__.py
@@ -28,6 +28,7 @@ from lemur.endpoints.views import mod as endpoints_bp
 from lemur.logs.views import mod as logs_bp
 from lemur.api_keys.views import mod as api_key_bp
 from lemur.pending_certificates.views import mod as pending_certificates_bp
+from lemur.dns_providers.views import mod as dns_providers_bp
 
 from lemur.__about__ import (
     __author__, __copyright__, __email__, __license__, __summary__, __title__,
@@ -56,6 +57,7 @@ LEMUR_BLUEPRINTS = (
     logs_bp,
     api_key_bp,
     pending_certificates_bp,
+    dns_providers_bp,
 )
 
 
diff --git a/lemur/dns_providers/models.py b/lemur/dns_providers/models.py
new file mode 100644
index 00000000..809c5247
--- /dev/null
+++ b/lemur/dns_providers/models.py
@@ -0,0 +1,20 @@
+from sqlalchemy import Column, Integer, PrimaryKeyConstraint, String, text, UniqueConstraint
+from sqlalchemy.dialects.postgresql import JSON
+from sqlalchemy_utils import ArrowType
+
+from lemur.database import db
+
+
+class DnsProviders(db.Model):
+    db.Table('dns_providers',
+             Column('id', Integer(), nullable=False),
+             Column('name', String(length=256), nullable=True),
+             Column('description', String(length=1024), nullable=True),
+             Column('provider_type', String(length=256), nullable=True),
+             Column('credentials', String(length=256), nullable=True),
+             Column('api_endpoint', String(length=256), nullable=True),
+             Column('date_created', ArrowType(), server_default=text('now()'), nullable=False),
+             Column('status', String(length=128), nullable=True),
+             Column('options', JSON),
+             PrimaryKeyConstraint('id'),
+             UniqueConstraint('name'))
\ No newline at end of file
diff --git a/lemur/dns_providers/service.py b/lemur/dns_providers/service.py
new file mode 100644
index 00000000..3a376040
--- /dev/null
+++ b/lemur/dns_providers/service.py
@@ -0,0 +1,10 @@
+from lemur.dns_providers.models import DnsProviders
+
+
+def get_all_dns_providers(status="active"):
+    """
+    Retrieves all certificates within Lemur.
+
+    :return:
+    """
+    return DnsProviders.query.all(status=status)
\ No newline at end of file
diff --git a/lemur/dns_providers/views.py b/lemur/dns_providers/views.py
new file mode 100644
index 00000000..faa76aac
--- /dev/null
+++ b/lemur/dns_providers/views.py
@@ -0,0 +1,72 @@
+"""
+.. module: lemur.dns)providers.views
+    :platform: Unix
+    :copyright: (c) 2015 by Netflix Inc., see AUTHORS for more
+    :license: Apache, see LICENSE for more details.
+.. moduleauthor:: Curtis Castrapel <ccastrapel@netflix.com>
+"""
+from flask import Blueprint
+from flask_restful import reqparse, Api
+
+
+from lemur.auth.service import AuthenticatedResource
+
+from lemur.dns_providers import service
+
+mod = Blueprint('dns_providers', __name__)
+api = Api(mod)
+
+
+class DnsProvidersList(AuthenticatedResource):
+    """ Defines the 'dns_providers' endpoint """
+    def __init__(self):
+        self.reqparse = reqparse.RequestParser()
+        super(DnsProvidersList, self).__init__()
+
+    def get(self):
+        """
+        .. http:get:: /dns_providers
+
+           The current list of DNS Providers
+
+           **Example request**:
+
+           .. sourcecode:: http
+
+              GET /dns_providers HTTP/1.1
+              Host: example.com
+              Accept: application/json, text/javascript
+
+           **Example response**:
+
+           .. sourcecode:: http
+
+              HTTP/1.1 200 OK
+              Vary: Accept
+              Content-Type: text/javascript
+
+              {
+                "items": [{
+                    "id": 1,
+                    "name": "test",
+                    "description": "test",
+                    "provider_type": "dyn",
+                    "status": "active",
+                }],
+                "total": 1
+              }
+
+           :query sortBy: field to sort on
+           :query sortDir: asc or desc
+           :query page: int. default is 1
+           :query filter: key value pair format is k;v
+           :query count: count number. default is 10
+           :reqheader Authorization: OAuth token to authenticate
+           :statuscode 200: no error
+           :statuscode 403: unauthenticated
+
+        """
+        return service.get_all_dns_providers()
+
+
+api.add_resource(DnsProvidersList, '/dns_providers', endpoint='dns_providers')
diff --git a/lemur/migrations/versions/3adfdd6598df_.py b/lemur/migrations/versions/3adfdd6598df_.py
new file mode 100644
index 00000000..07918a0f
--- /dev/null
+++ b/lemur/migrations/versions/3adfdd6598df_.py
@@ -0,0 +1,39 @@
+"""Create dns_providers table
+
+Revision ID: 3adfdd6598df
+Revises: 556ceb3e3c3e
+Create Date: 2018-04-10 13:25:47.007556
+
+"""
+
+# revision identifiers, used by Alembic.
+revision = '3adfdd6598df'
+down_revision = '556ceb3e3c3e'
+
+from alembic import op
+import sqlalchemy as sa
+from sqlalchemy.dialects.postgresql import JSON
+
+from sqlalchemy_utils import ArrowType
+
+
+def upgrade():
+    # create provider table
+    op.create_table(
+        'dns_providers',
+        sa.Column('id', sa.Integer(), nullable=False),
+        sa.Column('name', sa.String(length=256), nullable=True),
+        sa.Column('description', sa.String(length=1024), nullable=True),
+        sa.Column('provider_type', sa.String(length=256), nullable=True),
+        sa.Column('credentials', sa.String(length=256), nullable=True),
+        sa.Column('api_endpoint', sa.String(length=256), nullable=True),
+        sa.Column('date_created', ArrowType(), server_default=sa.text('now()'), nullable=False),
+        sa.Column('status', sa.String(length=128), nullable=True),
+        sa.Column('options', JSON),
+        sa.PrimaryKeyConstraint('id'),
+        sa.UniqueConstraint('name')
+    )
+
+
+def downgrade():
+    op.drop_table('dns_providers')
diff --git a/lemur/migrations/versions/4e78b9e4e1dd_.py b/lemur/migrations/versions/4e78b9e4e1dd_.py
new file mode 100644
index 00000000..bde8c5d4
--- /dev/null
+++ b/lemur/migrations/versions/4e78b9e4e1dd_.py
@@ -0,0 +1,22 @@
+"""Add dns_provider id column to certificates table
+
+Revision ID: 4e78b9e4e1dd
+Revises: 3adfdd6598df
+Create Date: 2018-04-10 14:00:30.701669
+
+"""
+
+# revision identifiers, used by Alembic.
+revision = '4e78b9e4e1dd'
+down_revision = '3adfdd6598df'
+
+from alembic import op
+import sqlalchemy as sa
+
+
+def upgrade():
+    op.add_column('certificates', sa.Column('dns_provider_id', sa.Integer(), nullable=True))
+
+
+def downgrade():
+    op.drop_column('certificates', 'dns_provider_id')
diff --git a/lemur/models.py b/lemur/models.py
index 3a9cf121..9f352bb9 100644
--- a/lemur/models.py
+++ b/lemur/models.py
@@ -132,16 +132,3 @@ pending_cert_role_associations = db.Table('pending_cert_role_associations',
                                          )
 
 Index('pending_cert_role_associations_ix', pending_cert_role_associations.c.pending_cert_id, pending_cert_role_associations.c.role_id)
-
-dns_providers = db.Table('dns_providers',
-                         Column('id', Integer(), nullable=False),
-                         Column('name', String(length=256), nullable=True),
-                         Column('description', String(length=1024), nullable=True),
-                         Column('provider_type', String(length=256), nullable=True),
-                         Column('credentials', String(length=256), nullable=True),
-                         Column('api_endpoint', String(length=256), nullable=True),
-                         Column('date_created', ArrowType(), server_default=text('now()'), nullable=False),
-                         Column('status', String(length=128), nullable=True),
-                         Column('options', JSON),
-                         PrimaryKeyConstraint('id'),
-                         UniqueConstraint('name'))
diff --git a/lemur/static/app/angular/certificates/certificate/options.tpl.html b/lemur/static/app/angular/certificates/certificate/options.tpl.html
index a52ee387..6f955ce2 100644
--- a/lemur/static/app/angular/certificates/certificate/options.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/options.tpl.html
@@ -231,6 +231,15 @@
             </label>
           </div>
         </div>
+       <!-- <div class="form-group">
+            <label class="control-label col-sm-2">
+              DNS Provider (Only needed for LetsEncrypt or ACME implementations)
+            </label>
+            <div class="col-sm-10">
+              <select class="form-control" ng-model="certificate.extensions.crlDistributionPoints.includeCrlDp"
+                      ng-options="item for item in ['yes', 'no', 'default']"></select>
+            </div> -->
+      </div>
       </div>
     </div>
     <div class="form-group">

From 5125990c4c5e2bd26e22b8970d8d8fb635189728 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Wed, 11 Apr 2018 07:48:04 -0700
Subject: [PATCH 03/22] clean up a bit

---
 lemur/dns_providers/service.py                              | 2 +-
 lemur/static/app/angular/authorities/authority/authority.js | 1 -
 .../app/angular/certificates/certificate/tracking.tpl.html  | 2 +-
 .../app/angular/destinations/destination/destination.js     | 6 ++----
 4 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/lemur/dns_providers/service.py b/lemur/dns_providers/service.py
index 3a376040..0ed27315 100644
--- a/lemur/dns_providers/service.py
+++ b/lemur/dns_providers/service.py
@@ -7,4 +7,4 @@ def get_all_dns_providers(status="active"):
 
     :return:
     """
-    return DnsProviders.query.all(status=status)
\ No newline at end of file
+    return DnsProviders.query.all(status=status)
diff --git a/lemur/static/app/angular/authorities/authority/authority.js b/lemur/static/app/angular/authorities/authority/authority.js
index 223d8fc6..9863bf4d 100644
--- a/lemur/static/app/angular/authorities/authority/authority.js
+++ b/lemur/static/app/angular/authorities/authority/authority.js
@@ -51,7 +51,6 @@ angular.module('lemur')
           }
       });
     });
-    console.log("HERE2")
 
     $scope.getAuthoritiesByName = function (value) {
       return AuthorityService.findAuthorityByName(value).then(function (authorities) {
diff --git a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
index fa8425ad..21277106 100644
--- a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
@@ -1,4 +1,4 @@
-static/app/angular/certificates/certificate/tracking.tpl.html<form name="trackingForm" novalidate>
+<form name="trackingForm" novalidate>
   <div class="form-horizontal">
     <div class="form-group"
          ng-class="{'has-error': trackingForm.ownerEmail.$invalid, 'has-success': !trackingForm.$invalid&&trackingForm.ownerEmail.$dirty}">
diff --git a/lemur/static/app/angular/destinations/destination/destination.js b/lemur/static/app/angular/destinations/destination/destination.js
index 03533949..f5210074 100644
--- a/lemur/static/app/angular/destinations/destination/destination.js
+++ b/lemur/static/app/angular/destinations/destination/destination.js
@@ -44,22 +44,20 @@ angular.module('lemur')
 
     DestinationApi.get(editId).then(function (destination) {
       $scope.destination = destination;
-      console.log("HERE1");
+
       PluginService.getByType('destination').then(function (plugins) {
         $scope.plugins = plugins;
         _.each($scope.plugins, function (plugin) {
-          console.log("HERE2");
+
           if (plugin.slug === $scope.destination.plugin.slug) {
             plugin.pluginOptions = $scope.destination.plugin.pluginOptions;
             $scope.destination.plugin = plugin;
             _.each($scope.destination.plugin.pluginOptions, function (option) {
-              console.log("HERE3");
               if (option.type === 'export-plugin') {
                 PluginService.getByType('export').then(function (plugins) {
                   $scope.exportPlugins = plugins;
 
                   _.each($scope.exportPlugins, function (plugin) {
-                    console.log("HERE4");
                     if (plugin.slug === option.value.slug) {
                       plugin.pluginOptions = option.value.pluginOptions;
                       option.value = plugin;

From f6fd2626180c476958dd10bd736ad4bf61189888 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Wed, 11 Apr 2018 15:56:00 -0700
Subject: [PATCH 04/22] DNS Providers list returned

---
 lemur/certificates/models.py                  |  2 +-
 lemur/defaults/schemas.py                     |  2 ++
 lemur/defaults/views.py                       |  8 +++++--
 lemur/dns_providers/models.py                 | 22 +++++++++----------
 lemur/dns_providers/schemas.py                | 20 +++++++++++++++++
 lemur/dns_providers/service.py                |  8 ++++++-
 .../certificates/certificate/options.tpl.html | 20 ++++++++++-------
 .../app/angular/certificates/services.js      |  1 +
 .../destinations/destination/destination.js   |  2 +-
 .../angular/pending_certificates/services.js  |  1 +
 10 files changed, 61 insertions(+), 25 deletions(-)
 create mode 100644 lemur/dns_providers/schemas.py

diff --git a/lemur/certificates/models.py b/lemur/certificates/models.py
index d8354d94..63d2ea7c 100644
--- a/lemur/certificates/models.py
+++ b/lemur/certificates/models.py
@@ -102,7 +102,7 @@ class Certificate(db.Model):
     serial = Column(String(128))
     cn = Column(String(128))
     deleted = Column(Boolean, index=True)
-    dns_provider = Column(Integer(), nullable=True)
+    dns_provider_id = Column(Integer(), nullable=True)
 
     not_before = Column(ArrowType)
     not_after = Column(ArrowType)
diff --git a/lemur/defaults/schemas.py b/lemur/defaults/schemas.py
index c03d6d85..58ba31af 100644
--- a/lemur/defaults/schemas.py
+++ b/lemur/defaults/schemas.py
@@ -8,6 +8,7 @@
 from marshmallow import fields
 from lemur.common.schema import LemurOutputSchema
 from lemur.authorities.schemas import AuthorityNestedOutputSchema
+from lemur.dns_providers.schemas import DnsProvidersNestedOutputSchema
 
 
 class DefaultOutputSchema(LemurOutputSchema):
@@ -18,6 +19,7 @@ class DefaultOutputSchema(LemurOutputSchema):
     organization = fields.String()
     organizational_unit = fields.String()
     issuer_plugin = fields.String()
+    dns_providers = fields.List(fields.Nested(DnsProvidersNestedOutputSchema))
 
 
 default_output_schema = DefaultOutputSchema()
diff --git a/lemur/defaults/views.py b/lemur/defaults/views.py
index db849011..7ba38fa0 100644
--- a/lemur/defaults/views.py
+++ b/lemur/defaults/views.py
@@ -9,6 +9,7 @@ from flask_restful import Api
 from lemur.common.schema import validate_schema
 from lemur.authorities.service import get_by_name
 from lemur.auth.service import AuthenticatedResource
+from lemur.dns_providers.service import get_all_dns_providers
 
 from lemur.defaults.schemas import default_output_schema
 
@@ -50,7 +51,8 @@ class LemurDefaults(AuthenticatedResource):
                  "state": "CA",
                  "location": "Los Gatos",
                  "organization": "Netflix",
-                 "organizationalUnit": "Operations"
+                 "organizationalUnit": "Operations",
+                 "dnsProviders": [{"name": "test", ...}, {...}],
               }
 
            :reqheader Authorization: OAuth token to authenticate
@@ -59,6 +61,7 @@ class LemurDefaults(AuthenticatedResource):
         """
 
         default_authority = get_by_name(current_app.config.get('LEMUR_DEFAULT_AUTHORITY'))
+        dns_providers = get_all_dns_providers()
 
         return dict(
             country=current_app.config.get('LEMUR_DEFAULT_COUNTRY'),
@@ -67,7 +70,8 @@ class LemurDefaults(AuthenticatedResource):
             organization=current_app.config.get('LEMUR_DEFAULT_ORGANIZATION'),
             organizational_unit=current_app.config.get('LEMUR_DEFAULT_ORGANIZATIONAL_UNIT'),
             issuer_plugin=current_app.config.get('LEMUR_DEFAULT_ISSUER_PLUGIN'),
-            authority=default_authority
+            authority=default_authority,
+            dns_providers=dns_providers,
         )
 
 
diff --git a/lemur/dns_providers/models.py b/lemur/dns_providers/models.py
index 809c5247..f43aac0b 100644
--- a/lemur/dns_providers/models.py
+++ b/lemur/dns_providers/models.py
@@ -6,15 +6,13 @@ from lemur.database import db
 
 
 class DnsProviders(db.Model):
-    db.Table('dns_providers',
-             Column('id', Integer(), nullable=False),
-             Column('name', String(length=256), nullable=True),
-             Column('description', String(length=1024), nullable=True),
-             Column('provider_type', String(length=256), nullable=True),
-             Column('credentials', String(length=256), nullable=True),
-             Column('api_endpoint', String(length=256), nullable=True),
-             Column('date_created', ArrowType(), server_default=text('now()'), nullable=False),
-             Column('status', String(length=128), nullable=True),
-             Column('options', JSON),
-             PrimaryKeyConstraint('id'),
-             UniqueConstraint('name'))
\ No newline at end of file
+    __tablename__ = 'dns_providers'
+    id = Column(Integer(), primary_key=True)
+    name = Column(String(length=256), unique=True, nullable=True)
+    description = Column(String(length=1024), nullable=True)
+    provider_type = Column(String(length=256), nullable=True)
+    credentials = Column(String(length=256), nullable=True)
+    api_endpoint = Column(String(length=256), nullable=True)
+    date_created = Column(ArrowType(), server_default=text('now()'), nullable=False)
+    status = Column(String(length=128), nullable=True)
+    options = Column(JSON)
diff --git a/lemur/dns_providers/schemas.py b/lemur/dns_providers/schemas.py
new file mode 100644
index 00000000..bae9570c
--- /dev/null
+++ b/lemur/dns_providers/schemas.py
@@ -0,0 +1,20 @@
+from lemur.common.fields import ArrowDateTime
+from lemur.common.schema import LemurOutputSchema
+
+from marshmallow import fields
+
+
+class DnsProvidersNestedOutputSchema(LemurOutputSchema):
+    __envelope__ = False
+    id = fields.Integer()
+    name = fields.String()
+    description = fields.String()
+    provider_type = fields.String()
+    credentials = fields.String()
+    api_endpoint = fields.String()
+    date_created = ArrowDateTime()
+    status = fields.String()
+    options = fields.String()
+
+
+default_output_schema = DnsProvidersNestedOutputSchema()
diff --git a/lemur/dns_providers/service.py b/lemur/dns_providers/service.py
index 0ed27315..fa752d09 100644
--- a/lemur/dns_providers/service.py
+++ b/lemur/dns_providers/service.py
@@ -7,4 +7,10 @@ def get_all_dns_providers(status="active"):
 
     :return:
     """
-    return DnsProviders.query.all(status=status)
+    all_dns_providers = DnsProviders.query.all()
+    dns_provider_result = []
+    for provider in all_dns_providers:
+        print(provider)
+        if provider.status == status:
+            dns_provider_result.append(provider.__dict__)
+    return dns_provider_result
diff --git a/lemur/static/app/angular/certificates/certificate/options.tpl.html b/lemur/static/app/angular/certificates/certificate/options.tpl.html
index 6f955ce2..6fa84984 100644
--- a/lemur/static/app/angular/certificates/certificate/options.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/options.tpl.html
@@ -231,14 +231,18 @@
             </label>
           </div>
         </div>
-       <!-- <div class="form-group">
-            <label class="control-label col-sm-2">
-              DNS Provider (Only needed for LetsEncrypt or ACME implementations)
-            </label>
-            <div class="col-sm-10">
-              <select class="form-control" ng-model="certificate.extensions.crlDistributionPoints.includeCrlDp"
-                      ng-options="item for item in ['yes', 'no', 'default']"></select>
-            </div> -->
+       <div class="col-sm-10">
+           <!-- two -->
+           <div class="form-group">
+        <label class="control-label col-sm-2">
+          DNS Provider
+        </label>
+        <div class="col-sm-10">
+          <select class="form-control" ng-model="selected" ng-options="item as item.name for item in dnsProviders"></select>
+        </div>
+      </div>
+
+      </div>
       </div>
       </div>
     </div>
diff --git a/lemur/static/app/angular/certificates/services.js b/lemur/static/app/angular/certificates/services.js
index 22c8d80b..e3bd5c64 100644
--- a/lemur/static/app/angular/certificates/services.js
+++ b/lemur/static/app/angular/certificates/services.js
@@ -243,6 +243,7 @@ angular.module('lemur')
             certificate.authority = defaults.authority;
           }
         }
+        certificate.dns_providers = defaults.dnsProviders;
       });
     };
 
diff --git a/lemur/static/app/angular/destinations/destination/destination.js b/lemur/static/app/angular/destinations/destination/destination.js
index f5210074..21f624c8 100644
--- a/lemur/static/app/angular/destinations/destination/destination.js
+++ b/lemur/static/app/angular/destinations/destination/destination.js
@@ -47,8 +47,8 @@ angular.module('lemur')
 
       PluginService.getByType('destination').then(function (plugins) {
         $scope.plugins = plugins;
-        _.each($scope.plugins, function (plugin) {
 
+        _.each($scope.plugins, function (plugin) {
           if (plugin.slug === $scope.destination.plugin.slug) {
             plugin.pluginOptions = $scope.destination.plugin.pluginOptions;
             $scope.destination.plugin = plugin;
diff --git a/lemur/static/app/angular/pending_certificates/services.js b/lemur/static/app/angular/pending_certificates/services.js
index 32b335ac..95637641 100644
--- a/lemur/static/app/angular/pending_certificates/services.js
+++ b/lemur/static/app/angular/pending_certificates/services.js
@@ -230,6 +230,7 @@ angular.module('lemur')
             certificate.authority = defaults.authority;
           }
         }
+        certificate.dns_providers = defaults.dnsProviders;
       });
     };
 

From 8ea2f5253a3f9ddb6595f4d6dccfb73f78bc898f Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Tue, 20 Mar 2018 15:43:25 -0700
Subject: [PATCH 05/22] unpin flask in requirements.in

---
 requirements.in  |  10 +-
 requirements.txt | 374 +++++++++++++++++++++++++++++++++++++++--------
 2 files changed, 316 insertions(+), 68 deletions(-)

diff --git a/requirements.in b/requirements.in
index 90a48170..152ed9c6 100644
--- a/requirements.in
+++ b/requirements.in
@@ -1,8 +1,8 @@
-acme
-alembic-autogenerate-enums
-arrow
-boto3
-cryptography
+Flask==0.12
+Flask-RESTful==0.3.6
+Flask-SQLAlchemy>2,<3
+Flask-Script==2.0.6
+Flask-Migrate==2.1.1
 Flask-Bcrypt==0.7.1
 Flask-Mail==0.9.1
 Flask-Migrate==2.1.1
diff --git a/requirements.txt b/requirements.txt
index 5e8ef031..a4d3b587 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -4,66 +4,314 @@
 #
 #    pip-compile --no-index --output-file requirements.txt requirements.in
 #
-acme==0.23.0
-alembic-autogenerate-enums==0.0.2
-alembic==0.9.9            # via flask-migrate
-aniso8601==3.0.0          # via flask-restful
-arrow==0.12.1
-asn1crypto==0.24.0        # via cryptography
-bcrypt==3.1.4             # via flask-bcrypt, paramiko
-blinker==1.4              # via flask-mail, flask-principal, raven
-boto3==1.7.4
-botocore==1.10.4          # via boto3, s3transfer
-cffi==1.11.5              # via bcrypt, cryptography, pynacl
-click==6.7                # via flask
-cryptography==2.2.2
-docutils==0.14            # via botocore
-flask-bcrypt==0.7.1
-flask-cors==3.0.3
-flask-mail==0.9.1
-flask-migrate==2.1.1
-flask-principal==0.4.0
-flask-restful==0.3.6
-flask-script==2.0.6
-flask-sqlalchemy==2.3.2
-flask==0.12
-future==0.16.0
-gunicorn==19.7.1
-idna==2.6                 # via cryptography
-inflection==0.3.1
-itsdangerous==0.24        # via flask
-jinja2==2.10
-jmespath==0.9.3           # via boto3, botocore
-josepy==1.0.1             # via acme
-lockfile==0.12.2
-mako==1.0.7               # via alembic
-markupsafe==1.0           # via jinja2, mako
-marshmallow-sqlalchemy==0.13.2
-marshmallow==2.15.0
-mock==2.0.0               # via acme
-ndg-httpsclient==0.4.4
-paramiko==2.4.1
-pbr==4.0.2                # via mock
-pem==17.1.0
-psycopg2==2.7.4
-pyasn1-modules==0.2.1     # via python-ldap
-pyasn1==0.4.2             # via ndg-httpsclient, paramiko, pyasn1-modules, python-ldap, requests
-pycparser==2.18           # via cffi
-pyjwt==1.6.1
-pynacl==1.2.1             # via paramiko
-pyopenssl==17.2.0
-pyrfc3339==1.0            # via acme
-python-dateutil==2.6.1    # via alembic, arrow, botocore
-python-editor==1.0.3      # via alembic
-python-ldap==3.0.0
-pytz==2018.4              # via acme, flask-restful, pyrfc3339
-raven[flask]==6.6.0
-requests[security]==2.11.1
-retrying==1.3.3
-s3transfer==0.1.13        # via boto3
-six==1.11.0
-sqlalchemy-utils==0.33.2
-sqlalchemy==1.2.6         # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
-tabulate==0.8.2
-werkzeug==0.14.1          # via flask
-xmltodict==0.11.0
+acme==0.20.0 \
+    --hash=sha256:45121aed6c8cc2f31896ac1083068dfdeb613f3edeff9576dc0d10632ea5a3d5 \
+    --hash=sha256:8b0cee192c0d76d6f4045bdb14b3cfd29d9720e0dad2046794a2a555f1eaccb7
+alembic-autogenerate-enums==0.0.2 \
+    --hash=sha256:adb49909c864a263f92bf7b99752d5c4b2f496617cccb5cfc689af9c72235ff9
+alembic==0.9.8 \
+    --hash=sha256:13b8611788acf0d7b617775db5c2ae26554a6d4263c590ef628d448fd05aef56 \
+    # via flask-migrate
+aniso8601==3.0.0 \
+    --hash=sha256:7cf068e7aec00edeb21879c2bbda048656c34d281e133a77425be03b352122d8 \
+    --hash=sha256:f7052eb342bf2000c6264a253acedb362513bf9270800be2bc8e3e229fe08b5a \
+    # via flask-restful
+arrow==0.12.0 \
+    --hash=sha256:a15ecfddf334316e3ac8695e48c15d1be0d6038603b33043930dcf0e675c86ee
+asn1crypto==0.24.0 \
+    --hash=sha256:2f1adbb7546ed199e3c90ef23ec95c5cf3585bac7d11fb7eb562a3fe89c64e87 \
+    --hash=sha256:9d5c20441baf0cb60a4ac34cc447c6c189024b6b4c6cd7877034f4965c464e49 \
+    # via cryptography
+bcrypt==3.1.4 \
+    --hash=sha256:01477981abf74e306e8ee31629a940a5e9138de000c6b0898f7f850461c4a0a5 \
+    --hash=sha256:054d6e0acaea429e6da3613fcd12d05ee29a531794d96f6ab959f29a39f33391 \
+    --hash=sha256:0872eeecdf9a429c1420158500eedb323a132bc5bf3339475151c52414729e70 \
+    --hash=sha256:09a3b8c258b815eadb611bad04ca15ec77d86aa9ce56070e1af0d5932f17642a \
+    --hash=sha256:0f317e4ffbdd15c3c0f8ab5fbd86aa9aabc7bea18b5cc5951b456fe39e9f738c \
+    --hash=sha256:2788c32673a2ad0062bea850ab73cffc0dba874db10d7a3682b6f2f280553f20 \
+    --hash=sha256:321d4d48be25b8d77594d8324c0585c80ae91ac214f62db9098734e5e7fb280f \
+    --hash=sha256:346d6f84ff0b493dbc90c6b77136df83e81f903f0b95525ee80e5e6d5e4eef84 \
+    --hash=sha256:34dd60b90b0f6de94a89e71fcd19913a30e83091c8468d0923a93a0cccbfbbff \
+    --hash=sha256:3b4c23300c4eded8895442c003ae9b14328ae69309ac5867e7530de8bdd7875d \
+    --hash=sha256:43d1960e7db14042319c46925892d5fa99b08ff21d57482e6f5328a1aca03588 \
+    --hash=sha256:49e96267cd9be55a349fd74f9852eb9ae2c427cd7f6455d0f1765d7332292832 \
+    --hash=sha256:67ed1a374c9155ec0840214ce804616de49c3df9c5bc66740687c1c9b1cd9e8d \
+    --hash=sha256:6efd9ca20aefbaf2e7e6817a2c6ed4a50ff6900fafdea1bcb1d0e9471743b144 \
+    --hash=sha256:8569844a5d8e1fdde4d7712a05ab2e6061343ac34af6e7e3d7935b2bd1907bfd \
+    --hash=sha256:8629ea6a8a59f865add1d6a87464c3c676e60101b8d16ef404d0a031424a8491 \
+    --hash=sha256:988cac675e25133d01a78f2286189c1f01974470817a33eaf4cfee573cfb72a5 \
+    --hash=sha256:9a6fedda73aba1568962f7543a1f586051c54febbc74e87769bad6a4b8587c39 \
+    --hash=sha256:9eced8962ce3b7124fe20fd358cf8c7470706437fa064b9874f849ad4c5866fc \
+    --hash=sha256:a005ed6163490988711ff732386b08effcbf8df62ae93dd1e5bda0714fad8afb \
+    --hash=sha256:ae35dbcb6b011af6c840893b32399252d81ff57d52c13e12422e16b5fea1d0fb \
+    --hash=sha256:b1e8491c6740f21b37cca77bc64677696a3fb9f32360794d57fa8477b7329eda \
+    --hash=sha256:c906bdb482162e9ef48eea9f8c0d967acceb5c84f2d25574c7d2a58d04861df1 \
+    --hash=sha256:cb18ffdc861dbb244f14be32c47ab69604d0aca415bee53485fcea4f8e93d5ef \
+    --hash=sha256:d86da365dda59010ba0d1ac45aa78390f56bf7f992e65f70b3b081d5e5257b09 \
+    --hash=sha256:e22f0997622e1ceec834fd25947dc2ee2962c2133ea693d61805bc867abaf7ea \
+    --hash=sha256:f2fe545d27a619a552396533cddf70d83cecd880a611cdfdbb87ca6aec52f66b \
+    --hash=sha256:f7fd3ed3745fe6e81e28dc3b3d76cce31525a91f32a387e1febd6b982caf8cdb \
+    --hash=sha256:f9210820ee4818d84658ed7df16a7f30c9fba7d8b139959950acef91745cc0f7 \
+    # via flask-bcrypt, paramiko
+blinker==1.4 \
+    --hash=sha256:471aee25f3992bd325afa3772f1063dbdbbca947a041b8b89466dc00d606f8b6 \
+    # via flask-mail, flask-principal, raven
+boto3==1.5.7 \
+    --hash=sha256:00a384f703d7abdc9eb932e64404060b6287543afbd03cae0f811dc29aa2c129 \
+    --hash=sha256:c41540a1d74a4ef7c642d91cb47dae884eafe6665d76a1b9ce1032e3aabde56c
+botocore==1.8.50 \
+    --hash=sha256:898f10e68a7a1c2be621caf046d29a8f782c0ea866d644d5be46472c00a3dee9 \
+    --hash=sha256:a80a23e080f4a93d11a1c067a69304dd407d18c358cba1e0df8c96f56c9e98b4 \
+    # via boto3, s3transfer
+cffi==1.11.5 \
+    --hash=sha256:151b7eefd035c56b2b2e1eb9963c90c6302dc15fbd8c1c0a83a163ff2c7d7743 \
+    --hash=sha256:1553d1e99f035ace1c0544050622b7bc963374a00c467edafac50ad7bd276aef \
+    --hash=sha256:1b0493c091a1898f1136e3f4f991a784437fac3673780ff9de3bcf46c80b6b50 \
+    --hash=sha256:2ba8a45822b7aee805ab49abfe7eec16b90587f7f26df20c71dd89e45a97076f \
+    --hash=sha256:3c85641778460581c42924384f5e68076d724ceac0f267d66c757f7535069c93 \
+    --hash=sha256:3eb6434197633b7748cea30bf0ba9f66727cdce45117a712b29a443943733257 \
+    --hash=sha256:4c91af6e967c2015729d3e69c2e51d92f9898c330d6a851bf8f121236f3defd3 \
+    --hash=sha256:770f3782b31f50b68627e22f91cb182c48c47c02eb405fd689472aa7b7aa16dc \
+    --hash=sha256:79f9b6f7c46ae1f8ded75f68cf8ad50e5729ed4d590c74840471fc2823457d04 \
+    --hash=sha256:7a33145e04d44ce95bcd71e522b478d282ad0eafaf34fe1ec5bbd73e662f22b6 \
+    --hash=sha256:857959354ae3a6fa3da6651b966d13b0a8bed6bbc87a0de7b38a549db1d2a359 \
+    --hash=sha256:87f37fe5130574ff76c17cab61e7d2538a16f843bb7bca8ebbc4b12de3078596 \
+    --hash=sha256:95d5251e4b5ca00061f9d9f3d6fe537247e145a8524ae9fd30a2f8fbce993b5b \
+    --hash=sha256:9d1d3e63a4afdc29bd76ce6aa9d58c771cd1599fbba8cf5057e7860b203710dd \
+    --hash=sha256:a36c5c154f9d42ec176e6e620cb0dd275744aa1d804786a71ac37dc3661a5e95 \
+    --hash=sha256:ae5e35a2c189d397b91034642cb0eab0e346f776ec2eb44a49a459e6615d6e2e \
+    --hash=sha256:b0f7d4a3df8f06cf49f9f121bead236e328074de6449866515cea4907bbc63d6 \
+    --hash=sha256:b75110fb114fa366b29a027d0c9be3709579602ae111ff61674d28c93606acca \
+    --hash=sha256:ba5e697569f84b13640c9e193170e89c13c6244c24400fc57e88724ef610cd31 \
+    --hash=sha256:be2a9b390f77fd7676d80bc3cdc4f8edb940d8c198ed2d8c0be1319018c778e1 \
+    --hash=sha256:d5d8555d9bfc3f02385c1c37e9f998e2011f0db4f90e250e5bc0c0a85a813085 \
+    --hash=sha256:e55e22ac0a30023426564b1059b035973ec82186ddddbac867078435801c7801 \
+    --hash=sha256:e90f17980e6ab0f3c2f3730e56d1fe9bcba1891eeea58966e89d352492cc74f4 \
+    --hash=sha256:ecbb7b01409e9b782df5ded849c178a0aa7c906cf8c5a67368047daab282b184 \
+    --hash=sha256:ed01918d545a38998bfa5902c7c00e0fee90e957ce036a4000a88e3fe2264917 \
+    --hash=sha256:edabd457cd23a02965166026fd9bfd196f4324fe6032e866d0f3bd0301cd486f \
+    --hash=sha256:fdf1c1dc5bafc32bc5d08b054f94d659422b05aba244d6be4ddc1c72d9aa70fb \
+    # via bcrypt, cryptography, pynacl
+click==6.7 \
+    --hash=sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d \
+    --hash=sha256:f15516df478d5a56180fbf80e68f206010e6d160fc39fa508b65e035fd75130b \
+    # via flask
+cryptography==1.9 \
+    --hash=sha256:025a96e48164106f2082b00f42bf430cf21f09e203e42585a712e420b75cbff0 \
+    --hash=sha256:2230c186182d773064d06242e0fa604cd718bfff28aa9c5ae73d7e426e98a151 \
+    --hash=sha256:2908f709f02711dbb10561a9f154d2f7d1792385e2341e9708539cc4ecfb8667 \
+    --hash=sha256:2a5e577f5d2093e51486b4ec02b51bb5adb165b98fee99929d5af0813e90b469 \
+    --hash=sha256:2eb8297b877cb6b56216750fa7017c9f5786bec8afd6a0f1aaace02cbfb6195f \
+    --hash=sha256:365eb804362e581c9a02e7a610b30514f07dd77b2a38aed338eb5192446bbc58 \
+    --hash=sha256:3dc94ed5a26b8553a325767358f505c0a43e0c89df078647f77a4d022ddcdc57 \
+    --hash=sha256:469a9d3d851038f1eb7d7f77bb08bb4775b41483372be450e25b293fe57bd59e \
+    --hash=sha256:533143321d15c8743f91eec5c5f495c1b5cad9a25de8f6dab01eddd6b416903e \
+    --hash=sha256:5474fe5ce6b517d3086e0231b6ad88f8978c551c4379f91c3d619c308490f0d7 \
+    --hash=sha256:5518337022718029e367d982642f3e3523541e098ad671672a90b82474c84882 \
+    --hash=sha256:5ff169869624e23767d70db274f13a9ea4e97c029425a1224aa5e049e84ce2af \
+    --hash=sha256:61eb3534f8ed2415dd708b28919205d523f220e4cd5b8165844edfdd4a649b8e \
+    --hash=sha256:7db719432648f14ea33edffc5f75330c595804eac86ca916528b35ce50a8bfd6 \
+    --hash=sha256:9d9da8bac2e31003d092f5ef6981a725c77c4e9a30638436884d61ad39f9a1ee \
+    --hash=sha256:c26e057a2de13e97e708328d295c5ac4cd3eab4a5c42ce727dd1a53316034b8a \
+    --hash=sha256:ca72537a7064bb80e34b6908e576ffc8e2c2cad29a7168f48d0999df089695c3 \
+    --hash=sha256:fab8ec6866e384d9827d5dc02a1383e991a6c05c54f818316c4b829e56ca2ba3
+docutils==0.14 \
+    --hash=sha256:02aec4bd92ab067f6ff27a38a38a41173bf01bed8f89157768c1573f53e474a6 \
+    --hash=sha256:51e64ef2ebfb29cae1faa133b3710143496eca21c530f3f71424d77687764274 \
+    --hash=sha256:7a4bd47eaf6596e1295ecb11361139febe29b084a87bf005bf899f9a42edc3c6 \
+    # via botocore
+flask-bcrypt==0.7.1 \
+    --hash=sha256:d71c8585b2ee1c62024392ebdbc447438564e2c8c02b4e57b56a4cafd8d13c5f
+flask-mail==0.9.1 \
+    --hash=sha256:22e5eb9a940bf407bcf30410ecc3708f3c56cc44b29c34e1726fe85006935f41
+flask-migrate==2.1.1 \
+    --hash=sha256:493f9b3795985b9b4915bf3b7d16946697f027b73545384e7d9e3a79f989d2fe \
+    --hash=sha256:b709ca8642559c3c5a81a33ab10839fa052177accd5ba821047a99db635255ed
+flask-principal==0.4.0 \
+    --hash=sha256:f5d6134b5caebfdbb86f32d56d18ee44b080876a27269560a96ea35f75c99453
+flask-restful==0.3.6 \
+    --hash=sha256:5795519501347e108c436b693ff9a4d7b373a3ac9069627d64e4001c05dd3407 \
+    --hash=sha256:e2f1b8063de3944b94c7f8be5cee4d2161db0267c54c5b757d875295061776fa
+flask-script==2.0.6 \
+    --hash=sha256:6425963d91054cfcc185807141c7314a9c5ad46325911bd24dcb489bd0161c65
+flask-sqlalchemy==2.3.2 \
+    --hash=sha256:3bc0fac969dd8c0ace01b32060f0c729565293302f0c4269beed154b46bec50b \
+    --hash=sha256:5971b9852b5888655f11db634e87725a9031e170f37c0ce7851cf83497f56e53
+flask==0.12 \
+    --hash=sha256:7f03bb2c255452444f7265eddb51601806e5447b6f8a2d50bbc77a654a14c118 \
+    --hash=sha256:93e803cdbe326a61ebd5c5d353959397c85f829bec610d59cb635c9f97d7ca8b
+future==0.16.0 \
+    --hash=sha256:e39ced1ab767b5936646cedba8bcce582398233d6a627067d4c6a454c90cfedb
+gunicorn==19.7.1 \
+    --hash=sha256:75af03c99389535f218cc596c7de74df4763803f7b63eb09d77e92b3956b36c6 \
+    --hash=sha256:eee1169f0ca667be05db3351a0960765620dad53f53434262ff8901b68a1b622
+idna==2.6 \
+    --hash=sha256:2c6a5de3089009e3da7c5dde64a141dbc8551d5b7f6cf4ed7c2568d0cc520a8f \
+    --hash=sha256:8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4 \
+    # via cryptography
+inflection==0.3.1 \
+    --hash=sha256:18ea7fb7a7d152853386523def08736aa8c32636b047ade55f7578c4edeb16ca
+itsdangerous==0.24 \
+    --hash=sha256:cbb3fcf8d3e33df861709ecaf89d9e6629cff0a217bc2848f1b41cd30d360519 \
+    # via flask
+jinja2==2.10 \
+    --hash=sha256:74c935a1b8bb9a3947c50a54766a969d4846290e1e788ea44c1392163723c3bd \
+    --hash=sha256:f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4
+jmespath==0.9.3 \
+    --hash=sha256:6a81d4c9aa62caf061cb517b4d9ad1dd300374cd4706997aff9cd6aedd61fc64 \
+    --hash=sha256:f11b4461f425740a1d908e9a3f7365c3d2e569f6ca68a2ff8bc5bcd9676edd63 \
+    # via boto3, botocore
+lockfile==0.12.2 \
+    --hash=sha256:6aed02de03cba24efabcd600b30540140634fc06cfa603822d508d5361e9f799 \
+    --hash=sha256:6c3cb24f344923d30b2785d5ad75182c8ea7ac1b6171b08657258ec7429d50fa
+mako==1.0.7 \
+    --hash=sha256:4e02fde57bd4abb5ec400181e4c314f56ac3e49ba4fb8b0d50bba18cb27d25ae \
+    # via alembic
+markupsafe==1.0 \
+    --hash=sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665 \
+    # via jinja2, mako
+marshmallow-sqlalchemy==0.13.1 \
+    --hash=sha256:4cc7f984f02564f0a444e1dcb69bbd5b6c7ebd30728332d668ffeeefe5d2878e \
+    --hash=sha256:f3e1f27c83a013b114c26c8fad59980067030b0db9863b7ff52b31ce85620201
+marshmallow==2.15.0 \
+    --hash=sha256:8740ada95f47fa19f905772aa4932dc5512226a90c30da5672d6d6bf3dd791a7 \
+    --hash=sha256:d3f31fe7be2106b1d783cbd0765ef4e1c6615505514695f33082805f929dd584
+mock==2.0.0 \
+    --hash=sha256:5ce3c71c5545b472da17b72268978914d0252980348636840bd34a00b5cc96c1 \
+    --hash=sha256:b158b6df76edd239b8208d481dc46b6afd45a846b7812ff0ce58971cf5bc8bba \
+    # via acme
+ndg-httpsclient==0.4.2 \
+    --hash=sha256:580987ef194334c50389e0d7de885fccf15605c13c6eecaabd8d6c43768eb8ac
+paramiko==2.4.1 \
+    --hash=sha256:24fb31c947de85fbdeca09e222d41206781581fb0bdf118d2ef18f6e414cd388 \
+    --hash=sha256:33e36775a6c71790ba7692a73f948b329cf9295a72b0102144b031114bd2a4f3
+pbr==3.1.1 \
+    --hash=sha256:05f61c71aaefc02d8e37c0a3eeb9815ff526ea28b3b76324769e6158d7f95be1 \
+    --hash=sha256:60c25b7dfd054ef9bb0ae327af949dd4676aa09ac3a9471cdc871d8a9213f9ac \
+    # via mock
+pem==17.1.0 \
+    --hash=sha256:80c83846e927139773f79cdc581f8e276eb7b3f7a0f0a08c7dabe8e51374b97b \
+    --hash=sha256:f64f0eb25f700a83cbb21b8f82a1a470f0fd75865e2c84606b3f912b01f65f48
+psycopg2==2.7.3 \
+    --hash=sha256:162ab9fc7c2be46b45978bdeecc54ab48f90e57c26c927bfbdcbedee77d22dac \
+    --hash=sha256:1b40c5549c0e39c95e26df4c6cdf49f3d85def38310da78628f1d29c3e7d177e \
+    --hash=sha256:2854703bf7c1287408f16d66a011426be07540748f19a84644677d6b8d1284a7 \
+    --hash=sha256:29db29bc5603ff9dc3a639a8e329ca4ab970d01d6fd27bcf2038e6514fe161f4 \
+    --hash=sha256:2fd25489f2fc5b1a4ab4a131cb7e6c804a664b4201e03d1c5aefcbb055b8bad6 \
+    --hash=sha256:4807cc2a3bf844b882bd11bdf43805430993ac29fa95ac3ed1cbaa24ab9c0319 \
+    --hash=sha256:4dd7ce445059e63b249dbcf6a759c45d1ae5f4e6468c60d50f4829e09d52cd4a \
+    --hash=sha256:5c11fc5091af28d048c321f2b23a3f984ffb5b546ab3cb7424c52c6feae6c965 \
+    --hash=sha256:5d6d3e80658bf7436202358490beabe7fc78497f5defecb4e9db91d19d5d2778 \
+    --hash=sha256:624d9e75d5cf636236ef0e7c325761d8e795200c91154d344b0efcdece535a93 \
+    --hash=sha256:65a7560c7dc45cd7cb8083e07341789ca9c1e3d668c04e198ec925da1ef0012c \
+    --hash=sha256:6a81bba87531e11e93eb5e193e3f25498eb4e3d7a0a730675ea311913ea93f8f \
+    --hash=sha256:6be1b5c96a122387afef18669f3bb0fb255a22e77da85bc37fdd5367a446880c \
+    --hash=sha256:94f7ca8013fa17b14e8be72dcc4994046fcd40f85b8cf45d13cdfcf777aad0f4 \
+    --hash=sha256:9b3009f237df518951fc2385dd444b7d79b83c4a9cdd26141d2bd9eabd32d681 \
+    --hash=sha256:9bfadd7163ec17983c1e395782755ea1c15702e4b79ed333ff70995cd4fb5505 \
+    --hash=sha256:a1f302a2ef32b16a8a6515d5ae6368460ad7434ba6a3751f5a2c1084f6234ff6 \
+    --hash=sha256:ad2d1274e69fac940c66854cbc92c9eda572b4b30cab4073d4383148874a8974 \
+    --hash=sha256:b148f8ccdf9d59bf762b67b80c4a46b9ce1e90dee0f10907640e5a18b07d0ee6 \
+    --hash=sha256:b2bc3bc99355fe26a76d1225c32ae6f97604f575cb41cd8e8a4932bbc5b932a7 \
+    --hash=sha256:b60024e969aaecc47530f96c723c4cac63d34606fb57806bed49991ff35aecea \
+    --hash=sha256:b807ca62f8844f3eb7bff5790ffc4bd851f51a22f453b59fe3c9461e097eac6d \
+    --hash=sha256:bbb843f752f582de95db533d371cf55acf69acd86b0b22e35d89f045c1f6c139 \
+    --hash=sha256:bc580e4dd39031eea0a662a3e8353b9fa90e500aa7ae14b4589cd4572f7ba4c3 \
+    --hash=sha256:c9bd49848556d04093909faec017c3675efabf78c2b7f383bf7c43ba18324ac8 \
+    --hash=sha256:cbd910a5d9e3c2e49c2e8f827f2261c27260260a0b46284445d1a3dd12265be8 \
+    --hash=sha256:cf4f620f3401e4e8f9e2934c45284e21d404bbe65cd7b81a50402f30c1160109 \
+    --hash=sha256:d2089a8dc7fea97386d66e46aabf5674538d946dcaf3374f736411638c93c2c4 \
+    --hash=sha256:db49705698f9edd4878457166b09e53788d3e7f10d86f490ee5978ce2613bc06 \
+    --hash=sha256:f2ae745ee9b65e04fcca2bbb7ff6d92c196b732f04d0b570310f8958b58ecb64 \
+    --hash=sha256:febc7334b1f33c08c5c8d29353d557d8510ff1205f9e7ef454a3f8306c79e9b4
+pyasn1-modules==0.2.1 \
+    --hash=sha256:47fb6757ab78fe966e7c58b2030b546854f78416d653163f0ce9290cf2278e8b \
+    --hash=sha256:af00ea8f2022b6287dc375b2c70f31ab5af83989fc6fe9eacd4976ce26cd7ccc \
+    # via python-ldap
+pyasn1==0.4.2 \
+    --hash=sha256:d258b0a71994f7770599835249cece1caef3c70def868c4915e6e5ca49b67d15 \
+    --hash=sha256:d5cd6ed995dba16fad0c521cfe31cd2d68400b53fcc2bce93326829be73ab6d1 \
+    # via paramiko, pyasn1-modules, python-ldap, requests
+pycparser==2.18 \
+    --hash=sha256:99a8ca03e29851d96616ad0404b4aad7d9ee16f25c9f9708a11faf2810f7b226 \
+    # via cffi
+pyjwt==1.5.3 \
+    --hash=sha256:500be75b17a63f70072416843dc80c8821109030be824f4d14758f114978bae7 \
+    --hash=sha256:a4e5f1441e3ca7b382fd0c0b416777ced1f97c64ef0c33bfa39daf38505cfd2f
+pyldap==3.0.0 \
+    --hash=sha256:9c10dc9663d3b3f5899f811fcb89618cc96d41b9f8a68b3eed5f13de5b44ce24
+pynacl==1.2.1 \
+    --hash=sha256:04e30e5bdeeb2d5b34107f28cd2f5bbfdc6c616f3be88fc6f53582ff1669eeca \
+    --hash=sha256:0bfa0d94d2be6874e40f896e0a67e290749151e7de767c5aefbad1121cad7512 \
+    --hash=sha256:11aa4e141b2456ce5cecc19c130e970793fa3a2c2e6fbb8ad65b28f35aa9e6b6 \
+    --hash=sha256:13bdc1fe084ff9ac7653ae5a924cae03bf4bb07c6667c9eb5b6eb3c570220776 \
+    --hash=sha256:14339dc233e7a9dda80a3800e64e7ff89d0878ba23360eea24f1af1b13772cac \
+    --hash=sha256:1d33e775fab3f383167afb20b9927aaf4961b953d76eeb271a5703a6d756b65b \
+    --hash=sha256:2a42b2399d0428619e58dac7734838102d35f6dcdee149e0088823629bf99fbb \
+    --hash=sha256:2dce05ac8b3c37b9e2f65eab56c544885607394753e9613fd159d5e2045c2d98 \
+    --hash=sha256:6453b0dae593163ffc6db6f9c9c1597d35c650598e2c39c0590d1757207a1ac2 \
+    --hash=sha256:73a5a96fb5fbf2215beee2353a128d382dbca83f5341f0d3c750877a236569ef \
+    --hash=sha256:8abb4ef79161a5f58848b30ab6fb98d8c466da21fdd65558ce1d7afc02c70b5f \
+    --hash=sha256:8ac1167195b32a8755de06efd5b2d2fe76fc864517dab66aaf65662cc59e1988 \
+    --hash=sha256:8f505f42f659012794414fa57c498404e64db78f1d98dfd40e318c569f3c783b \
+    --hash=sha256:be71cd5fce04061e1f3d39597f93619c80cdd3558a6c9ba99a546f144a8d8101 \
+    --hash=sha256:cf6877124ae6a0698404e169b3ba534542cfbc43f939d46b927d956daf0a373a \
+    --hash=sha256:d0eb5b2795b7ee2cbcfcadacbe95a13afbda048a262bd369da9904fecb568975 \
+    --hash=sha256:d795f506bcc9463efb5ebb0f65ed77921dcc9e0a50499dedd89f208445de9ecb \
+    --hash=sha256:d8aaf7e5d6b0e0ef7d6dbf7abeb75085713d0100b4eb1a4e4e857de76d77ac45 \
+    --hash=sha256:e0d38fa0a75f65f556fb912f2c6790d1fa29b7dd27a1d9cc5591b281321eaaa9 \
+    --hash=sha256:eb2acabbd487a46b38540a819ef67e477a674481f84a82a7ba2234b9ba46f752 \
+    --hash=sha256:eeee629828d0eb4f6d98ac41e9a3a6461d114d1d0aa111a8931c049359298da0 \
+    --hash=sha256:f5ce9e26d25eb0b2d96f3ef0ad70e1d3ae89b5d60255c462252a3e456a48c053 \
+    --hash=sha256:fabf73d5d0286f9e078774f3435601d2735c94ce9e514ac4fb945701edead7e4 \
+    # via paramiko
+pyopenssl==17.2.0 \
+    --hash=sha256:5d617ce36b07c51f330aa63b83bf7f25c40a0e95958876d54d1982f8c91b4834 \
+    --hash=sha256:c8959e441c2d85d646f3d6e9024ec02b2fc8dda92596e44ce3460b3a476bc694
+pyrfc3339==1.0 \
+    --hash=sha256:8dfbc6c458b8daba1c0f3620a8c78008b323a268b27b7359e92a4ae41325f535 \
+    --hash=sha256:eea31835c56e2096af4363a5745a784878a61d043e247d3a6d6a0a32a9741f56 \
+    # via acme
+python-dateutil==2.7.0 \
+    --hash=sha256:07009062406cffd554a9b4135cd2ff167c9bf6b7aac61fe946c93e69fad1bbd8 \
+    --hash=sha256:8f95bb7e6edbb2456a51a1fb58c8dca942024b4f5844cae62c90aa88afe6e300 \
+    # via alembic, arrow, botocore
+python-editor==1.0.3 \
+    --hash=sha256:a3c066acee22a1c94f63938341d4fb374e3fdd69366ed6603d7b24bed1efc565 \
+    # via alembic
+python-ldap==3.0.0 \
+    --hash=sha256:86746b912a2cd37a54b06c694f021b0c8556d4caeab75ef50435ada152e2fbe1 \
+    # via pyldap
+pytz==2018.3 \
+    --hash=sha256:07edfc3d4d2705a20a6e99d97f0c4b61c800b8232dc1c04d87e8554f130148dd \
+    --hash=sha256:410bcd1d6409026fbaa65d9ed33bf6dd8b1e94a499e32168acfc7b332e4095c0 \
+    # via acme, flask-restful, pyrfc3339
+raven[flask]==6.2.1 \
+    --hash=sha256:c0a30bcc3e3206059f79656d80362ce080b1c991c95d867edce559a7294570fe \
+    --hash=sha256:f58ead6842c02d427617e827f4c0a97cfd3f8b648a52e53ef12182002a8663cb
+requests[security]==2.11.1 \
+    --hash=sha256:545c4855cd9d7c12671444326337013766f4eea6068c3f0307fb2dc2696d580e \
+    --hash=sha256:5acf980358283faba0b897c73959cecf8b841205bb4b2ad3ef545f46eae1a133
+retrying==1.3.3 \
+    --hash=sha256:08c039560a6da2fe4f2c426d0766e284d3b736e355f8dd24b37367b0bb41973b
+s3transfer==0.1.13 \
+    --hash=sha256:90dc18e028989c609146e241ea153250be451e05ecc0c2832565231dacdf59c1 \
+    --hash=sha256:c7a9ec356982d5e9ab2d4b46391a7d6a950e2b04c472419f5fdec70cc0ada72f \
+    # via boto3
+six==1.11.0 \
+    --hash=sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9 \
+    --hash=sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb
+sqlalchemy-utils==0.32.21 \
+    --hash=sha256:e35431b0e57c4f7030ff598c23813c8b7b04b508ce10e8e9ebe448645b38d6d7
+sqlalchemy==1.2.5 \
+    --hash=sha256:249000654107a420a40200f1e0b555a79dfd4eff235b2ff60bc77714bd045f2d \
+    # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
+tabulate==0.8.2 \
+    --hash=sha256:e4ca13f26d0a6be2a2915428dc21e732f1e44dad7f76d7030b2ef1ec251cf7f2
+werkzeug==0.14.1 \
+    --hash=sha256:c3fd7a7d41976d9f44db327260e263132466836cef6f91512889ed60ad26557c \
+    --hash=sha256:d5da73735293558eb1651ee2fddc4d0dedcfa06538b8813a2e20011583c9e49b \
+    # via flask
+xmltodict==0.11.0 \
+    --hash=sha256:8f8d7d40aa28d83f4109a7e8aa86e67a4df202d9538be40c0cb1d70da527b0df \
+    --hash=sha256:add07d92089ff611badec526912747cf87afd4f9447af6661aca074eeaf32615

From 672a28bb284e22b02ad297b1b09fd00720e3467a Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Wed, 21 Mar 2018 10:29:08 -0700
Subject: [PATCH 06/22] Update auth keys, change python version to satisfy
 tests

---
 requirements-dev.txt | 117 ++++++++++++++++++++++++++++++++++---------
 requirements.in      |  54 ++++++++++----------
 2 files changed, 120 insertions(+), 51 deletions(-)

diff --git a/requirements-dev.txt b/requirements-dev.txt
index f94fa610..c7553fb0 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -4,26 +4,97 @@
 #
 #    pip-compile --no-index --output-file requirements-dev.txt requirements-dev.in
 #
-aspy.yaml==1.1.0          # via pre-commit
-cached-property==1.4.2    # via pre-commit
-certifi==2018.1.18        # via requests
-cfgv==1.0.0               # via pre-commit
-chardet==3.0.4            # via requests
-flake8==3.5.0
-identify==1.0.11          # via pre-commit
-idna==2.6                 # via requests
-invoke==0.22.1
-mccabe==0.6.1             # via flake8
-nodeenv==1.3.0
-pkginfo==1.4.2            # via twine
-pre-commit==1.8.2
-pycodestyle==2.3.1        # via flake8
-pyflakes==1.6.0           # via flake8
-pyyaml==3.12              # via aspy.yaml, pre-commit
-requests-toolbelt==0.8.0  # via twine
-requests==2.18.4          # via requests-toolbelt, twine
-six==1.11.0               # via cfgv, pre-commit
-tqdm==4.22.0              # via twine
-twine==1.11.0
-urllib3==1.22             # via requests
-virtualenv==15.2.0        # via pre-commit
+aspy.yaml==1.0.0 \
+    --hash=sha256:6215f44900ff65f27dbd00a36b06a7926276436ed377320cfd4febd69bbd4a94 \
+    --hash=sha256:be70cc0ccd1ee1d30f589f2403792eb2ffa7546470af0a17179541b13d8374df \
+    # via pre-commit
+cached-property==1.4.0 \
+    --hash=sha256:6e6935ec62567fbcbc346fad84fcea9bc77e3547b7267e62bc5b7ed8e5438ae8 \
+    --hash=sha256:a2fa0f89dd422f7e5dd992a4a3e0ce209d5d1e47a4db28fd0a7b5273ec8da3f0 \
+    # via pre-commit
+certifi==2018.1.18 \
+    --hash=sha256:14131608ad2fd56836d33a71ee60fa1c82bc9d2c8d98b7bdbc631fe1b3cd1296 \
+    --hash=sha256:edbc3f203427eef571f79a7692bb160a2b0f7ccaa31953e99bd17e307cf63f7d \
+    # via requests
+cfgv==1.0.0 \
+    --hash=sha256:2fbaf8d082456d8fff5a68163ff59c1025a52e906914fbc738be7d8ea5b7aa4b \
+    --hash=sha256:733aa2f66b5106af32d271336a571610b9808e868de0ad5690d9d5155e5960c5 \
+    # via pre-commit
+chardet==3.0.4 \
+    --hash=sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae \
+    --hash=sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691 \
+    # via requests
+flake8==3.5.0 \
+    --hash=sha256:7253265f7abd8b313e3892944044a365e3f4ac3fcdcfb4298f55ee9ddf188ba0 \
+    --hash=sha256:c7841163e2b576d435799169b78703ad6ac1bbb0f199994fc05f700b2a90ea37
+identify==1.0.8 \
+    --hash=sha256:53be6ea950a5f40e13be2dd87e67413eb6879527b831333196ab2a54de38f499 \
+    --hash=sha256:c0bfb29634e04cde8e54aee2d55aff9dad30d6ea1f3e9e3ce731934d78635aa1 \
+    # via pre-commit
+idna==2.6 \
+    --hash=sha256:2c6a5de3089009e3da7c5dde64a141dbc8551d5b7f6cf4ed7c2568d0cc520a8f \
+    --hash=sha256:8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4 \
+    # via requests
+invoke==0.22.1 \
+    --hash=sha256:357f0661c1d84f9f113e6164705d92eb00b35cd704c31e82efbf0f012f25e40c \
+    --hash=sha256:39020b07218c87747e85dd422510f02a8d1282c71952942324c67d9eeaae8e62 \
+    --hash=sha256:621181a0efae67b3dadec583cf2c6b5096136635bf6a326c481c73db412b36fc
+mccabe==0.6.1 \
+    --hash=sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42 \
+    --hash=sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f \
+    # via flake8
+nodeenv==1.3.0 \
+    --hash=sha256:dd0a34001090ff042cfdb4b0c8d6a6f7ec9baa49733f00b695bb8a8b4700ba6c \
+    # via pre-commit
+pkginfo==1.4.2 \
+    --hash=sha256:5878d542a4b3f237e359926384f1dde4e099c9f5525d236b1840cf704fa8d474 \
+    --hash=sha256:a39076cb3eb34c333a0dd390b568e9e1e881c7bf2cc0aee12120636816f55aee \
+    # via twine
+pre-commit==1.8.2 \
+    --hash=sha256:01bb5f44606735ca30c8be641fa24f5760fcc599a0260ead0067bcde2f0305f9 \
+    --hash=sha256:823452163aa9fb024a9ff30947ba7f5a2778708db7554a4d36438b9bbead6bbb
+pycodestyle==2.3.1 \
+    --hash=sha256:682256a5b318149ca0d2a9185d365d8864a768a28db66a84a2ea946bcc426766 \
+    --hash=sha256:6c4245ade1edfad79c3446fadfc96b0de2759662dc29d07d80a6f27ad1ca6ba9 \
+    # via flake8
+pyflakes==1.6.0 \
+    --hash=sha256:08bd6a50edf8cffa9fa09a463063c425ecaaf10d1eb0335a7e8b1401aef89e6f \
+    --hash=sha256:8d616a382f243dbf19b54743f280b80198be0bca3a5396f1d2e1fca6223e8805 \
+    # via flake8
+pyyaml==3.12 \
+    --hash=sha256:16b20e970597e051997d90dc2cddc713a2876c47e3d92d59ee198700c5427736 \
+    --hash=sha256:3262c96a1ca437e7e4763e2843746588a965426550f3797a79fca9c6199c431f \
+    --hash=sha256:592766c6303207a20efc445587778322d7f73b161bd994f227adaa341ba212ab \
+    --hash=sha256:5ac82e411044fb129bae5cfbeb3ba626acb2af31a8d17d175004b70862a741a7 \
+    --hash=sha256:827dc04b8fa7d07c44de11fabbc888e627fa8293b695e0f99cb544fdfa1bf0d1 \
+    --hash=sha256:bc6bced57f826ca7cb5125a10b23fd0f2fff3b7c4701d64c439a300ce665fff8 \
+    --hash=sha256:c01b880ec30b5a6e6aa67b09a2fe3fb30473008c85cd6a67359a1b15ed6d83a4 \
+    --hash=sha256:e863072cdf4c72eebf179342c94e6989c67185842d9997960b3e69290b2fa269 \
+    # via aspy.yaml, pre-commit
+requests-toolbelt==0.8.0 \
+    --hash=sha256:42c9c170abc2cacb78b8ab23ac957945c7716249206f90874651971a4acff237 \
+    --hash=sha256:f6a531936c6fa4c6cfce1b9c10d5c4f498d16528d2a54a22ca00011205a187b5 \
+    # via twine
+requests==2.18.4 \
+    --hash=sha256:6a1b267aa90cac58ac3a765d067950e7dbbf75b1da07e895d1f594193a40a38b \
+    --hash=sha256:9c443e7324ba5b85070c4a818ade28bfabedf16ea10206da1132edaa6dda237e \
+    # via requests-toolbelt, twine
+six==1.11.0 \
+    --hash=sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9 \
+    --hash=sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb \
+    # via cfgv, pre-commit
+tqdm==4.19.8 \
+    --hash=sha256:05e991ecb0f874046ddcb374396a626afd046fb4d31f73633ea752b844458a7a \
+    --hash=sha256:2aea9f81fdf127048667e0ba22f5fc10ebc879fb838dc52dcf055242037ec1f7 \
+    # via twine
+twine==1.11.0 \
+    --hash=sha256:08eb132bbaec40c6d25b358f546ec1dc96ebd2638a86eea68769d9e67fe2b129 \
+    --hash=sha256:2fd9a4d9ff0bcacf41fdc40c8cb0cfaef1f1859457c9653fd1b92237cc4e9f25
+urllib3==1.22 \
+    --hash=sha256:06330f386d6e4b195fbfc736b297f58c5a892e4440e54d294d7004e3a9bbea1b \
+    --hash=sha256:cc44da8e1145637334317feebd728bd869a35285b93cbb4cca2577da7e62db4f \
+    # via requests
+virtualenv==15.1.0 \
+    --hash=sha256:02f8102c2436bb03b3ee6dede1919d1dac8a427541652e5ec95171ec8adbc93a \
+    --hash=sha256:39d88b533b422825d644087a21e78c45cf5af0ef7a99a1fc9fbb7b481e5c85b0 \
+    # via pre-commit
diff --git a/requirements.in b/requirements.in
index 152ed9c6..ba443684 100644
--- a/requirements.in
+++ b/requirements.in
@@ -5,31 +5,29 @@ Flask-Script==2.0.6
 Flask-Migrate==2.1.1
 Flask-Bcrypt==0.7.1
 Flask-Mail==0.9.1
-Flask-Migrate==2.1.1
-Flask-Principal==0.4.0
-Flask-RESTful==0.3.6
-Flask-Script==2.0.6
-Flask-SQLAlchemy
-Flask==0.12
-Flask-Cors
-future
-gunicorn
-inflection
-jinja2
-lockfile
-marshmallow-sqlalchemy
-marshmallow
-ndg-httpsclient
-paramiko  # required for the SFTP destination plugin
-pem
-psycopg2
-pyjwt
-pyOpenSSL==17.2.0 # PINNED for a specific reason. This needs to be merged in before upgrade: https://github.com/shazow/urllib3/pull/1246
-python_ldap
-raven[flask]
-requests==2.11.1 # PINNED for a specific reason. This needs to be merged in before upgrade: https://github.com/shazow/urllib3/pull/1246
-retrying
-six
-SQLAlchemy-Utils
-tabulate
-xmltodict
+SQLAlchemy-Utils==0.32.21
+requests==2.11.1
+ndg-httpsclient==0.4.2
+psycopg2==2.7.3
+arrow==0.12.0
+six==1.11.0
+marshmallow-sqlalchemy==0.13.1
+gunicorn==19.7.1
+marshmallow==2.15.0
+cryptography==1.9
+xmltodict==0.11.0
+pyjwt==1.5.3
+lockfile==0.12.2
+inflection==0.3.1
+future==0.16.0
+boto3==1.5.7
+acme==0.20.0
+retrying==1.3.3
+tabulate==0.8.2
+pyOpenSSL==17.2.0
+pem==17.1.0
+raven[flask]==6.2.1
+jinja2==2.10
+paramiko==2.4.1  # required for lemur_linuxdst plugin
+python_ldap<=3.0.0b4
+alembic-autogenerate-enums==0.0.2

From 5dd03098e598d7c452056a531c6c159e3c2946b6 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Wed, 21 Mar 2018 12:45:26 -0700
Subject: [PATCH 07/22] actually update deps

---
 lemur/plugins/lemur_acme/plugin.py |   1 -
 requirements-dev.txt               |   3 +-
 requirements-docs.txt              | 102 ++++++--
 requirements-tests.in              |  17 +-
 requirements-tests.txt             | 292 ++++++++++++++++++----
 requirements.in                    |  57 ++---
 requirements.txt                   | 378 +++++------------------------
 7 files changed, 424 insertions(+), 426 deletions(-)

diff --git a/lemur/plugins/lemur_acme/plugin.py b/lemur/plugins/lemur_acme/plugin.py
index e5fd1730..a7b81579 100644
--- a/lemur/plugins/lemur_acme/plugin.py
+++ b/lemur/plugins/lemur_acme/plugin.py
@@ -11,7 +11,6 @@
 .. moduleauthor:: Mikhail Khodorovskiy <mikhail.khodorovskiy@jivesoftware.com>
 """
 import josepy as jose
-import json
 
 from flask import current_app
 
diff --git a/requirements-dev.txt b/requirements-dev.txt
index c7553fb0..bc52ae5e 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -44,8 +44,7 @@ mccabe==0.6.1 \
     --hash=sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f \
     # via flake8
 nodeenv==1.3.0 \
-    --hash=sha256:dd0a34001090ff042cfdb4b0c8d6a6f7ec9baa49733f00b695bb8a8b4700ba6c \
-    # via pre-commit
+    --hash=sha256:dd0a34001090ff042cfdb4b0c8d6a6f7ec9baa49733f00b695bb8a8b4700ba6c
 pkginfo==1.4.2 \
     --hash=sha256:5878d542a4b3f237e359926384f1dde4e099c9f5525d236b1840cf704fa8d474 \
     --hash=sha256:a39076cb3eb34c333a0dd390b568e9e1e881c7bf2cc0aee12120636816f55aee \
diff --git a/requirements-docs.txt b/requirements-docs.txt
index a8b93db2..f2292921 100644
--- a/requirements-docs.txt
+++ b/requirements-docs.txt
@@ -4,24 +4,84 @@
 #
 #    pip-compile --no-index --output-file requirements-docs.txt requirements-docs.in
 #
-alabaster==0.7.10         # via sphinx
-babel==2.5.3              # via sphinx
-certifi==2018.1.18        # via requests
-chardet==3.0.4            # via requests
-docutils==0.14            # via sphinx
-idna==2.6                 # via requests
-imagesize==1.0.0          # via sphinx
-jinja2==2.10              # via sphinx
-markupsafe==1.0           # via jinja2
-packaging==17.1           # via sphinx
-pygments==2.2.0           # via sphinx
-pyparsing==2.2.0          # via packaging
-pytz==2018.4              # via babel
-requests==2.18.4          # via sphinx
-six==1.11.0               # via packaging, sphinx, sphinxcontrib-httpdomain
-snowballstemmer==1.2.1    # via sphinx
-sphinx-rtd-theme==0.3.0
-sphinx==1.7.2
-sphinxcontrib-httpdomain==1.6.1
-sphinxcontrib-websupport==1.0.1  # via sphinx
-urllib3==1.22             # via requests
+alabaster==0.7.10 \
+    --hash=sha256:2eef172f44e8d301d25aff8068fddd65f767a3f04b5f15b0f4922f113aa1c732 \
+    --hash=sha256:37cdcb9e9954ed60912ebc1ca12a9d12178c26637abdf124e3cde2341c257fe0 \
+    # via sphinx
+babel==2.5.3 \
+    --hash=sha256:8ce4cb6fdd4393edd323227cba3a077bceb2a6ce5201c902c65e730046f41f14 \
+    --hash=sha256:ad209a68d7162c4cff4b29cdebe3dec4cef75492df501b0049a9433c96ce6f80 \
+    # via sphinx
+certifi==2018.1.18 \
+    --hash=sha256:14131608ad2fd56836d33a71ee60fa1c82bc9d2c8d98b7bdbc631fe1b3cd1296 \
+    --hash=sha256:edbc3f203427eef571f79a7692bb160a2b0f7ccaa31953e99bd17e307cf63f7d \
+    # via requests
+chardet==3.0.4 \
+    --hash=sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae \
+    --hash=sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691 \
+    # via requests
+docutils==0.14 \
+    --hash=sha256:02aec4bd92ab067f6ff27a38a38a41173bf01bed8f89157768c1573f53e474a6 \
+    --hash=sha256:51e64ef2ebfb29cae1faa133b3710143496eca21c530f3f71424d77687764274 \
+    --hash=sha256:7a4bd47eaf6596e1295ecb11361139febe29b084a87bf005bf899f9a42edc3c6 \
+    # via sphinx
+idna==2.6 \
+    --hash=sha256:2c6a5de3089009e3da7c5dde64a141dbc8551d5b7f6cf4ed7c2568d0cc520a8f \
+    --hash=sha256:8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4 \
+    # via requests
+imagesize==1.0.0 \
+    --hash=sha256:3620cc0cadba3f7475f9940d22431fc4d407269f1be59ec9b8edcca26440cf18 \
+    --hash=sha256:5b326e4678b6925158ccc66a9fa3122b6106d7c876ee32d7de6ce59385b96315 \
+    # via sphinx
+jinja2==2.10 \
+    --hash=sha256:74c935a1b8bb9a3947c50a54766a969d4846290e1e788ea44c1392163723c3bd \
+    --hash=sha256:f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4 \
+    # via sphinx
+markupsafe==1.0 \
+    --hash=sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665 \
+    # via jinja2
+packaging==17.1 \
+    --hash=sha256:e9215d2d2535d3ae866c3d6efc77d5b24a0192cce0ff20e42896cc0664f889c0 \
+    --hash=sha256:f019b770dd64e585a99714f1fd5e01c7a8f11b45635aa953fd41c689a657375b \
+    # via sphinx
+pygments==2.2.0 \
+    --hash=sha256:78f3f434bcc5d6ee09020f92ba487f95ba50f1e3ef83ae96b9d5ffa1bab25c5d \
+    --hash=sha256:dbae1046def0efb574852fab9e90209b23f556367b5a320c0bcb871c77c3e8cc \
+    # via sphinx
+pyparsing==2.2.0 \
+    --hash=sha256:0832bcf47acd283788593e7a0f542407bd9550a55a8a8435214a1960e04bcb04 \
+    --hash=sha256:fee43f17a9c4087e7ed1605bd6df994c6173c1e977d7ade7b651292fab2bd010 \
+    # via packaging
+pytz==2018.3 \
+    --hash=sha256:07edfc3d4d2705a20a6e99d97f0c4b61c800b8232dc1c04d87e8554f130148dd \
+    --hash=sha256:410bcd1d6409026fbaa65d9ed33bf6dd8b1e94a499e32168acfc7b332e4095c0 \
+    # via babel
+requests==2.18.4 \
+    --hash=sha256:6a1b267aa90cac58ac3a765d067950e7dbbf75b1da07e895d1f594193a40a38b \
+    --hash=sha256:9c443e7324ba5b85070c4a818ade28bfabedf16ea10206da1132edaa6dda237e \
+    # via sphinx
+six==1.11.0 \
+    --hash=sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9 \
+    --hash=sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb \
+    # via packaging, sphinx, sphinxcontrib-httpdomain
+snowballstemmer==1.2.1 \
+    --hash=sha256:919f26a68b2c17a7634da993d91339e288964f93c274f1343e3bbbe2096e1128 \
+    --hash=sha256:9f3bcd3c401c3e862ec0ebe6d2c069ebc012ce142cce209c098ccb5b09136e89 \
+    # via sphinx
+sphinx-rtd-theme==0.2.4 \
+    --hash=sha256:2df74b8ff6fae6965c527e97cca6c6c944886aae474b490e17f92adfbe843417 \
+    --hash=sha256:62ee4752716e698bad7de8a18906f42d33664128eea06c46b718fc7fbd1a9f5c
+sphinx==1.7.2 \
+    --hash=sha256:5a1c9a0fec678c24b9a2f5afba240c04668edb7f45c67ce2ed008996b3f21ae2 \
+    --hash=sha256:7a606d77618a753adb79e13605166e3cf6a0e5678526e044236fc1ac43650910
+sphinxcontrib-httpdomain==1.6.1 \
+    --hash=sha256:029f596deb7b4246148a8e8a7d041764d0cad545cf4f3bb6252ac90c785ab221 \
+    --hash=sha256:2572c10bf84fab856999667369e3604eb209d8dda7321556bfee93fddcfc33b5
+sphinxcontrib-websupport==1.0.1 \
+    --hash=sha256:7a85961326aa3a400cd4ad3c816d70ed6f7c740acd7ce5d78cd0a67825072eb9 \
+    --hash=sha256:f4932e95869599b89bf4f80fc3989132d83c9faa5bf633e7b5e0c25dffb75da2 \
+    # via sphinx
+urllib3==1.22 \
+    --hash=sha256:06330f386d6e4b195fbfc736b297f58c5a892e4440e54d294d7004e3a9bbea1b \
+    --hash=sha256:cc44da8e1145637334317feebd728bd869a35285b93cbb4cca2577da7e62db4f \
+    # via requests
diff --git a/requirements-tests.in b/requirements-tests.in
index 44a5c59f..b2fef92a 100644
--- a/requirements-tests.in
+++ b/requirements-tests.in
@@ -1,11 +1,10 @@
-coverage
-factory-boy
-Faker
-freezegun
-moto
-nose
+factory-boy==2.9.2
+fake-factory==0.7.2
+freezegun==0.3.9
+moto>1,<2
+nose==1.3.7
 pyflakes
-pytest
-pytest-flask
+pytest-flask==0.10.0
 pytest-mock
-requests-mock
+pytest==3.3.2
+requests-mock==1.4.0
diff --git a/requirements-tests.txt b/requirements-tests.txt
index 4113ad2a..d11a0215 100644
--- a/requirements-tests.txt
+++ b/requirements-tests.txt
@@ -4,56 +4,242 @@
 #
 #    pip-compile --no-index --output-file requirements-tests.txt requirements-tests.in
 #
-asn1crypto==0.24.0        # via cryptography
-attrs==17.4.0             # via pytest
-aws-xray-sdk==0.95        # via moto
-boto3==1.7.4              # via moto
-boto==2.48.0              # via moto
-botocore==1.10.4          # via boto3, moto, s3transfer
-certifi==2018.1.18        # via requests
-cffi==1.11.5              # via cryptography
-chardet==3.0.4            # via requests
-click==6.7                # via flask
-cookies==2.2.1            # via moto
-coverage==4.5.1
-cryptography==2.2.2       # via moto
-docker-pycreds==0.2.2     # via docker
-docker==3.2.1             # via moto
-docutils==0.14            # via botocore
-factory-boy==2.10.0
-faker==0.8.13
-flask==0.12.2             # via pytest-flask
-freezegun==0.3.10
-idna==2.6                 # via cryptography, requests
-itsdangerous==0.24        # via flask
-jinja2==2.10              # via flask, moto
-jmespath==0.9.3           # via boto3, botocore
-jsondiff==1.1.1           # via moto
-jsonpickle==0.9.6         # via aws-xray-sdk
-markupsafe==1.0           # via jinja2
-mock==2.0.0               # via moto
-more-itertools==4.1.0     # via pytest
-moto==1.3.1
-nose==1.3.7
-pbr==4.0.2                # via mock
-pluggy==0.6.0             # via pytest
-py==1.5.3                 # via pytest
-pyaml==17.12.1            # via moto
-pycparser==2.18           # via cffi
-pyflakes==1.6.0
-pytest-flask==0.10.0
-pytest-mock==1.9.0
-pytest==3.5.0
-python-dateutil==2.6.1    # via botocore, faker, freezegun, moto
-pytz==2018.4              # via moto
-pyyaml==3.12              # via pyaml
-requests-mock==1.4.0
-requests==2.18.4          # via aws-xray-sdk, docker, moto, requests-mock
-s3transfer==0.1.13        # via boto3
-six==1.11.0               # via cryptography, docker, docker-pycreds, faker, freezegun, mock, more-itertools, moto, pytest, python-dateutil, requests-mock, websocket-client
-text-unidecode==1.2       # via faker
-urllib3==1.22             # via requests
-websocket-client==0.47.0  # via docker
-werkzeug==0.14.1          # via flask, moto, pytest-flask
-wrapt==1.10.11            # via aws-xray-sdk
-xmltodict==0.11.0         # via moto
+asn1crypto==0.24.0 \
+    --hash=sha256:2f1adbb7546ed199e3c90ef23ec95c5cf3585bac7d11fb7eb562a3fe89c64e87 \
+    --hash=sha256:9d5c20441baf0cb60a4ac34cc447c6c189024b6b4c6cd7877034f4965c464e49 \
+    # via cryptography
+attrs==17.4.0 \
+    --hash=sha256:1c7960ccfd6a005cd9f7ba884e6316b5e430a3f1a6c37c5f87d8b43f83b54ec9 \
+    --hash=sha256:a17a9573a6f475c99b551c0e0a812707ddda1ec9653bed04c13841404ed6f450 \
+    # via pytest
+aws-xray-sdk==0.95 \
+    --hash=sha256:72791618feb22eaff2e628462b0d58f398ce8c1bacfa989b7679817ab1fad60c \
+    --hash=sha256:9e7ba8dd08fd2939376c21423376206bff01d0deaea7d7721c6b35921fed1943 \
+    # via moto
+boto3==1.6.12 \
+    --hash=sha256:3e224b2ec4b62d3a88577eb6261fef4898d7aa5baabe58c79b7abf718fca1479 \
+    --hash=sha256:a55f74e427ae26e30ee8696312e0caa57bfef58d9bf308fa4221ba2d968c8db2 \
+    # via moto
+boto==2.48.0 \
+    --hash=sha256:13be844158d1bd80a94c972c806ec8381b9ea72035aa06123c5db6bc6a6f3ead \
+    --hash=sha256:deb8925b734b109679e3de65856018996338758f4b916ff4fe7bb62b6d7000d1 \
+    # via moto
+botocore==1.9.12 \
+    --hash=sha256:2797b0dd2350c2611cf22fda3ea023b8f21cf3ef3db4bf8929f34ba779adaed0 \
+    --hash=sha256:54f28ec362c0ff2dfdc891835bdacdfb01770ab4973816fa37193164608ddbde \
+    # via boto3, moto, s3transfer
+certifi==2018.1.18 \
+    --hash=sha256:14131608ad2fd56836d33a71ee60fa1c82bc9d2c8d98b7bdbc631fe1b3cd1296 \
+    --hash=sha256:edbc3f203427eef571f79a7692bb160a2b0f7ccaa31953e99bd17e307cf63f7d \
+    # via requests
+cffi==1.11.5 \
+    --hash=sha256:151b7eefd035c56b2b2e1eb9963c90c6302dc15fbd8c1c0a83a163ff2c7d7743 \
+    --hash=sha256:1553d1e99f035ace1c0544050622b7bc963374a00c467edafac50ad7bd276aef \
+    --hash=sha256:1b0493c091a1898f1136e3f4f991a784437fac3673780ff9de3bcf46c80b6b50 \
+    --hash=sha256:2ba8a45822b7aee805ab49abfe7eec16b90587f7f26df20c71dd89e45a97076f \
+    --hash=sha256:3c85641778460581c42924384f5e68076d724ceac0f267d66c757f7535069c93 \
+    --hash=sha256:3eb6434197633b7748cea30bf0ba9f66727cdce45117a712b29a443943733257 \
+    --hash=sha256:4c91af6e967c2015729d3e69c2e51d92f9898c330d6a851bf8f121236f3defd3 \
+    --hash=sha256:770f3782b31f50b68627e22f91cb182c48c47c02eb405fd689472aa7b7aa16dc \
+    --hash=sha256:79f9b6f7c46ae1f8ded75f68cf8ad50e5729ed4d590c74840471fc2823457d04 \
+    --hash=sha256:7a33145e04d44ce95bcd71e522b478d282ad0eafaf34fe1ec5bbd73e662f22b6 \
+    --hash=sha256:857959354ae3a6fa3da6651b966d13b0a8bed6bbc87a0de7b38a549db1d2a359 \
+    --hash=sha256:87f37fe5130574ff76c17cab61e7d2538a16f843bb7bca8ebbc4b12de3078596 \
+    --hash=sha256:95d5251e4b5ca00061f9d9f3d6fe537247e145a8524ae9fd30a2f8fbce993b5b \
+    --hash=sha256:9d1d3e63a4afdc29bd76ce6aa9d58c771cd1599fbba8cf5057e7860b203710dd \
+    --hash=sha256:a36c5c154f9d42ec176e6e620cb0dd275744aa1d804786a71ac37dc3661a5e95 \
+    --hash=sha256:ae5e35a2c189d397b91034642cb0eab0e346f776ec2eb44a49a459e6615d6e2e \
+    --hash=sha256:b0f7d4a3df8f06cf49f9f121bead236e328074de6449866515cea4907bbc63d6 \
+    --hash=sha256:b75110fb114fa366b29a027d0c9be3709579602ae111ff61674d28c93606acca \
+    --hash=sha256:ba5e697569f84b13640c9e193170e89c13c6244c24400fc57e88724ef610cd31 \
+    --hash=sha256:be2a9b390f77fd7676d80bc3cdc4f8edb940d8c198ed2d8c0be1319018c778e1 \
+    --hash=sha256:d5d8555d9bfc3f02385c1c37e9f998e2011f0db4f90e250e5bc0c0a85a813085 \
+    --hash=sha256:e55e22ac0a30023426564b1059b035973ec82186ddddbac867078435801c7801 \
+    --hash=sha256:e90f17980e6ab0f3c2f3730e56d1fe9bcba1891eeea58966e89d352492cc74f4 \
+    --hash=sha256:ecbb7b01409e9b782df5ded849c178a0aa7c906cf8c5a67368047daab282b184 \
+    --hash=sha256:ed01918d545a38998bfa5902c7c00e0fee90e957ce036a4000a88e3fe2264917 \
+    --hash=sha256:edabd457cd23a02965166026fd9bfd196f4324fe6032e866d0f3bd0301cd486f \
+    --hash=sha256:fdf1c1dc5bafc32bc5d08b054f94d659422b05aba244d6be4ddc1c72d9aa70fb \
+    # via cryptography
+chardet==3.0.4 \
+    --hash=sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae \
+    --hash=sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691 \
+    # via requests
+click==6.7 \
+    --hash=sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d \
+    --hash=sha256:f15516df478d5a56180fbf80e68f206010e6d160fc39fa508b65e035fd75130b \
+    # via flask
+cookies==2.2.1 \
+    --hash=sha256:15bee753002dff684987b8df8c235288eb8d45f8191ae056254812dfd42c81d3 \
+    --hash=sha256:d6b698788cae4cfa4e62ef8643a9ca332b79bd96cb314294b864ae8d7eb3ee8e \
+    # via moto
+cryptography==2.2.1 \
+    --hash=sha256:0f61273eccc681dc5a77dcd517cc2cb74078d1b00adb2b273d0a010153ae43c7 \
+    --hash=sha256:27dd18e180608c512433c843ad2d62396399608a0f3603c4d805500caeeec3d6 \
+    --hash=sha256:2893ee1d67dace6178732c9ea8c176fedf5b6a6463f72f1378b779cdba8a0ea5 \
+    --hash=sha256:2c5265c622e02af289bdc5e96c0a572bffa2fc2ac3f86fac3bace632ab25888c \
+    --hash=sha256:34a433c3783946106236c25a89e0c271a3bb1a8e8cd8f12782e8bf8bec4e351e \
+    --hash=sha256:39532ae44154ce88eec25d2a361e9c285b2477e0a4b4fc61fb9d4bcb3804dec6 \
+    --hash=sha256:469a72fda257b2179bb43e431b822d8087da53b40e68813bcfa54a16c3ebcdfe \
+    --hash=sha256:54029ce210d3013dccced6478f4dfb25e7a409e13086f714be9c14489c64e2c7 \
+    --hash=sha256:54776f1e2ffd957571b79738fb41d8df69a93edb6d148ca149494d73975e8cab \
+    --hash=sha256:84642ad31dccf9969b2613fa532ff5e871e9ee592ab0244dc9f6724e56591b8b \
+    --hash=sha256:8ce363eed7ccc70f53be6ea4200aa20bbff99c8cbfce21a904f98e76c2bf5887 \
+    --hash=sha256:95b7822c8bf203bafb95527eaf8995d9dd4eef1b6899631f9293aa6926dab1d9 \
+    --hash=sha256:9f2d66952fc55f13f9c62ea6ae6ff88c2f9c2c21533065e1f7bddf0cf33c4cb9 \
+    --hash=sha256:c27ed8b01d5feeff8479384ed782bad1e5071563f47194703f0dc20c1b558503 \
+    --hash=sha256:cf1069fda0c8e1d2bbef2cf0de0be797860c8a34d1df3a24f1180045fc06974f \
+    --hash=sha256:dddad9d322a3f0867009ff9f25477b8f7c0bdbedf143704b384c9472f11cb2d3 \
+    --hash=sha256:e42b290eb7804d82c6d614b55e3b726dee464099a0e6240175f8d7b682b9295d \
+    # via moto
+docker-pycreds==0.2.2 \
+    --hash=sha256:408ae6ec2b97345e02cbb3a05e0055443a27969e5b61d6773c733b534a40845b \
+    --hash=sha256:c7ab85de2894baff6ee8f15160cbbfa2fd3a04e56f0372c5793d24060687b299 \
+    # via docker
+docker==3.1.4 \
+    --hash=sha256:753251b142d56f243fba53ba321a37740a6b6583c528437f45df4d28ba3d4d5d \
+    --hash=sha256:add59251aa15a54c49d1514d576718d762ea5e3d79c2616b6dfaa3fad8d4c9fe \
+    # via moto
+docutils==0.14 \
+    --hash=sha256:02aec4bd92ab067f6ff27a38a38a41173bf01bed8f89157768c1573f53e474a6 \
+    --hash=sha256:51e64ef2ebfb29cae1faa133b3710143496eca21c530f3f71424d77687764274 \
+    --hash=sha256:7a4bd47eaf6596e1295ecb11361139febe29b084a87bf005bf899f9a42edc3c6 \
+    # via botocore
+factory-boy==2.9.2 \
+    --hash=sha256:340c602f6fed2d8dd160397f28f2c0219e937f0488460450e8e5bf2add020ed6 \
+    --hash=sha256:b8334bcc3c5b10af9a83ab5b8786f98cb322638dc1e6d320cad01c7f2b420e87
+fake-factory==0.7.2 \
+    --hash=sha256:2f1c3b9b5a76f414d9d98dd2a54cb9f50d10c11c5160c391eb8a36f0ea6c406f \
+    --hash=sha256:62a9b211c1eea951f63c992de305c31977768f042210df443885444683528173
+faker==0.8.12 \
+    --hash=sha256:9cc12b821f32ff45f6edfdc1ab7be3893b60b1224e952d68322a57e5b26a4a15 \
+    --hash=sha256:b06d0dc0166618298e668ced513ced7b10df34f3ad2045f22f1d7d88704e8e9c \
+    # via factory-boy
+flask==0.12.2 \
+    --hash=sha256:0749df235e3ff61ac108f69ac178c9770caeaccad2509cb762ce1f65570a8856 \
+    --hash=sha256:49f44461237b69ecd901cc7ce66feea0319b9158743dd27a2899962ab214dac1 \
+    # via pytest-flask
+freezegun==0.3.9 \
+    --hash=sha256:783ccccd7f60968bfe49ad9e114c18ea2b63831faaaf61c1f1f71ddfde1c0eee \
+    --hash=sha256:8842688de9497c82ecb40c30274ecc676e97ac78765b0ade105a97063d5b7a11
+idna==2.6 \
+    --hash=sha256:2c6a5de3089009e3da7c5dde64a141dbc8551d5b7f6cf4ed7c2568d0cc520a8f \
+    --hash=sha256:8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4 \
+    # via cryptography, requests
+itsdangerous==0.24 \
+    --hash=sha256:cbb3fcf8d3e33df861709ecaf89d9e6629cff0a217bc2848f1b41cd30d360519 \
+    # via flask
+jinja2==2.10 \
+    --hash=sha256:74c935a1b8bb9a3947c50a54766a969d4846290e1e788ea44c1392163723c3bd \
+    --hash=sha256:f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4 \
+    # via flask, moto
+jmespath==0.9.3 \
+    --hash=sha256:6a81d4c9aa62caf061cb517b4d9ad1dd300374cd4706997aff9cd6aedd61fc64 \
+    --hash=sha256:f11b4461f425740a1d908e9a3f7365c3d2e569f6ca68a2ff8bc5bcd9676edd63 \
+    # via boto3, botocore
+jsondiff==1.1.1 \
+    --hash=sha256:2d0437782de9418efa34e694aa59f43d7adb1899bd9a793f063867ddba8f7893 \
+    # via moto
+jsonpickle==0.9.6 \
+    --hash=sha256:545b3bee0d65e1abb4baa1818edcc9ec239aa9f2ffbfde8084d71c056180054f \
+    # via aws-xray-sdk
+markupsafe==1.0 \
+    --hash=sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665 \
+    # via jinja2
+mock==2.0.0 \
+    --hash=sha256:5ce3c71c5545b472da17b72268978914d0252980348636840bd34a00b5cc96c1 \
+    --hash=sha256:b158b6df76edd239b8208d481dc46b6afd45a846b7812ff0ce58971cf5bc8bba \
+    # via moto
+moto==1.3.0 \
+    --hash=sha256:485d56c164e5c658665fecd486ef00a3a3cef5904d0bb06741f13f78ab4828a1 \
+    --hash=sha256:e3e768828be9889abb2cf60fef14ad4a06208d5f79789913d6b07bc7b4a0be80
+nose==1.3.7 \
+    --hash=sha256:9ff7c6cc443f8c51994b34a667bbcf45afd6d945be7477b52e97516fd17c53ac \
+    --hash=sha256:dadcddc0aefbf99eea214e0f1232b94f2fa9bd98fa8353711dacb112bfcbbb2a \
+    --hash=sha256:f1bffef9cbc82628f6e7d7b40d7e255aefaa1adb6a1b1d26c69a8b79e6208a98
+pbr==3.1.1 \
+    --hash=sha256:05f61c71aaefc02d8e37c0a3eeb9815ff526ea28b3b76324769e6158d7f95be1 \
+    --hash=sha256:60c25b7dfd054ef9bb0ae327af949dd4676aa09ac3a9471cdc871d8a9213f9ac \
+    # via mock
+pluggy==0.6.0 \
+    --hash=sha256:7f8ae7f5bdf75671a718d2daf0a64b7885f74510bcd98b1a0bb420eb9a9d0cff \
+    # via pytest
+py==1.5.2 \
+    --hash=sha256:8cca5c229d225f8c1e3085be4fcf306090b00850fefad892f9d96c7b6e2f310f \
+    --hash=sha256:ca18943e28235417756316bfada6cd96b23ce60dd532642690dcfdaba988a76d \
+    # via pytest
+pyaml==17.12.1 \
+    --hash=sha256:66623c52f34d83a2c0fc963e08e8b9d0c13d88404e3b43b1852ef71eda19afa3 \
+    --hash=sha256:f83fc302c52c6b83a15345792693ae0b5bc07ad19f59e318b7617d7123d62990 \
+    # via moto
+pycparser==2.18 \
+    --hash=sha256:99a8ca03e29851d96616ad0404b4aad7d9ee16f25c9f9708a11faf2810f7b226 \
+    # via cffi
+pyflakes==1.6.0 \
+    --hash=sha256:08bd6a50edf8cffa9fa09a463063c425ecaaf10d1eb0335a7e8b1401aef89e6f \
+    --hash=sha256:8d616a382f243dbf19b54743f280b80198be0bca3a5396f1d2e1fca6223e8805
+pytest-flask==0.10.0 \
+    --hash=sha256:2c5a36f9033ef8b6f85ddbefaebdd4f89197fc283f94b20dfe1a1beba4b77f03 \
+    --hash=sha256:657c7de386215ab0230bee4d76ace0339ae82fcbb34e134e17a29f65032eef03
+pytest-mock==1.7.1 \
+    --hash=sha256:03a2fea79d0a83a8de2e77e92afe5f0a5ca99a58cc68f843f9a74de34800a943 \
+    --hash=sha256:b879dff61e31fcd4727c227c182f15f222a155293cc64ed5a02d55e0020cf949
+pytest==3.3.2 \
+    --hash=sha256:53548280ede7818f4dc2ad96608b9f08ae2cc2ca3874f2ceb6f97e3583f25bc4 \
+    --hash=sha256:b84878865558194630c6147f44bdaef27222a9f153bbd4a08908b16bf285e0b1
+python-dateutil==2.6.1 \
+    --hash=sha256:891c38b2a02f5bb1be3e4793866c8df49c7d19baabf9c1bad62547e0b4866aca \
+    --hash=sha256:95511bae634d69bc7329ba55e646499a842bc4ec342ad54a8cdb65645a0aad3c \
+    # via botocore, fake-factory, faker, freezegun, moto
+pytz==2018.3 \
+    --hash=sha256:07edfc3d4d2705a20a6e99d97f0c4b61c800b8232dc1c04d87e8554f130148dd \
+    --hash=sha256:410bcd1d6409026fbaa65d9ed33bf6dd8b1e94a499e32168acfc7b332e4095c0 \
+    # via moto
+pyyaml==3.12 \
+    --hash=sha256:16b20e970597e051997d90dc2cddc713a2876c47e3d92d59ee198700c5427736 \
+    --hash=sha256:3262c96a1ca437e7e4763e2843746588a965426550f3797a79fca9c6199c431f \
+    --hash=sha256:592766c6303207a20efc445587778322d7f73b161bd994f227adaa341ba212ab \
+    --hash=sha256:5ac82e411044fb129bae5cfbeb3ba626acb2af31a8d17d175004b70862a741a7 \
+    --hash=sha256:827dc04b8fa7d07c44de11fabbc888e627fa8293b695e0f99cb544fdfa1bf0d1 \
+    --hash=sha256:bc6bced57f826ca7cb5125a10b23fd0f2fff3b7c4701d64c439a300ce665fff8 \
+    --hash=sha256:c01b880ec30b5a6e6aa67b09a2fe3fb30473008c85cd6a67359a1b15ed6d83a4 \
+    --hash=sha256:e863072cdf4c72eebf179342c94e6989c67185842d9997960b3e69290b2fa269 \
+    # via pyaml
+requests-mock==1.4.0 \
+    --hash=sha256:2931887853c42e1d73879983d5bf03041109472991c5b4b8dba5d11ed23b9d0b \
+    --hash=sha256:96a1e45b1c0bd18d14fcb2d55b3b09d6d46237e37bcae3155df4cb75bc42619e
+requests==2.18.4 \
+    --hash=sha256:6a1b267aa90cac58ac3a765d067950e7dbbf75b1da07e895d1f594193a40a38b \
+    --hash=sha256:9c443e7324ba5b85070c4a818ade28bfabedf16ea10206da1132edaa6dda237e \
+    # via aws-xray-sdk, docker, moto, requests-mock
+s3transfer==0.1.13 \
+    --hash=sha256:90dc18e028989c609146e241ea153250be451e05ecc0c2832565231dacdf59c1 \
+    --hash=sha256:c7a9ec356982d5e9ab2d4b46391a7d6a950e2b04c472419f5fdec70cc0ada72f \
+    # via boto3
+six==1.11.0 \
+    --hash=sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9 \
+    --hash=sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb \
+    # via cryptography, docker, docker-pycreds, fake-factory, faker, freezegun, mock, moto, pytest, python-dateutil, requests-mock, websocket-client
+text-unidecode==1.2 \
+    --hash=sha256:5a1375bb2ba7968740508ae38d92e1f889a0832913cb1c447d5e2046061a396d \
+    --hash=sha256:801e38bd550b943563660a91de8d4b6fa5df60a542be9093f7abf819f86050cc \
+    # via faker
+urllib3==1.22 \
+    --hash=sha256:06330f386d6e4b195fbfc736b297f58c5a892e4440e54d294d7004e3a9bbea1b \
+    --hash=sha256:cc44da8e1145637334317feebd728bd869a35285b93cbb4cca2577da7e62db4f \
+    # via requests
+websocket-client==0.47.0 \
+    --hash=sha256:188b68b14fdb2d8eb1a111f21b9ffd2dbf1dbc4e4c1d28cf2c37cdbf1dd1cae6 \
+    --hash=sha256:a453dc4dfa6e0db3d8fd7738a308a88effe6240c59f3226eb93e8f020c216149 \
+    # via docker
+werkzeug==0.14.1 \
+    --hash=sha256:c3fd7a7d41976d9f44db327260e263132466836cef6f91512889ed60ad26557c \
+    --hash=sha256:d5da73735293558eb1651ee2fddc4d0dedcfa06538b8813a2e20011583c9e49b \
+    # via flask, moto, pytest-flask
+wrapt==1.10.11 \
+    --hash=sha256:d4d560d479f2c21e1b5443bbd15fe7ec4b37fe7e53d335d3b9b0a7b1226fe3c6 \
+    # via aws-xray-sdk
+xmltodict==0.11.0 \
+    --hash=sha256:8f8d7d40aa28d83f4109a7e8aa86e67a4df202d9538be40c0cb1d70da527b0df \
+    --hash=sha256:add07d92089ff611badec526912747cf87afd4f9447af6661aca074eeaf32615 \
+    # via moto
diff --git a/requirements.in b/requirements.in
index ba443684..39a43fac 100644
--- a/requirements.in
+++ b/requirements.in
@@ -1,33 +1,34 @@
-Flask==0.12
-Flask-RESTful==0.3.6
-Flask-SQLAlchemy>2,<3
-Flask-Script==2.0.6
-Flask-Migrate==2.1.1
+acme
+alembic-autogenerate-enums==0.0.2
+arrow==0.12.0
+boto3
+cryptography
 Flask-Bcrypt==0.7.1
 Flask-Mail==0.9.1
-SQLAlchemy-Utils==0.32.21
-requests==2.11.1
-ndg-httpsclient==0.4.2
-psycopg2==2.7.3
-arrow==0.12.0
-six==1.11.0
-marshmallow-sqlalchemy==0.13.1
-gunicorn==19.7.1
-marshmallow==2.15.0
-cryptography==1.9
-xmltodict==0.11.0
-pyjwt==1.5.3
-lockfile==0.12.2
-inflection==0.3.1
+Flask-Migrate==2.1.1
+Flask-Principal==0.4.0
+Flask-RESTful==0.3.6
+Flask-Script==2.0.6
+Flask-SQLAlchemy
+Flask==0.12
 future==0.16.0
-boto3==1.5.7
-acme==0.20.0
-retrying==1.3.3
-tabulate==0.8.2
-pyOpenSSL==17.2.0
-pem==17.1.0
-raven[flask]==6.2.1
+gunicorn==19.7.1
+inflection==0.3.1
 jinja2==2.10
+lockfile==0.12.2
+marshmallow-sqlalchemy==0.13.1
+marshmallow==2.15.0
+ndg-httpsclient==0.4.2
 paramiko==2.4.1  # required for lemur_linuxdst plugin
-python_ldap<=3.0.0b4
-alembic-autogenerate-enums==0.0.2
+pem==17.1.0
+psycopg2
+pyjwt
+pyOpenSSL
+python_ldap
+raven[flask]==6.2.1
+requests
+retrying==1.3.3
+six==1.11.0
+SQLAlchemy-Utils
+tabulate==0.8.2
+xmltodict==0.11.0
diff --git a/requirements.txt b/requirements.txt
index a4d3b587..79da4fb1 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -2,316 +2,70 @@
 # This file is autogenerated by pip-compile
 # To update, run:
 #
-#    pip-compile --no-index --output-file requirements.txt requirements.in
+#    pip-compile --output-file requirements.txt requirements.in
 #
-acme==0.20.0 \
-    --hash=sha256:45121aed6c8cc2f31896ac1083068dfdeb613f3edeff9576dc0d10632ea5a3d5 \
-    --hash=sha256:8b0cee192c0d76d6f4045bdb14b3cfd29d9720e0dad2046794a2a555f1eaccb7
-alembic-autogenerate-enums==0.0.2 \
-    --hash=sha256:adb49909c864a263f92bf7b99752d5c4b2f496617cccb5cfc689af9c72235ff9
-alembic==0.9.8 \
-    --hash=sha256:13b8611788acf0d7b617775db5c2ae26554a6d4263c590ef628d448fd05aef56 \
-    # via flask-migrate
-aniso8601==3.0.0 \
-    --hash=sha256:7cf068e7aec00edeb21879c2bbda048656c34d281e133a77425be03b352122d8 \
-    --hash=sha256:f7052eb342bf2000c6264a253acedb362513bf9270800be2bc8e3e229fe08b5a \
-    # via flask-restful
-arrow==0.12.0 \
-    --hash=sha256:a15ecfddf334316e3ac8695e48c15d1be0d6038603b33043930dcf0e675c86ee
-asn1crypto==0.24.0 \
-    --hash=sha256:2f1adbb7546ed199e3c90ef23ec95c5cf3585bac7d11fb7eb562a3fe89c64e87 \
-    --hash=sha256:9d5c20441baf0cb60a4ac34cc447c6c189024b6b4c6cd7877034f4965c464e49 \
-    # via cryptography
-bcrypt==3.1.4 \
-    --hash=sha256:01477981abf74e306e8ee31629a940a5e9138de000c6b0898f7f850461c4a0a5 \
-    --hash=sha256:054d6e0acaea429e6da3613fcd12d05ee29a531794d96f6ab959f29a39f33391 \
-    --hash=sha256:0872eeecdf9a429c1420158500eedb323a132bc5bf3339475151c52414729e70 \
-    --hash=sha256:09a3b8c258b815eadb611bad04ca15ec77d86aa9ce56070e1af0d5932f17642a \
-    --hash=sha256:0f317e4ffbdd15c3c0f8ab5fbd86aa9aabc7bea18b5cc5951b456fe39e9f738c \
-    --hash=sha256:2788c32673a2ad0062bea850ab73cffc0dba874db10d7a3682b6f2f280553f20 \
-    --hash=sha256:321d4d48be25b8d77594d8324c0585c80ae91ac214f62db9098734e5e7fb280f \
-    --hash=sha256:346d6f84ff0b493dbc90c6b77136df83e81f903f0b95525ee80e5e6d5e4eef84 \
-    --hash=sha256:34dd60b90b0f6de94a89e71fcd19913a30e83091c8468d0923a93a0cccbfbbff \
-    --hash=sha256:3b4c23300c4eded8895442c003ae9b14328ae69309ac5867e7530de8bdd7875d \
-    --hash=sha256:43d1960e7db14042319c46925892d5fa99b08ff21d57482e6f5328a1aca03588 \
-    --hash=sha256:49e96267cd9be55a349fd74f9852eb9ae2c427cd7f6455d0f1765d7332292832 \
-    --hash=sha256:67ed1a374c9155ec0840214ce804616de49c3df9c5bc66740687c1c9b1cd9e8d \
-    --hash=sha256:6efd9ca20aefbaf2e7e6817a2c6ed4a50ff6900fafdea1bcb1d0e9471743b144 \
-    --hash=sha256:8569844a5d8e1fdde4d7712a05ab2e6061343ac34af6e7e3d7935b2bd1907bfd \
-    --hash=sha256:8629ea6a8a59f865add1d6a87464c3c676e60101b8d16ef404d0a031424a8491 \
-    --hash=sha256:988cac675e25133d01a78f2286189c1f01974470817a33eaf4cfee573cfb72a5 \
-    --hash=sha256:9a6fedda73aba1568962f7543a1f586051c54febbc74e87769bad6a4b8587c39 \
-    --hash=sha256:9eced8962ce3b7124fe20fd358cf8c7470706437fa064b9874f849ad4c5866fc \
-    --hash=sha256:a005ed6163490988711ff732386b08effcbf8df62ae93dd1e5bda0714fad8afb \
-    --hash=sha256:ae35dbcb6b011af6c840893b32399252d81ff57d52c13e12422e16b5fea1d0fb \
-    --hash=sha256:b1e8491c6740f21b37cca77bc64677696a3fb9f32360794d57fa8477b7329eda \
-    --hash=sha256:c906bdb482162e9ef48eea9f8c0d967acceb5c84f2d25574c7d2a58d04861df1 \
-    --hash=sha256:cb18ffdc861dbb244f14be32c47ab69604d0aca415bee53485fcea4f8e93d5ef \
-    --hash=sha256:d86da365dda59010ba0d1ac45aa78390f56bf7f992e65f70b3b081d5e5257b09 \
-    --hash=sha256:e22f0997622e1ceec834fd25947dc2ee2962c2133ea693d61805bc867abaf7ea \
-    --hash=sha256:f2fe545d27a619a552396533cddf70d83cecd880a611cdfdbb87ca6aec52f66b \
-    --hash=sha256:f7fd3ed3745fe6e81e28dc3b3d76cce31525a91f32a387e1febd6b982caf8cdb \
-    --hash=sha256:f9210820ee4818d84658ed7df16a7f30c9fba7d8b139959950acef91745cc0f7 \
-    # via flask-bcrypt, paramiko
-blinker==1.4 \
-    --hash=sha256:471aee25f3992bd325afa3772f1063dbdbbca947a041b8b89466dc00d606f8b6 \
-    # via flask-mail, flask-principal, raven
-boto3==1.5.7 \
-    --hash=sha256:00a384f703d7abdc9eb932e64404060b6287543afbd03cae0f811dc29aa2c129 \
-    --hash=sha256:c41540a1d74a4ef7c642d91cb47dae884eafe6665d76a1b9ce1032e3aabde56c
-botocore==1.8.50 \
-    --hash=sha256:898f10e68a7a1c2be621caf046d29a8f782c0ea866d644d5be46472c00a3dee9 \
-    --hash=sha256:a80a23e080f4a93d11a1c067a69304dd407d18c358cba1e0df8c96f56c9e98b4 \
-    # via boto3, s3transfer
-cffi==1.11.5 \
-    --hash=sha256:151b7eefd035c56b2b2e1eb9963c90c6302dc15fbd8c1c0a83a163ff2c7d7743 \
-    --hash=sha256:1553d1e99f035ace1c0544050622b7bc963374a00c467edafac50ad7bd276aef \
-    --hash=sha256:1b0493c091a1898f1136e3f4f991a784437fac3673780ff9de3bcf46c80b6b50 \
-    --hash=sha256:2ba8a45822b7aee805ab49abfe7eec16b90587f7f26df20c71dd89e45a97076f \
-    --hash=sha256:3c85641778460581c42924384f5e68076d724ceac0f267d66c757f7535069c93 \
-    --hash=sha256:3eb6434197633b7748cea30bf0ba9f66727cdce45117a712b29a443943733257 \
-    --hash=sha256:4c91af6e967c2015729d3e69c2e51d92f9898c330d6a851bf8f121236f3defd3 \
-    --hash=sha256:770f3782b31f50b68627e22f91cb182c48c47c02eb405fd689472aa7b7aa16dc \
-    --hash=sha256:79f9b6f7c46ae1f8ded75f68cf8ad50e5729ed4d590c74840471fc2823457d04 \
-    --hash=sha256:7a33145e04d44ce95bcd71e522b478d282ad0eafaf34fe1ec5bbd73e662f22b6 \
-    --hash=sha256:857959354ae3a6fa3da6651b966d13b0a8bed6bbc87a0de7b38a549db1d2a359 \
-    --hash=sha256:87f37fe5130574ff76c17cab61e7d2538a16f843bb7bca8ebbc4b12de3078596 \
-    --hash=sha256:95d5251e4b5ca00061f9d9f3d6fe537247e145a8524ae9fd30a2f8fbce993b5b \
-    --hash=sha256:9d1d3e63a4afdc29bd76ce6aa9d58c771cd1599fbba8cf5057e7860b203710dd \
-    --hash=sha256:a36c5c154f9d42ec176e6e620cb0dd275744aa1d804786a71ac37dc3661a5e95 \
-    --hash=sha256:ae5e35a2c189d397b91034642cb0eab0e346f776ec2eb44a49a459e6615d6e2e \
-    --hash=sha256:b0f7d4a3df8f06cf49f9f121bead236e328074de6449866515cea4907bbc63d6 \
-    --hash=sha256:b75110fb114fa366b29a027d0c9be3709579602ae111ff61674d28c93606acca \
-    --hash=sha256:ba5e697569f84b13640c9e193170e89c13c6244c24400fc57e88724ef610cd31 \
-    --hash=sha256:be2a9b390f77fd7676d80bc3cdc4f8edb940d8c198ed2d8c0be1319018c778e1 \
-    --hash=sha256:d5d8555d9bfc3f02385c1c37e9f998e2011f0db4f90e250e5bc0c0a85a813085 \
-    --hash=sha256:e55e22ac0a30023426564b1059b035973ec82186ddddbac867078435801c7801 \
-    --hash=sha256:e90f17980e6ab0f3c2f3730e56d1fe9bcba1891eeea58966e89d352492cc74f4 \
-    --hash=sha256:ecbb7b01409e9b782df5ded849c178a0aa7c906cf8c5a67368047daab282b184 \
-    --hash=sha256:ed01918d545a38998bfa5902c7c00e0fee90e957ce036a4000a88e3fe2264917 \
-    --hash=sha256:edabd457cd23a02965166026fd9bfd196f4324fe6032e866d0f3bd0301cd486f \
-    --hash=sha256:fdf1c1dc5bafc32bc5d08b054f94d659422b05aba244d6be4ddc1c72d9aa70fb \
-    # via bcrypt, cryptography, pynacl
-click==6.7 \
-    --hash=sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d \
-    --hash=sha256:f15516df478d5a56180fbf80e68f206010e6d160fc39fa508b65e035fd75130b \
-    # via flask
-cryptography==1.9 \
-    --hash=sha256:025a96e48164106f2082b00f42bf430cf21f09e203e42585a712e420b75cbff0 \
-    --hash=sha256:2230c186182d773064d06242e0fa604cd718bfff28aa9c5ae73d7e426e98a151 \
-    --hash=sha256:2908f709f02711dbb10561a9f154d2f7d1792385e2341e9708539cc4ecfb8667 \
-    --hash=sha256:2a5e577f5d2093e51486b4ec02b51bb5adb165b98fee99929d5af0813e90b469 \
-    --hash=sha256:2eb8297b877cb6b56216750fa7017c9f5786bec8afd6a0f1aaace02cbfb6195f \
-    --hash=sha256:365eb804362e581c9a02e7a610b30514f07dd77b2a38aed338eb5192446bbc58 \
-    --hash=sha256:3dc94ed5a26b8553a325767358f505c0a43e0c89df078647f77a4d022ddcdc57 \
-    --hash=sha256:469a9d3d851038f1eb7d7f77bb08bb4775b41483372be450e25b293fe57bd59e \
-    --hash=sha256:533143321d15c8743f91eec5c5f495c1b5cad9a25de8f6dab01eddd6b416903e \
-    --hash=sha256:5474fe5ce6b517d3086e0231b6ad88f8978c551c4379f91c3d619c308490f0d7 \
-    --hash=sha256:5518337022718029e367d982642f3e3523541e098ad671672a90b82474c84882 \
-    --hash=sha256:5ff169869624e23767d70db274f13a9ea4e97c029425a1224aa5e049e84ce2af \
-    --hash=sha256:61eb3534f8ed2415dd708b28919205d523f220e4cd5b8165844edfdd4a649b8e \
-    --hash=sha256:7db719432648f14ea33edffc5f75330c595804eac86ca916528b35ce50a8bfd6 \
-    --hash=sha256:9d9da8bac2e31003d092f5ef6981a725c77c4e9a30638436884d61ad39f9a1ee \
-    --hash=sha256:c26e057a2de13e97e708328d295c5ac4cd3eab4a5c42ce727dd1a53316034b8a \
-    --hash=sha256:ca72537a7064bb80e34b6908e576ffc8e2c2cad29a7168f48d0999df089695c3 \
-    --hash=sha256:fab8ec6866e384d9827d5dc02a1383e991a6c05c54f818316c4b829e56ca2ba3
-docutils==0.14 \
-    --hash=sha256:02aec4bd92ab067f6ff27a38a38a41173bf01bed8f89157768c1573f53e474a6 \
-    --hash=sha256:51e64ef2ebfb29cae1faa133b3710143496eca21c530f3f71424d77687764274 \
-    --hash=sha256:7a4bd47eaf6596e1295ecb11361139febe29b084a87bf005bf899f9a42edc3c6 \
-    # via botocore
-flask-bcrypt==0.7.1 \
-    --hash=sha256:d71c8585b2ee1c62024392ebdbc447438564e2c8c02b4e57b56a4cafd8d13c5f
-flask-mail==0.9.1 \
-    --hash=sha256:22e5eb9a940bf407bcf30410ecc3708f3c56cc44b29c34e1726fe85006935f41
-flask-migrate==2.1.1 \
-    --hash=sha256:493f9b3795985b9b4915bf3b7d16946697f027b73545384e7d9e3a79f989d2fe \
-    --hash=sha256:b709ca8642559c3c5a81a33ab10839fa052177accd5ba821047a99db635255ed
-flask-principal==0.4.0 \
-    --hash=sha256:f5d6134b5caebfdbb86f32d56d18ee44b080876a27269560a96ea35f75c99453
-flask-restful==0.3.6 \
-    --hash=sha256:5795519501347e108c436b693ff9a4d7b373a3ac9069627d64e4001c05dd3407 \
-    --hash=sha256:e2f1b8063de3944b94c7f8be5cee4d2161db0267c54c5b757d875295061776fa
-flask-script==2.0.6 \
-    --hash=sha256:6425963d91054cfcc185807141c7314a9c5ad46325911bd24dcb489bd0161c65
-flask-sqlalchemy==2.3.2 \
-    --hash=sha256:3bc0fac969dd8c0ace01b32060f0c729565293302f0c4269beed154b46bec50b \
-    --hash=sha256:5971b9852b5888655f11db634e87725a9031e170f37c0ce7851cf83497f56e53
-flask==0.12 \
-    --hash=sha256:7f03bb2c255452444f7265eddb51601806e5447b6f8a2d50bbc77a654a14c118 \
-    --hash=sha256:93e803cdbe326a61ebd5c5d353959397c85f829bec610d59cb635c9f97d7ca8b
-future==0.16.0 \
-    --hash=sha256:e39ced1ab767b5936646cedba8bcce582398233d6a627067d4c6a454c90cfedb
-gunicorn==19.7.1 \
-    --hash=sha256:75af03c99389535f218cc596c7de74df4763803f7b63eb09d77e92b3956b36c6 \
-    --hash=sha256:eee1169f0ca667be05db3351a0960765620dad53f53434262ff8901b68a1b622
-idna==2.6 \
-    --hash=sha256:2c6a5de3089009e3da7c5dde64a141dbc8551d5b7f6cf4ed7c2568d0cc520a8f \
-    --hash=sha256:8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4 \
-    # via cryptography
-inflection==0.3.1 \
-    --hash=sha256:18ea7fb7a7d152853386523def08736aa8c32636b047ade55f7578c4edeb16ca
-itsdangerous==0.24 \
-    --hash=sha256:cbb3fcf8d3e33df861709ecaf89d9e6629cff0a217bc2848f1b41cd30d360519 \
-    # via flask
-jinja2==2.10 \
-    --hash=sha256:74c935a1b8bb9a3947c50a54766a969d4846290e1e788ea44c1392163723c3bd \
-    --hash=sha256:f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4
-jmespath==0.9.3 \
-    --hash=sha256:6a81d4c9aa62caf061cb517b4d9ad1dd300374cd4706997aff9cd6aedd61fc64 \
-    --hash=sha256:f11b4461f425740a1d908e9a3f7365c3d2e569f6ca68a2ff8bc5bcd9676edd63 \
-    # via boto3, botocore
-lockfile==0.12.2 \
-    --hash=sha256:6aed02de03cba24efabcd600b30540140634fc06cfa603822d508d5361e9f799 \
-    --hash=sha256:6c3cb24f344923d30b2785d5ad75182c8ea7ac1b6171b08657258ec7429d50fa
-mako==1.0.7 \
-    --hash=sha256:4e02fde57bd4abb5ec400181e4c314f56ac3e49ba4fb8b0d50bba18cb27d25ae \
-    # via alembic
-markupsafe==1.0 \
-    --hash=sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665 \
-    # via jinja2, mako
-marshmallow-sqlalchemy==0.13.1 \
-    --hash=sha256:4cc7f984f02564f0a444e1dcb69bbd5b6c7ebd30728332d668ffeeefe5d2878e \
-    --hash=sha256:f3e1f27c83a013b114c26c8fad59980067030b0db9863b7ff52b31ce85620201
-marshmallow==2.15.0 \
-    --hash=sha256:8740ada95f47fa19f905772aa4932dc5512226a90c30da5672d6d6bf3dd791a7 \
-    --hash=sha256:d3f31fe7be2106b1d783cbd0765ef4e1c6615505514695f33082805f929dd584
-mock==2.0.0 \
-    --hash=sha256:5ce3c71c5545b472da17b72268978914d0252980348636840bd34a00b5cc96c1 \
-    --hash=sha256:b158b6df76edd239b8208d481dc46b6afd45a846b7812ff0ce58971cf5bc8bba \
-    # via acme
-ndg-httpsclient==0.4.2 \
-    --hash=sha256:580987ef194334c50389e0d7de885fccf15605c13c6eecaabd8d6c43768eb8ac
-paramiko==2.4.1 \
-    --hash=sha256:24fb31c947de85fbdeca09e222d41206781581fb0bdf118d2ef18f6e414cd388 \
-    --hash=sha256:33e36775a6c71790ba7692a73f948b329cf9295a72b0102144b031114bd2a4f3
-pbr==3.1.1 \
-    --hash=sha256:05f61c71aaefc02d8e37c0a3eeb9815ff526ea28b3b76324769e6158d7f95be1 \
-    --hash=sha256:60c25b7dfd054ef9bb0ae327af949dd4676aa09ac3a9471cdc871d8a9213f9ac \
-    # via mock
-pem==17.1.0 \
-    --hash=sha256:80c83846e927139773f79cdc581f8e276eb7b3f7a0f0a08c7dabe8e51374b97b \
-    --hash=sha256:f64f0eb25f700a83cbb21b8f82a1a470f0fd75865e2c84606b3f912b01f65f48
-psycopg2==2.7.3 \
-    --hash=sha256:162ab9fc7c2be46b45978bdeecc54ab48f90e57c26c927bfbdcbedee77d22dac \
-    --hash=sha256:1b40c5549c0e39c95e26df4c6cdf49f3d85def38310da78628f1d29c3e7d177e \
-    --hash=sha256:2854703bf7c1287408f16d66a011426be07540748f19a84644677d6b8d1284a7 \
-    --hash=sha256:29db29bc5603ff9dc3a639a8e329ca4ab970d01d6fd27bcf2038e6514fe161f4 \
-    --hash=sha256:2fd25489f2fc5b1a4ab4a131cb7e6c804a664b4201e03d1c5aefcbb055b8bad6 \
-    --hash=sha256:4807cc2a3bf844b882bd11bdf43805430993ac29fa95ac3ed1cbaa24ab9c0319 \
-    --hash=sha256:4dd7ce445059e63b249dbcf6a759c45d1ae5f4e6468c60d50f4829e09d52cd4a \
-    --hash=sha256:5c11fc5091af28d048c321f2b23a3f984ffb5b546ab3cb7424c52c6feae6c965 \
-    --hash=sha256:5d6d3e80658bf7436202358490beabe7fc78497f5defecb4e9db91d19d5d2778 \
-    --hash=sha256:624d9e75d5cf636236ef0e7c325761d8e795200c91154d344b0efcdece535a93 \
-    --hash=sha256:65a7560c7dc45cd7cb8083e07341789ca9c1e3d668c04e198ec925da1ef0012c \
-    --hash=sha256:6a81bba87531e11e93eb5e193e3f25498eb4e3d7a0a730675ea311913ea93f8f \
-    --hash=sha256:6be1b5c96a122387afef18669f3bb0fb255a22e77da85bc37fdd5367a446880c \
-    --hash=sha256:94f7ca8013fa17b14e8be72dcc4994046fcd40f85b8cf45d13cdfcf777aad0f4 \
-    --hash=sha256:9b3009f237df518951fc2385dd444b7d79b83c4a9cdd26141d2bd9eabd32d681 \
-    --hash=sha256:9bfadd7163ec17983c1e395782755ea1c15702e4b79ed333ff70995cd4fb5505 \
-    --hash=sha256:a1f302a2ef32b16a8a6515d5ae6368460ad7434ba6a3751f5a2c1084f6234ff6 \
-    --hash=sha256:ad2d1274e69fac940c66854cbc92c9eda572b4b30cab4073d4383148874a8974 \
-    --hash=sha256:b148f8ccdf9d59bf762b67b80c4a46b9ce1e90dee0f10907640e5a18b07d0ee6 \
-    --hash=sha256:b2bc3bc99355fe26a76d1225c32ae6f97604f575cb41cd8e8a4932bbc5b932a7 \
-    --hash=sha256:b60024e969aaecc47530f96c723c4cac63d34606fb57806bed49991ff35aecea \
-    --hash=sha256:b807ca62f8844f3eb7bff5790ffc4bd851f51a22f453b59fe3c9461e097eac6d \
-    --hash=sha256:bbb843f752f582de95db533d371cf55acf69acd86b0b22e35d89f045c1f6c139 \
-    --hash=sha256:bc580e4dd39031eea0a662a3e8353b9fa90e500aa7ae14b4589cd4572f7ba4c3 \
-    --hash=sha256:c9bd49848556d04093909faec017c3675efabf78c2b7f383bf7c43ba18324ac8 \
-    --hash=sha256:cbd910a5d9e3c2e49c2e8f827f2261c27260260a0b46284445d1a3dd12265be8 \
-    --hash=sha256:cf4f620f3401e4e8f9e2934c45284e21d404bbe65cd7b81a50402f30c1160109 \
-    --hash=sha256:d2089a8dc7fea97386d66e46aabf5674538d946dcaf3374f736411638c93c2c4 \
-    --hash=sha256:db49705698f9edd4878457166b09e53788d3e7f10d86f490ee5978ce2613bc06 \
-    --hash=sha256:f2ae745ee9b65e04fcca2bbb7ff6d92c196b732f04d0b570310f8958b58ecb64 \
-    --hash=sha256:febc7334b1f33c08c5c8d29353d557d8510ff1205f9e7ef454a3f8306c79e9b4
-pyasn1-modules==0.2.1 \
-    --hash=sha256:47fb6757ab78fe966e7c58b2030b546854f78416d653163f0ce9290cf2278e8b \
-    --hash=sha256:af00ea8f2022b6287dc375b2c70f31ab5af83989fc6fe9eacd4976ce26cd7ccc \
-    # via python-ldap
-pyasn1==0.4.2 \
-    --hash=sha256:d258b0a71994f7770599835249cece1caef3c70def868c4915e6e5ca49b67d15 \
-    --hash=sha256:d5cd6ed995dba16fad0c521cfe31cd2d68400b53fcc2bce93326829be73ab6d1 \
-    # via paramiko, pyasn1-modules, python-ldap, requests
-pycparser==2.18 \
-    --hash=sha256:99a8ca03e29851d96616ad0404b4aad7d9ee16f25c9f9708a11faf2810f7b226 \
-    # via cffi
-pyjwt==1.5.3 \
-    --hash=sha256:500be75b17a63f70072416843dc80c8821109030be824f4d14758f114978bae7 \
-    --hash=sha256:a4e5f1441e3ca7b382fd0c0b416777ced1f97c64ef0c33bfa39daf38505cfd2f
-pyldap==3.0.0 \
-    --hash=sha256:9c10dc9663d3b3f5899f811fcb89618cc96d41b9f8a68b3eed5f13de5b44ce24
-pynacl==1.2.1 \
-    --hash=sha256:04e30e5bdeeb2d5b34107f28cd2f5bbfdc6c616f3be88fc6f53582ff1669eeca \
-    --hash=sha256:0bfa0d94d2be6874e40f896e0a67e290749151e7de767c5aefbad1121cad7512 \
-    --hash=sha256:11aa4e141b2456ce5cecc19c130e970793fa3a2c2e6fbb8ad65b28f35aa9e6b6 \
-    --hash=sha256:13bdc1fe084ff9ac7653ae5a924cae03bf4bb07c6667c9eb5b6eb3c570220776 \
-    --hash=sha256:14339dc233e7a9dda80a3800e64e7ff89d0878ba23360eea24f1af1b13772cac \
-    --hash=sha256:1d33e775fab3f383167afb20b9927aaf4961b953d76eeb271a5703a6d756b65b \
-    --hash=sha256:2a42b2399d0428619e58dac7734838102d35f6dcdee149e0088823629bf99fbb \
-    --hash=sha256:2dce05ac8b3c37b9e2f65eab56c544885607394753e9613fd159d5e2045c2d98 \
-    --hash=sha256:6453b0dae593163ffc6db6f9c9c1597d35c650598e2c39c0590d1757207a1ac2 \
-    --hash=sha256:73a5a96fb5fbf2215beee2353a128d382dbca83f5341f0d3c750877a236569ef \
-    --hash=sha256:8abb4ef79161a5f58848b30ab6fb98d8c466da21fdd65558ce1d7afc02c70b5f \
-    --hash=sha256:8ac1167195b32a8755de06efd5b2d2fe76fc864517dab66aaf65662cc59e1988 \
-    --hash=sha256:8f505f42f659012794414fa57c498404e64db78f1d98dfd40e318c569f3c783b \
-    --hash=sha256:be71cd5fce04061e1f3d39597f93619c80cdd3558a6c9ba99a546f144a8d8101 \
-    --hash=sha256:cf6877124ae6a0698404e169b3ba534542cfbc43f939d46b927d956daf0a373a \
-    --hash=sha256:d0eb5b2795b7ee2cbcfcadacbe95a13afbda048a262bd369da9904fecb568975 \
-    --hash=sha256:d795f506bcc9463efb5ebb0f65ed77921dcc9e0a50499dedd89f208445de9ecb \
-    --hash=sha256:d8aaf7e5d6b0e0ef7d6dbf7abeb75085713d0100b4eb1a4e4e857de76d77ac45 \
-    --hash=sha256:e0d38fa0a75f65f556fb912f2c6790d1fa29b7dd27a1d9cc5591b281321eaaa9 \
-    --hash=sha256:eb2acabbd487a46b38540a819ef67e477a674481f84a82a7ba2234b9ba46f752 \
-    --hash=sha256:eeee629828d0eb4f6d98ac41e9a3a6461d114d1d0aa111a8931c049359298da0 \
-    --hash=sha256:f5ce9e26d25eb0b2d96f3ef0ad70e1d3ae89b5d60255c462252a3e456a48c053 \
-    --hash=sha256:fabf73d5d0286f9e078774f3435601d2735c94ce9e514ac4fb945701edead7e4 \
-    # via paramiko
-pyopenssl==17.2.0 \
-    --hash=sha256:5d617ce36b07c51f330aa63b83bf7f25c40a0e95958876d54d1982f8c91b4834 \
-    --hash=sha256:c8959e441c2d85d646f3d6e9024ec02b2fc8dda92596e44ce3460b3a476bc694
-pyrfc3339==1.0 \
-    --hash=sha256:8dfbc6c458b8daba1c0f3620a8c78008b323a268b27b7359e92a4ae41325f535 \
-    --hash=sha256:eea31835c56e2096af4363a5745a784878a61d043e247d3a6d6a0a32a9741f56 \
-    # via acme
-python-dateutil==2.7.0 \
-    --hash=sha256:07009062406cffd554a9b4135cd2ff167c9bf6b7aac61fe946c93e69fad1bbd8 \
-    --hash=sha256:8f95bb7e6edbb2456a51a1fb58c8dca942024b4f5844cae62c90aa88afe6e300 \
-    # via alembic, arrow, botocore
-python-editor==1.0.3 \
-    --hash=sha256:a3c066acee22a1c94f63938341d4fb374e3fdd69366ed6603d7b24bed1efc565 \
-    # via alembic
-python-ldap==3.0.0 \
-    --hash=sha256:86746b912a2cd37a54b06c694f021b0c8556d4caeab75ef50435ada152e2fbe1 \
-    # via pyldap
-pytz==2018.3 \
-    --hash=sha256:07edfc3d4d2705a20a6e99d97f0c4b61c800b8232dc1c04d87e8554f130148dd \
-    --hash=sha256:410bcd1d6409026fbaa65d9ed33bf6dd8b1e94a499e32168acfc7b332e4095c0 \
-    # via acme, flask-restful, pyrfc3339
-raven[flask]==6.2.1 \
-    --hash=sha256:c0a30bcc3e3206059f79656d80362ce080b1c991c95d867edce559a7294570fe \
-    --hash=sha256:f58ead6842c02d427617e827f4c0a97cfd3f8b648a52e53ef12182002a8663cb
-requests[security]==2.11.1 \
-    --hash=sha256:545c4855cd9d7c12671444326337013766f4eea6068c3f0307fb2dc2696d580e \
-    --hash=sha256:5acf980358283faba0b897c73959cecf8b841205bb4b2ad3ef545f46eae1a133
-retrying==1.3.3 \
-    --hash=sha256:08c039560a6da2fe4f2c426d0766e284d3b736e355f8dd24b37367b0bb41973b
-s3transfer==0.1.13 \
-    --hash=sha256:90dc18e028989c609146e241ea153250be451e05ecc0c2832565231dacdf59c1 \
-    --hash=sha256:c7a9ec356982d5e9ab2d4b46391a7d6a950e2b04c472419f5fdec70cc0ada72f \
-    # via boto3
-six==1.11.0 \
-    --hash=sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9 \
-    --hash=sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb
-sqlalchemy-utils==0.32.21 \
-    --hash=sha256:e35431b0e57c4f7030ff598c23813c8b7b04b508ce10e8e9ebe448645b38d6d7
-sqlalchemy==1.2.5 \
-    --hash=sha256:249000654107a420a40200f1e0b555a79dfd4eff235b2ff60bc77714bd045f2d \
-    # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
-tabulate==0.8.2 \
-    --hash=sha256:e4ca13f26d0a6be2a2915428dc21e732f1e44dad7f76d7030b2ef1ec251cf7f2
-werkzeug==0.14.1 \
-    --hash=sha256:c3fd7a7d41976d9f44db327260e263132466836cef6f91512889ed60ad26557c \
-    --hash=sha256:d5da73735293558eb1651ee2fddc4d0dedcfa06538b8813a2e20011583c9e49b \
-    # via flask
-xmltodict==0.11.0 \
-    --hash=sha256:8f8d7d40aa28d83f4109a7e8aa86e67a4df202d9538be40c0cb1d70da527b0df \
-    --hash=sha256:add07d92089ff611badec526912747cf87afd4f9447af6661aca074eeaf32615
+acme==0.22.2
+alembic-autogenerate-enums==0.0.2
+alembic==0.9.8            # via flask-migrate
+aniso8601==3.0.0          # via flask-restful
+arrow==0.12.0
+asn1crypto==0.24.0        # via cryptography
+bcrypt==3.1.4             # via flask-bcrypt, paramiko
+blinker==1.4              # via flask-mail, flask-principal, raven
+boto3==1.6.12
+botocore==1.9.12          # via boto3, s3transfer
+certifi==2018.1.18        # via requests
+cffi==1.11.5              # via bcrypt, cryptography, pynacl
+chardet==3.0.4            # via requests
+click==6.7                # via flask
+cryptography==2.2.1
+docutils==0.14            # via botocore
+flask-bcrypt==0.7.1
+flask-mail==0.9.1
+flask-migrate==2.1.1
+flask-principal==0.4.0
+flask-restful==0.3.6
+flask-script==2.0.6
+flask-sqlalchemy==2.3.2
+flask==0.12
+future==0.16.0
+gunicorn==19.7.1
+idna==2.6                 # via cryptography, requests
+inflection==0.3.1
+itsdangerous==0.24        # via flask
+jinja2==2.10
+jmespath==0.9.3           # via boto3, botocore
+josepy==1.0.1             # via acme
+lockfile==0.12.2
+mako==1.0.7               # via alembic
+markupsafe==1.0           # via jinja2, mako
+marshmallow-sqlalchemy==0.13.1
+marshmallow==2.15.0
+mock==2.0.0               # via acme
+ndg-httpsclient==0.4.2
+paramiko==2.4.1
+pbr==3.1.1                # via mock
+pem==17.1.0
+psycopg2==2.7.4
+pyasn1-modules==0.2.1     # via python-ldap
+pyasn1==0.4.2             # via paramiko, pyasn1-modules, python-ldap
+pycparser==2.18           # via cffi
+pyjwt==1.6.1
+pynacl==1.2.1             # via paramiko
+pyopenssl==17.5.0
+pyrfc3339==1.0            # via acme
+python-dateutil==2.6.1    # via alembic, arrow, botocore
+python-editor==1.0.3      # via alembic
+python-ldap==3.0.0
+pytz==2018.3              # via acme, flask-restful, pyrfc3339
+raven[flask]==6.2.1
+requests[security]==2.18.4
+retrying==1.3.3
+s3transfer==0.1.13        # via boto3
+six==1.11.0
+sqlalchemy-utils==0.33.1
+sqlalchemy==1.2.5         # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
+tabulate==0.8.2
+urllib3==1.22             # via requests
+werkzeug==0.14.1          # via flask
+xmltodict==0.11.0

From 40c35dc77b8fcafadcfbc5f1c4073274a3bbec39 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Wed, 21 Mar 2018 14:48:51 -0700
Subject: [PATCH 08/22] Update more dependencies. Remove hashes

---
 requirements-dev.txt   | 118 ++++-------------
 requirements-docs.txt  | 104 ++++-----------
 requirements-tests.in  |  15 ++-
 requirements-tests.txt | 293 ++++++++---------------------------------
 requirements.in        |   4 +-
 requirements.txt       |   2 +-
 6 files changed, 110 insertions(+), 426 deletions(-)

diff --git a/requirements-dev.txt b/requirements-dev.txt
index bc52ae5e..8a4185e3 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -2,98 +2,28 @@
 # This file is autogenerated by pip-compile
 # To update, run:
 #
-#    pip-compile --no-index --output-file requirements-dev.txt requirements-dev.in
+#    pip-compile --output-file requirements-dev.txt requirements-dev.in
 #
-aspy.yaml==1.0.0 \
-    --hash=sha256:6215f44900ff65f27dbd00a36b06a7926276436ed377320cfd4febd69bbd4a94 \
-    --hash=sha256:be70cc0ccd1ee1d30f589f2403792eb2ffa7546470af0a17179541b13d8374df \
-    # via pre-commit
-cached-property==1.4.0 \
-    --hash=sha256:6e6935ec62567fbcbc346fad84fcea9bc77e3547b7267e62bc5b7ed8e5438ae8 \
-    --hash=sha256:a2fa0f89dd422f7e5dd992a4a3e0ce209d5d1e47a4db28fd0a7b5273ec8da3f0 \
-    # via pre-commit
-certifi==2018.1.18 \
-    --hash=sha256:14131608ad2fd56836d33a71ee60fa1c82bc9d2c8d98b7bdbc631fe1b3cd1296 \
-    --hash=sha256:edbc3f203427eef571f79a7692bb160a2b0f7ccaa31953e99bd17e307cf63f7d \
-    # via requests
-cfgv==1.0.0 \
-    --hash=sha256:2fbaf8d082456d8fff5a68163ff59c1025a52e906914fbc738be7d8ea5b7aa4b \
-    --hash=sha256:733aa2f66b5106af32d271336a571610b9808e868de0ad5690d9d5155e5960c5 \
-    # via pre-commit
-chardet==3.0.4 \
-    --hash=sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae \
-    --hash=sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691 \
-    # via requests
-flake8==3.5.0 \
-    --hash=sha256:7253265f7abd8b313e3892944044a365e3f4ac3fcdcfb4298f55ee9ddf188ba0 \
-    --hash=sha256:c7841163e2b576d435799169b78703ad6ac1bbb0f199994fc05f700b2a90ea37
-identify==1.0.8 \
-    --hash=sha256:53be6ea950a5f40e13be2dd87e67413eb6879527b831333196ab2a54de38f499 \
-    --hash=sha256:c0bfb29634e04cde8e54aee2d55aff9dad30d6ea1f3e9e3ce731934d78635aa1 \
-    # via pre-commit
-idna==2.6 \
-    --hash=sha256:2c6a5de3089009e3da7c5dde64a141dbc8551d5b7f6cf4ed7c2568d0cc520a8f \
-    --hash=sha256:8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4 \
-    # via requests
-invoke==0.22.1 \
-    --hash=sha256:357f0661c1d84f9f113e6164705d92eb00b35cd704c31e82efbf0f012f25e40c \
-    --hash=sha256:39020b07218c87747e85dd422510f02a8d1282c71952942324c67d9eeaae8e62 \
-    --hash=sha256:621181a0efae67b3dadec583cf2c6b5096136635bf6a326c481c73db412b36fc
-mccabe==0.6.1 \
-    --hash=sha256:ab8a6258860da4b6677da4bd2fe5dc2c659cff31b3ee4f7f5d64e79735b80d42 \
-    --hash=sha256:dd8d182285a0fe56bace7f45b5e7d1a6ebcbf524e8f3bd87eb0f125271b8831f \
-    # via flake8
-nodeenv==1.3.0 \
-    --hash=sha256:dd0a34001090ff042cfdb4b0c8d6a6f7ec9baa49733f00b695bb8a8b4700ba6c
-pkginfo==1.4.2 \
-    --hash=sha256:5878d542a4b3f237e359926384f1dde4e099c9f5525d236b1840cf704fa8d474 \
-    --hash=sha256:a39076cb3eb34c333a0dd390b568e9e1e881c7bf2cc0aee12120636816f55aee \
-    # via twine
-pre-commit==1.8.2 \
-    --hash=sha256:01bb5f44606735ca30c8be641fa24f5760fcc599a0260ead0067bcde2f0305f9 \
-    --hash=sha256:823452163aa9fb024a9ff30947ba7f5a2778708db7554a4d36438b9bbead6bbb
-pycodestyle==2.3.1 \
-    --hash=sha256:682256a5b318149ca0d2a9185d365d8864a768a28db66a84a2ea946bcc426766 \
-    --hash=sha256:6c4245ade1edfad79c3446fadfc96b0de2759662dc29d07d80a6f27ad1ca6ba9 \
-    # via flake8
-pyflakes==1.6.0 \
-    --hash=sha256:08bd6a50edf8cffa9fa09a463063c425ecaaf10d1eb0335a7e8b1401aef89e6f \
-    --hash=sha256:8d616a382f243dbf19b54743f280b80198be0bca3a5396f1d2e1fca6223e8805 \
-    # via flake8
-pyyaml==3.12 \
-    --hash=sha256:16b20e970597e051997d90dc2cddc713a2876c47e3d92d59ee198700c5427736 \
-    --hash=sha256:3262c96a1ca437e7e4763e2843746588a965426550f3797a79fca9c6199c431f \
-    --hash=sha256:592766c6303207a20efc445587778322d7f73b161bd994f227adaa341ba212ab \
-    --hash=sha256:5ac82e411044fb129bae5cfbeb3ba626acb2af31a8d17d175004b70862a741a7 \
-    --hash=sha256:827dc04b8fa7d07c44de11fabbc888e627fa8293b695e0f99cb544fdfa1bf0d1 \
-    --hash=sha256:bc6bced57f826ca7cb5125a10b23fd0f2fff3b7c4701d64c439a300ce665fff8 \
-    --hash=sha256:c01b880ec30b5a6e6aa67b09a2fe3fb30473008c85cd6a67359a1b15ed6d83a4 \
-    --hash=sha256:e863072cdf4c72eebf179342c94e6989c67185842d9997960b3e69290b2fa269 \
-    # via aspy.yaml, pre-commit
-requests-toolbelt==0.8.0 \
-    --hash=sha256:42c9c170abc2cacb78b8ab23ac957945c7716249206f90874651971a4acff237 \
-    --hash=sha256:f6a531936c6fa4c6cfce1b9c10d5c4f498d16528d2a54a22ca00011205a187b5 \
-    # via twine
-requests==2.18.4 \
-    --hash=sha256:6a1b267aa90cac58ac3a765d067950e7dbbf75b1da07e895d1f594193a40a38b \
-    --hash=sha256:9c443e7324ba5b85070c4a818ade28bfabedf16ea10206da1132edaa6dda237e \
-    # via requests-toolbelt, twine
-six==1.11.0 \
-    --hash=sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9 \
-    --hash=sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb \
-    # via cfgv, pre-commit
-tqdm==4.19.8 \
-    --hash=sha256:05e991ecb0f874046ddcb374396a626afd046fb4d31f73633ea752b844458a7a \
-    --hash=sha256:2aea9f81fdf127048667e0ba22f5fc10ebc879fb838dc52dcf055242037ec1f7 \
-    # via twine
-twine==1.11.0 \
-    --hash=sha256:08eb132bbaec40c6d25b358f546ec1dc96ebd2638a86eea68769d9e67fe2b129 \
-    --hash=sha256:2fd9a4d9ff0bcacf41fdc40c8cb0cfaef1f1859457c9653fd1b92237cc4e9f25
-urllib3==1.22 \
-    --hash=sha256:06330f386d6e4b195fbfc736b297f58c5a892e4440e54d294d7004e3a9bbea1b \
-    --hash=sha256:cc44da8e1145637334317feebd728bd869a35285b93cbb4cca2577da7e62db4f \
-    # via requests
-virtualenv==15.1.0 \
-    --hash=sha256:02f8102c2436bb03b3ee6dede1919d1dac8a427541652e5ec95171ec8adbc93a \
-    --hash=sha256:39d88b533b422825d644087a21e78c45cf5af0ef7a99a1fc9fbb7b481e5c85b0 \
-    # via pre-commit
+aspy.yaml==1.0.0          # via pre-commit
+cached-property==1.4.0    # via pre-commit
+certifi==2018.1.18        # via requests
+cfgv==1.0.0               # via pre-commit
+chardet==3.0.4            # via requests
+flake8==3.5.0
+identify==1.0.8           # via pre-commit
+idna==2.6                 # via requests
+invoke==0.22.1
+mccabe==0.6.1             # via flake8
+nodeenv==1.3.0
+pkginfo==1.4.2            # via twine
+pre-commit==1.8.2
+pycodestyle==2.3.1        # via flake8
+pyflakes==1.6.0           # via flake8
+pyyaml==3.12              # via aspy.yaml, pre-commit
+requests-toolbelt==0.8.0  # via twine
+requests==2.18.4          # via requests-toolbelt, twine
+six==1.11.0               # via cfgv, pre-commit
+tqdm==4.19.8              # via twine
+twine==1.11.0
+urllib3==1.22             # via requests
+virtualenv==15.1.0        # via pre-commit
diff --git a/requirements-docs.txt b/requirements-docs.txt
index f2292921..373468c1 100644
--- a/requirements-docs.txt
+++ b/requirements-docs.txt
@@ -2,86 +2,26 @@
 # This file is autogenerated by pip-compile
 # To update, run:
 #
-#    pip-compile --no-index --output-file requirements-docs.txt requirements-docs.in
+#    pip-compile --output-file requirements-docs.txt requirements-docs.in
 #
-alabaster==0.7.10 \
-    --hash=sha256:2eef172f44e8d301d25aff8068fddd65f767a3f04b5f15b0f4922f113aa1c732 \
-    --hash=sha256:37cdcb9e9954ed60912ebc1ca12a9d12178c26637abdf124e3cde2341c257fe0 \
-    # via sphinx
-babel==2.5.3 \
-    --hash=sha256:8ce4cb6fdd4393edd323227cba3a077bceb2a6ce5201c902c65e730046f41f14 \
-    --hash=sha256:ad209a68d7162c4cff4b29cdebe3dec4cef75492df501b0049a9433c96ce6f80 \
-    # via sphinx
-certifi==2018.1.18 \
-    --hash=sha256:14131608ad2fd56836d33a71ee60fa1c82bc9d2c8d98b7bdbc631fe1b3cd1296 \
-    --hash=sha256:edbc3f203427eef571f79a7692bb160a2b0f7ccaa31953e99bd17e307cf63f7d \
-    # via requests
-chardet==3.0.4 \
-    --hash=sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae \
-    --hash=sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691 \
-    # via requests
-docutils==0.14 \
-    --hash=sha256:02aec4bd92ab067f6ff27a38a38a41173bf01bed8f89157768c1573f53e474a6 \
-    --hash=sha256:51e64ef2ebfb29cae1faa133b3710143496eca21c530f3f71424d77687764274 \
-    --hash=sha256:7a4bd47eaf6596e1295ecb11361139febe29b084a87bf005bf899f9a42edc3c6 \
-    # via sphinx
-idna==2.6 \
-    --hash=sha256:2c6a5de3089009e3da7c5dde64a141dbc8551d5b7f6cf4ed7c2568d0cc520a8f \
-    --hash=sha256:8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4 \
-    # via requests
-imagesize==1.0.0 \
-    --hash=sha256:3620cc0cadba3f7475f9940d22431fc4d407269f1be59ec9b8edcca26440cf18 \
-    --hash=sha256:5b326e4678b6925158ccc66a9fa3122b6106d7c876ee32d7de6ce59385b96315 \
-    # via sphinx
-jinja2==2.10 \
-    --hash=sha256:74c935a1b8bb9a3947c50a54766a969d4846290e1e788ea44c1392163723c3bd \
-    --hash=sha256:f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4 \
-    # via sphinx
-markupsafe==1.0 \
-    --hash=sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665 \
-    # via jinja2
-packaging==17.1 \
-    --hash=sha256:e9215d2d2535d3ae866c3d6efc77d5b24a0192cce0ff20e42896cc0664f889c0 \
-    --hash=sha256:f019b770dd64e585a99714f1fd5e01c7a8f11b45635aa953fd41c689a657375b \
-    # via sphinx
-pygments==2.2.0 \
-    --hash=sha256:78f3f434bcc5d6ee09020f92ba487f95ba50f1e3ef83ae96b9d5ffa1bab25c5d \
-    --hash=sha256:dbae1046def0efb574852fab9e90209b23f556367b5a320c0bcb871c77c3e8cc \
-    # via sphinx
-pyparsing==2.2.0 \
-    --hash=sha256:0832bcf47acd283788593e7a0f542407bd9550a55a8a8435214a1960e04bcb04 \
-    --hash=sha256:fee43f17a9c4087e7ed1605bd6df994c6173c1e977d7ade7b651292fab2bd010 \
-    # via packaging
-pytz==2018.3 \
-    --hash=sha256:07edfc3d4d2705a20a6e99d97f0c4b61c800b8232dc1c04d87e8554f130148dd \
-    --hash=sha256:410bcd1d6409026fbaa65d9ed33bf6dd8b1e94a499e32168acfc7b332e4095c0 \
-    # via babel
-requests==2.18.4 \
-    --hash=sha256:6a1b267aa90cac58ac3a765d067950e7dbbf75b1da07e895d1f594193a40a38b \
-    --hash=sha256:9c443e7324ba5b85070c4a818ade28bfabedf16ea10206da1132edaa6dda237e \
-    # via sphinx
-six==1.11.0 \
-    --hash=sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9 \
-    --hash=sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb \
-    # via packaging, sphinx, sphinxcontrib-httpdomain
-snowballstemmer==1.2.1 \
-    --hash=sha256:919f26a68b2c17a7634da993d91339e288964f93c274f1343e3bbbe2096e1128 \
-    --hash=sha256:9f3bcd3c401c3e862ec0ebe6d2c069ebc012ce142cce209c098ccb5b09136e89 \
-    # via sphinx
-sphinx-rtd-theme==0.2.4 \
-    --hash=sha256:2df74b8ff6fae6965c527e97cca6c6c944886aae474b490e17f92adfbe843417 \
-    --hash=sha256:62ee4752716e698bad7de8a18906f42d33664128eea06c46b718fc7fbd1a9f5c
-sphinx==1.7.2 \
-    --hash=sha256:5a1c9a0fec678c24b9a2f5afba240c04668edb7f45c67ce2ed008996b3f21ae2 \
-    --hash=sha256:7a606d77618a753adb79e13605166e3cf6a0e5678526e044236fc1ac43650910
-sphinxcontrib-httpdomain==1.6.1 \
-    --hash=sha256:029f596deb7b4246148a8e8a7d041764d0cad545cf4f3bb6252ac90c785ab221 \
-    --hash=sha256:2572c10bf84fab856999667369e3604eb209d8dda7321556bfee93fddcfc33b5
-sphinxcontrib-websupport==1.0.1 \
-    --hash=sha256:7a85961326aa3a400cd4ad3c816d70ed6f7c740acd7ce5d78cd0a67825072eb9 \
-    --hash=sha256:f4932e95869599b89bf4f80fc3989132d83c9faa5bf633e7b5e0c25dffb75da2 \
-    # via sphinx
-urllib3==1.22 \
-    --hash=sha256:06330f386d6e4b195fbfc736b297f58c5a892e4440e54d294d7004e3a9bbea1b \
-    --hash=sha256:cc44da8e1145637334317feebd728bd869a35285b93cbb4cca2577da7e62db4f \
-    # via requests
+alabaster==0.7.10         # via sphinx
+babel==2.5.3              # via sphinx
+certifi==2018.1.18        # via requests
+chardet==3.0.4            # via requests
+docutils==0.14            # via sphinx
+idna==2.6                 # via requests
+imagesize==1.0.0          # via sphinx
+jinja2==2.10              # via sphinx
+markupsafe==1.0           # via jinja2
+packaging==17.1           # via sphinx
+pygments==2.2.0           # via sphinx
+pyparsing==2.2.0          # via packaging
+pytz==2018.3              # via babel
+requests==2.18.4          # via sphinx
+six==1.11.0               # via packaging, sphinx, sphinxcontrib-httpdomain
+snowballstemmer==1.2.1    # via sphinx
+sphinx-rtd-theme==0.2.4
+sphinx==1.7.2
+sphinxcontrib-httpdomain==1.6.1
+sphinxcontrib-websupport==1.0.1  # via sphinx
+urllib3==1.22             # via requests
diff --git a/requirements-tests.in b/requirements-tests.in
index b2fef92a..71d00c31 100644
--- a/requirements-tests.in
+++ b/requirements-tests.in
@@ -1,10 +1,11 @@
-factory-boy==2.9.2
-fake-factory==0.7.2
-freezegun==0.3.9
+coverage
+factory-boy
+Faker
+freezegun
 moto>1,<2
-nose==1.3.7
+nose
 pyflakes
-pytest-flask==0.10.0
+pytest
+pytest-flask
 pytest-mock
-pytest==3.3.2
-requests-mock==1.4.0
+requests-mock
diff --git a/requirements-tests.txt b/requirements-tests.txt
index d11a0215..97819b07 100644
--- a/requirements-tests.txt
+++ b/requirements-tests.txt
@@ -2,244 +2,57 @@
 # This file is autogenerated by pip-compile
 # To update, run:
 #
-#    pip-compile --no-index --output-file requirements-tests.txt requirements-tests.in
+#    pip-compile --output-file requirements-tests.txt requirements-tests.in
 #
-asn1crypto==0.24.0 \
-    --hash=sha256:2f1adbb7546ed199e3c90ef23ec95c5cf3585bac7d11fb7eb562a3fe89c64e87 \
-    --hash=sha256:9d5c20441baf0cb60a4ac34cc447c6c189024b6b4c6cd7877034f4965c464e49 \
-    # via cryptography
-attrs==17.4.0 \
-    --hash=sha256:1c7960ccfd6a005cd9f7ba884e6316b5e430a3f1a6c37c5f87d8b43f83b54ec9 \
-    --hash=sha256:a17a9573a6f475c99b551c0e0a812707ddda1ec9653bed04c13841404ed6f450 \
-    # via pytest
-aws-xray-sdk==0.95 \
-    --hash=sha256:72791618feb22eaff2e628462b0d58f398ce8c1bacfa989b7679817ab1fad60c \
-    --hash=sha256:9e7ba8dd08fd2939376c21423376206bff01d0deaea7d7721c6b35921fed1943 \
-    # via moto
-boto3==1.6.12 \
-    --hash=sha256:3e224b2ec4b62d3a88577eb6261fef4898d7aa5baabe58c79b7abf718fca1479 \
-    --hash=sha256:a55f74e427ae26e30ee8696312e0caa57bfef58d9bf308fa4221ba2d968c8db2 \
-    # via moto
-boto==2.48.0 \
-    --hash=sha256:13be844158d1bd80a94c972c806ec8381b9ea72035aa06123c5db6bc6a6f3ead \
-    --hash=sha256:deb8925b734b109679e3de65856018996338758f4b916ff4fe7bb62b6d7000d1 \
-    # via moto
-botocore==1.9.12 \
-    --hash=sha256:2797b0dd2350c2611cf22fda3ea023b8f21cf3ef3db4bf8929f34ba779adaed0 \
-    --hash=sha256:54f28ec362c0ff2dfdc891835bdacdfb01770ab4973816fa37193164608ddbde \
-    # via boto3, moto, s3transfer
-certifi==2018.1.18 \
-    --hash=sha256:14131608ad2fd56836d33a71ee60fa1c82bc9d2c8d98b7bdbc631fe1b3cd1296 \
-    --hash=sha256:edbc3f203427eef571f79a7692bb160a2b0f7ccaa31953e99bd17e307cf63f7d \
-    # via requests
-cffi==1.11.5 \
-    --hash=sha256:151b7eefd035c56b2b2e1eb9963c90c6302dc15fbd8c1c0a83a163ff2c7d7743 \
-    --hash=sha256:1553d1e99f035ace1c0544050622b7bc963374a00c467edafac50ad7bd276aef \
-    --hash=sha256:1b0493c091a1898f1136e3f4f991a784437fac3673780ff9de3bcf46c80b6b50 \
-    --hash=sha256:2ba8a45822b7aee805ab49abfe7eec16b90587f7f26df20c71dd89e45a97076f \
-    --hash=sha256:3c85641778460581c42924384f5e68076d724ceac0f267d66c757f7535069c93 \
-    --hash=sha256:3eb6434197633b7748cea30bf0ba9f66727cdce45117a712b29a443943733257 \
-    --hash=sha256:4c91af6e967c2015729d3e69c2e51d92f9898c330d6a851bf8f121236f3defd3 \
-    --hash=sha256:770f3782b31f50b68627e22f91cb182c48c47c02eb405fd689472aa7b7aa16dc \
-    --hash=sha256:79f9b6f7c46ae1f8ded75f68cf8ad50e5729ed4d590c74840471fc2823457d04 \
-    --hash=sha256:7a33145e04d44ce95bcd71e522b478d282ad0eafaf34fe1ec5bbd73e662f22b6 \
-    --hash=sha256:857959354ae3a6fa3da6651b966d13b0a8bed6bbc87a0de7b38a549db1d2a359 \
-    --hash=sha256:87f37fe5130574ff76c17cab61e7d2538a16f843bb7bca8ebbc4b12de3078596 \
-    --hash=sha256:95d5251e4b5ca00061f9d9f3d6fe537247e145a8524ae9fd30a2f8fbce993b5b \
-    --hash=sha256:9d1d3e63a4afdc29bd76ce6aa9d58c771cd1599fbba8cf5057e7860b203710dd \
-    --hash=sha256:a36c5c154f9d42ec176e6e620cb0dd275744aa1d804786a71ac37dc3661a5e95 \
-    --hash=sha256:ae5e35a2c189d397b91034642cb0eab0e346f776ec2eb44a49a459e6615d6e2e \
-    --hash=sha256:b0f7d4a3df8f06cf49f9f121bead236e328074de6449866515cea4907bbc63d6 \
-    --hash=sha256:b75110fb114fa366b29a027d0c9be3709579602ae111ff61674d28c93606acca \
-    --hash=sha256:ba5e697569f84b13640c9e193170e89c13c6244c24400fc57e88724ef610cd31 \
-    --hash=sha256:be2a9b390f77fd7676d80bc3cdc4f8edb940d8c198ed2d8c0be1319018c778e1 \
-    --hash=sha256:d5d8555d9bfc3f02385c1c37e9f998e2011f0db4f90e250e5bc0c0a85a813085 \
-    --hash=sha256:e55e22ac0a30023426564b1059b035973ec82186ddddbac867078435801c7801 \
-    --hash=sha256:e90f17980e6ab0f3c2f3730e56d1fe9bcba1891eeea58966e89d352492cc74f4 \
-    --hash=sha256:ecbb7b01409e9b782df5ded849c178a0aa7c906cf8c5a67368047daab282b184 \
-    --hash=sha256:ed01918d545a38998bfa5902c7c00e0fee90e957ce036a4000a88e3fe2264917 \
-    --hash=sha256:edabd457cd23a02965166026fd9bfd196f4324fe6032e866d0f3bd0301cd486f \
-    --hash=sha256:fdf1c1dc5bafc32bc5d08b054f94d659422b05aba244d6be4ddc1c72d9aa70fb \
-    # via cryptography
-chardet==3.0.4 \
-    --hash=sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae \
-    --hash=sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691 \
-    # via requests
-click==6.7 \
-    --hash=sha256:29f99fc6125fbc931b758dc053b3114e55c77a6e4c6c3a2674a2dc986016381d \
-    --hash=sha256:f15516df478d5a56180fbf80e68f206010e6d160fc39fa508b65e035fd75130b \
-    # via flask
-cookies==2.2.1 \
-    --hash=sha256:15bee753002dff684987b8df8c235288eb8d45f8191ae056254812dfd42c81d3 \
-    --hash=sha256:d6b698788cae4cfa4e62ef8643a9ca332b79bd96cb314294b864ae8d7eb3ee8e \
-    # via moto
-cryptography==2.2.1 \
-    --hash=sha256:0f61273eccc681dc5a77dcd517cc2cb74078d1b00adb2b273d0a010153ae43c7 \
-    --hash=sha256:27dd18e180608c512433c843ad2d62396399608a0f3603c4d805500caeeec3d6 \
-    --hash=sha256:2893ee1d67dace6178732c9ea8c176fedf5b6a6463f72f1378b779cdba8a0ea5 \
-    --hash=sha256:2c5265c622e02af289bdc5e96c0a572bffa2fc2ac3f86fac3bace632ab25888c \
-    --hash=sha256:34a433c3783946106236c25a89e0c271a3bb1a8e8cd8f12782e8bf8bec4e351e \
-    --hash=sha256:39532ae44154ce88eec25d2a361e9c285b2477e0a4b4fc61fb9d4bcb3804dec6 \
-    --hash=sha256:469a72fda257b2179bb43e431b822d8087da53b40e68813bcfa54a16c3ebcdfe \
-    --hash=sha256:54029ce210d3013dccced6478f4dfb25e7a409e13086f714be9c14489c64e2c7 \
-    --hash=sha256:54776f1e2ffd957571b79738fb41d8df69a93edb6d148ca149494d73975e8cab \
-    --hash=sha256:84642ad31dccf9969b2613fa532ff5e871e9ee592ab0244dc9f6724e56591b8b \
-    --hash=sha256:8ce363eed7ccc70f53be6ea4200aa20bbff99c8cbfce21a904f98e76c2bf5887 \
-    --hash=sha256:95b7822c8bf203bafb95527eaf8995d9dd4eef1b6899631f9293aa6926dab1d9 \
-    --hash=sha256:9f2d66952fc55f13f9c62ea6ae6ff88c2f9c2c21533065e1f7bddf0cf33c4cb9 \
-    --hash=sha256:c27ed8b01d5feeff8479384ed782bad1e5071563f47194703f0dc20c1b558503 \
-    --hash=sha256:cf1069fda0c8e1d2bbef2cf0de0be797860c8a34d1df3a24f1180045fc06974f \
-    --hash=sha256:dddad9d322a3f0867009ff9f25477b8f7c0bdbedf143704b384c9472f11cb2d3 \
-    --hash=sha256:e42b290eb7804d82c6d614b55e3b726dee464099a0e6240175f8d7b682b9295d \
-    # via moto
-docker-pycreds==0.2.2 \
-    --hash=sha256:408ae6ec2b97345e02cbb3a05e0055443a27969e5b61d6773c733b534a40845b \
-    --hash=sha256:c7ab85de2894baff6ee8f15160cbbfa2fd3a04e56f0372c5793d24060687b299 \
-    # via docker
-docker==3.1.4 \
-    --hash=sha256:753251b142d56f243fba53ba321a37740a6b6583c528437f45df4d28ba3d4d5d \
-    --hash=sha256:add59251aa15a54c49d1514d576718d762ea5e3d79c2616b6dfaa3fad8d4c9fe \
-    # via moto
-docutils==0.14 \
-    --hash=sha256:02aec4bd92ab067f6ff27a38a38a41173bf01bed8f89157768c1573f53e474a6 \
-    --hash=sha256:51e64ef2ebfb29cae1faa133b3710143496eca21c530f3f71424d77687764274 \
-    --hash=sha256:7a4bd47eaf6596e1295ecb11361139febe29b084a87bf005bf899f9a42edc3c6 \
-    # via botocore
-factory-boy==2.9.2 \
-    --hash=sha256:340c602f6fed2d8dd160397f28f2c0219e937f0488460450e8e5bf2add020ed6 \
-    --hash=sha256:b8334bcc3c5b10af9a83ab5b8786f98cb322638dc1e6d320cad01c7f2b420e87
-fake-factory==0.7.2 \
-    --hash=sha256:2f1c3b9b5a76f414d9d98dd2a54cb9f50d10c11c5160c391eb8a36f0ea6c406f \
-    --hash=sha256:62a9b211c1eea951f63c992de305c31977768f042210df443885444683528173
-faker==0.8.12 \
-    --hash=sha256:9cc12b821f32ff45f6edfdc1ab7be3893b60b1224e952d68322a57e5b26a4a15 \
-    --hash=sha256:b06d0dc0166618298e668ced513ced7b10df34f3ad2045f22f1d7d88704e8e9c \
-    # via factory-boy
-flask==0.12.2 \
-    --hash=sha256:0749df235e3ff61ac108f69ac178c9770caeaccad2509cb762ce1f65570a8856 \
-    --hash=sha256:49f44461237b69ecd901cc7ce66feea0319b9158743dd27a2899962ab214dac1 \
-    # via pytest-flask
-freezegun==0.3.9 \
-    --hash=sha256:783ccccd7f60968bfe49ad9e114c18ea2b63831faaaf61c1f1f71ddfde1c0eee \
-    --hash=sha256:8842688de9497c82ecb40c30274ecc676e97ac78765b0ade105a97063d5b7a11
-idna==2.6 \
-    --hash=sha256:2c6a5de3089009e3da7c5dde64a141dbc8551d5b7f6cf4ed7c2568d0cc520a8f \
-    --hash=sha256:8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4 \
-    # via cryptography, requests
-itsdangerous==0.24 \
-    --hash=sha256:cbb3fcf8d3e33df861709ecaf89d9e6629cff0a217bc2848f1b41cd30d360519 \
-    # via flask
-jinja2==2.10 \
-    --hash=sha256:74c935a1b8bb9a3947c50a54766a969d4846290e1e788ea44c1392163723c3bd \
-    --hash=sha256:f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4 \
-    # via flask, moto
-jmespath==0.9.3 \
-    --hash=sha256:6a81d4c9aa62caf061cb517b4d9ad1dd300374cd4706997aff9cd6aedd61fc64 \
-    --hash=sha256:f11b4461f425740a1d908e9a3f7365c3d2e569f6ca68a2ff8bc5bcd9676edd63 \
-    # via boto3, botocore
-jsondiff==1.1.1 \
-    --hash=sha256:2d0437782de9418efa34e694aa59f43d7adb1899bd9a793f063867ddba8f7893 \
-    # via moto
-jsonpickle==0.9.6 \
-    --hash=sha256:545b3bee0d65e1abb4baa1818edcc9ec239aa9f2ffbfde8084d71c056180054f \
-    # via aws-xray-sdk
-markupsafe==1.0 \
-    --hash=sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665 \
-    # via jinja2
-mock==2.0.0 \
-    --hash=sha256:5ce3c71c5545b472da17b72268978914d0252980348636840bd34a00b5cc96c1 \
-    --hash=sha256:b158b6df76edd239b8208d481dc46b6afd45a846b7812ff0ce58971cf5bc8bba \
-    # via moto
-moto==1.3.0 \
-    --hash=sha256:485d56c164e5c658665fecd486ef00a3a3cef5904d0bb06741f13f78ab4828a1 \
-    --hash=sha256:e3e768828be9889abb2cf60fef14ad4a06208d5f79789913d6b07bc7b4a0be80
-nose==1.3.7 \
-    --hash=sha256:9ff7c6cc443f8c51994b34a667bbcf45afd6d945be7477b52e97516fd17c53ac \
-    --hash=sha256:dadcddc0aefbf99eea214e0f1232b94f2fa9bd98fa8353711dacb112bfcbbb2a \
-    --hash=sha256:f1bffef9cbc82628f6e7d7b40d7e255aefaa1adb6a1b1d26c69a8b79e6208a98
-pbr==3.1.1 \
-    --hash=sha256:05f61c71aaefc02d8e37c0a3eeb9815ff526ea28b3b76324769e6158d7f95be1 \
-    --hash=sha256:60c25b7dfd054ef9bb0ae327af949dd4676aa09ac3a9471cdc871d8a9213f9ac \
-    # via mock
-pluggy==0.6.0 \
-    --hash=sha256:7f8ae7f5bdf75671a718d2daf0a64b7885f74510bcd98b1a0bb420eb9a9d0cff \
-    # via pytest
-py==1.5.2 \
-    --hash=sha256:8cca5c229d225f8c1e3085be4fcf306090b00850fefad892f9d96c7b6e2f310f \
-    --hash=sha256:ca18943e28235417756316bfada6cd96b23ce60dd532642690dcfdaba988a76d \
-    # via pytest
-pyaml==17.12.1 \
-    --hash=sha256:66623c52f34d83a2c0fc963e08e8b9d0c13d88404e3b43b1852ef71eda19afa3 \
-    --hash=sha256:f83fc302c52c6b83a15345792693ae0b5bc07ad19f59e318b7617d7123d62990 \
-    # via moto
-pycparser==2.18 \
-    --hash=sha256:99a8ca03e29851d96616ad0404b4aad7d9ee16f25c9f9708a11faf2810f7b226 \
-    # via cffi
-pyflakes==1.6.0 \
-    --hash=sha256:08bd6a50edf8cffa9fa09a463063c425ecaaf10d1eb0335a7e8b1401aef89e6f \
-    --hash=sha256:8d616a382f243dbf19b54743f280b80198be0bca3a5396f1d2e1fca6223e8805
-pytest-flask==0.10.0 \
-    --hash=sha256:2c5a36f9033ef8b6f85ddbefaebdd4f89197fc283f94b20dfe1a1beba4b77f03 \
-    --hash=sha256:657c7de386215ab0230bee4d76ace0339ae82fcbb34e134e17a29f65032eef03
-pytest-mock==1.7.1 \
-    --hash=sha256:03a2fea79d0a83a8de2e77e92afe5f0a5ca99a58cc68f843f9a74de34800a943 \
-    --hash=sha256:b879dff61e31fcd4727c227c182f15f222a155293cc64ed5a02d55e0020cf949
-pytest==3.3.2 \
-    --hash=sha256:53548280ede7818f4dc2ad96608b9f08ae2cc2ca3874f2ceb6f97e3583f25bc4 \
-    --hash=sha256:b84878865558194630c6147f44bdaef27222a9f153bbd4a08908b16bf285e0b1
-python-dateutil==2.6.1 \
-    --hash=sha256:891c38b2a02f5bb1be3e4793866c8df49c7d19baabf9c1bad62547e0b4866aca \
-    --hash=sha256:95511bae634d69bc7329ba55e646499a842bc4ec342ad54a8cdb65645a0aad3c \
-    # via botocore, fake-factory, faker, freezegun, moto
-pytz==2018.3 \
-    --hash=sha256:07edfc3d4d2705a20a6e99d97f0c4b61c800b8232dc1c04d87e8554f130148dd \
-    --hash=sha256:410bcd1d6409026fbaa65d9ed33bf6dd8b1e94a499e32168acfc7b332e4095c0 \
-    # via moto
-pyyaml==3.12 \
-    --hash=sha256:16b20e970597e051997d90dc2cddc713a2876c47e3d92d59ee198700c5427736 \
-    --hash=sha256:3262c96a1ca437e7e4763e2843746588a965426550f3797a79fca9c6199c431f \
-    --hash=sha256:592766c6303207a20efc445587778322d7f73b161bd994f227adaa341ba212ab \
-    --hash=sha256:5ac82e411044fb129bae5cfbeb3ba626acb2af31a8d17d175004b70862a741a7 \
-    --hash=sha256:827dc04b8fa7d07c44de11fabbc888e627fa8293b695e0f99cb544fdfa1bf0d1 \
-    --hash=sha256:bc6bced57f826ca7cb5125a10b23fd0f2fff3b7c4701d64c439a300ce665fff8 \
-    --hash=sha256:c01b880ec30b5a6e6aa67b09a2fe3fb30473008c85cd6a67359a1b15ed6d83a4 \
-    --hash=sha256:e863072cdf4c72eebf179342c94e6989c67185842d9997960b3e69290b2fa269 \
-    # via pyaml
-requests-mock==1.4.0 \
-    --hash=sha256:2931887853c42e1d73879983d5bf03041109472991c5b4b8dba5d11ed23b9d0b \
-    --hash=sha256:96a1e45b1c0bd18d14fcb2d55b3b09d6d46237e37bcae3155df4cb75bc42619e
-requests==2.18.4 \
-    --hash=sha256:6a1b267aa90cac58ac3a765d067950e7dbbf75b1da07e895d1f594193a40a38b \
-    --hash=sha256:9c443e7324ba5b85070c4a818ade28bfabedf16ea10206da1132edaa6dda237e \
-    # via aws-xray-sdk, docker, moto, requests-mock
-s3transfer==0.1.13 \
-    --hash=sha256:90dc18e028989c609146e241ea153250be451e05ecc0c2832565231dacdf59c1 \
-    --hash=sha256:c7a9ec356982d5e9ab2d4b46391a7d6a950e2b04c472419f5fdec70cc0ada72f \
-    # via boto3
-six==1.11.0 \
-    --hash=sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9 \
-    --hash=sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb \
-    # via cryptography, docker, docker-pycreds, fake-factory, faker, freezegun, mock, moto, pytest, python-dateutil, requests-mock, websocket-client
-text-unidecode==1.2 \
-    --hash=sha256:5a1375bb2ba7968740508ae38d92e1f889a0832913cb1c447d5e2046061a396d \
-    --hash=sha256:801e38bd550b943563660a91de8d4b6fa5df60a542be9093f7abf819f86050cc \
-    # via faker
-urllib3==1.22 \
-    --hash=sha256:06330f386d6e4b195fbfc736b297f58c5a892e4440e54d294d7004e3a9bbea1b \
-    --hash=sha256:cc44da8e1145637334317feebd728bd869a35285b93cbb4cca2577da7e62db4f \
-    # via requests
-websocket-client==0.47.0 \
-    --hash=sha256:188b68b14fdb2d8eb1a111f21b9ffd2dbf1dbc4e4c1d28cf2c37cdbf1dd1cae6 \
-    --hash=sha256:a453dc4dfa6e0db3d8fd7738a308a88effe6240c59f3226eb93e8f020c216149 \
-    # via docker
-werkzeug==0.14.1 \
-    --hash=sha256:c3fd7a7d41976d9f44db327260e263132466836cef6f91512889ed60ad26557c \
-    --hash=sha256:d5da73735293558eb1651ee2fddc4d0dedcfa06538b8813a2e20011583c9e49b \
-    # via flask, moto, pytest-flask
-wrapt==1.10.11 \
-    --hash=sha256:d4d560d479f2c21e1b5443bbd15fe7ec4b37fe7e53d335d3b9b0a7b1226fe3c6 \
-    # via aws-xray-sdk
-xmltodict==0.11.0 \
-    --hash=sha256:8f8d7d40aa28d83f4109a7e8aa86e67a4df202d9538be40c0cb1d70da527b0df \
-    --hash=sha256:add07d92089ff611badec526912747cf87afd4f9447af6661aca074eeaf32615 \
-    # via moto
+asn1crypto==0.24.0        # via cryptography
+attrs==17.4.0             # via pytest
+aws-xray-sdk==0.95        # via moto
+boto3==1.6.12             # via moto
+boto==2.48.0              # via moto
+botocore==1.9.12          # via boto3, moto, s3transfer
+certifi==2018.1.18        # via requests
+cffi==1.11.5              # via cryptography
+chardet==3.0.4            # via requests
+click==6.7                # via flask
+cookies==2.2.1            # via moto
+coverage==4.5.1
+cryptography==2.2.1       # via moto
+docker-pycreds==0.2.2     # via docker
+docker==3.1.4             # via moto
+docutils==0.14            # via botocore
+factory-boy==2.10.0
+faker==0.8.12
+flask==0.12.2             # via pytest-flask
+freezegun==0.3.10
+idna==2.6                 # via cryptography, requests
+itsdangerous==0.24        # via flask
+jinja2==2.10              # via flask, moto
+jmespath==0.9.3           # via boto3, botocore
+jsondiff==1.1.1           # via moto
+jsonpickle==0.9.6         # via aws-xray-sdk
+markupsafe==1.0           # via jinja2
+mock==2.0.0               # via moto
+moto==1.3.0
+nose==1.3.7
+pbr==3.1.1                # via mock
+pluggy==0.6.0             # via pytest
+py==1.5.2                 # via pytest
+pyaml==17.12.1            # via moto
+pycparser==2.18           # via cffi
+pyflakes==1.6.0
+pytest-flask==0.10.0
+pytest-mock==1.7.1
+pytest==3.4.2
+python-dateutil==2.6.1    # via botocore, faker, freezegun, moto
+pytz==2018.3              # via moto
+pyyaml==3.12              # via pyaml
+requests-mock==1.4.0
+requests==2.18.4          # via aws-xray-sdk, docker, moto, requests-mock
+s3transfer==0.1.13        # via boto3
+six==1.11.0               # via cryptography, docker, docker-pycreds, faker, freezegun, mock, moto, pytest, python-dateutil, requests-mock, websocket-client
+text-unidecode==1.2       # via faker
+urllib3==1.22             # via requests
+websocket-client==0.47.0  # via docker
+werkzeug==0.14.1          # via flask, moto, pytest-flask
+wrapt==1.10.11            # via aws-xray-sdk
+xmltodict==0.11.0         # via moto
diff --git a/requirements.in b/requirements.in
index 39a43fac..b70855e6 100644
--- a/requirements.in
+++ b/requirements.in
@@ -16,8 +16,8 @@ gunicorn==19.7.1
 inflection==0.3.1
 jinja2==2.10
 lockfile==0.12.2
-marshmallow-sqlalchemy==0.13.1
-marshmallow==2.15.0
+marshmallow-sqlalchemy
+marshmallow
 ndg-httpsclient==0.4.2
 paramiko==2.4.1  # required for lemur_linuxdst plugin
 pem==17.1.0
diff --git a/requirements.txt b/requirements.txt
index 79da4fb1..eaa72bdf 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -39,7 +39,7 @@ josepy==1.0.1             # via acme
 lockfile==0.12.2
 mako==1.0.7               # via alembic
 markupsafe==1.0           # via jinja2, mako
-marshmallow-sqlalchemy==0.13.1
+marshmallow-sqlalchemy==0.13.2
 marshmallow==2.15.0
 mock==2.0.0               # via acme
 ndg-httpsclient==0.4.2

From de7a5a30d1f3bf083f98f22a6b2492face298a26 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Tue, 20 Mar 2018 15:43:25 -0700
Subject: [PATCH 09/22] unpin flask in requirements.in

---
 requirements.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/requirements.txt b/requirements.txt
index eaa72bdf..ad46fe99 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -4,6 +4,7 @@
 #
 #    pip-compile --output-file requirements.txt requirements.in
 #
+<<<<<<< HEAD
 acme==0.22.2
 alembic-autogenerate-enums==0.0.2
 alembic==0.9.8            # via flask-migrate

From d66dd543bf0952cf488fc18008f3e68020f1d352 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Wed, 21 Mar 2018 12:45:26 -0700
Subject: [PATCH 10/22] actually update deps

---
 requirements-dev.txt   | 12 ++++++------
 requirements-docs.txt  |  6 +++---
 requirements-tests.in  |  2 +-
 requirements-tests.txt | 27 ++++++++++++++-------------
 requirements.in        | 35 ++++++++++++++++++-----------------
 requirements.txt       | 39 ++++++++++++++++++---------------------
 6 files changed, 60 insertions(+), 61 deletions(-)

diff --git a/requirements-dev.txt b/requirements-dev.txt
index 8a4185e3..f94fa610 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -2,15 +2,15 @@
 # This file is autogenerated by pip-compile
 # To update, run:
 #
-#    pip-compile --output-file requirements-dev.txt requirements-dev.in
+#    pip-compile --no-index --output-file requirements-dev.txt requirements-dev.in
 #
-aspy.yaml==1.0.0          # via pre-commit
-cached-property==1.4.0    # via pre-commit
+aspy.yaml==1.1.0          # via pre-commit
+cached-property==1.4.2    # via pre-commit
 certifi==2018.1.18        # via requests
 cfgv==1.0.0               # via pre-commit
 chardet==3.0.4            # via requests
 flake8==3.5.0
-identify==1.0.8           # via pre-commit
+identify==1.0.11          # via pre-commit
 idna==2.6                 # via requests
 invoke==0.22.1
 mccabe==0.6.1             # via flake8
@@ -23,7 +23,7 @@ pyyaml==3.12              # via aspy.yaml, pre-commit
 requests-toolbelt==0.8.0  # via twine
 requests==2.18.4          # via requests-toolbelt, twine
 six==1.11.0               # via cfgv, pre-commit
-tqdm==4.19.8              # via twine
+tqdm==4.22.0              # via twine
 twine==1.11.0
 urllib3==1.22             # via requests
-virtualenv==15.1.0        # via pre-commit
+virtualenv==15.2.0        # via pre-commit
diff --git a/requirements-docs.txt b/requirements-docs.txt
index 373468c1..a8b93db2 100644
--- a/requirements-docs.txt
+++ b/requirements-docs.txt
@@ -2,7 +2,7 @@
 # This file is autogenerated by pip-compile
 # To update, run:
 #
-#    pip-compile --output-file requirements-docs.txt requirements-docs.in
+#    pip-compile --no-index --output-file requirements-docs.txt requirements-docs.in
 #
 alabaster==0.7.10         # via sphinx
 babel==2.5.3              # via sphinx
@@ -16,11 +16,11 @@ markupsafe==1.0           # via jinja2
 packaging==17.1           # via sphinx
 pygments==2.2.0           # via sphinx
 pyparsing==2.2.0          # via packaging
-pytz==2018.3              # via babel
+pytz==2018.4              # via babel
 requests==2.18.4          # via sphinx
 six==1.11.0               # via packaging, sphinx, sphinxcontrib-httpdomain
 snowballstemmer==1.2.1    # via sphinx
-sphinx-rtd-theme==0.2.4
+sphinx-rtd-theme==0.3.0
 sphinx==1.7.2
 sphinxcontrib-httpdomain==1.6.1
 sphinxcontrib-websupport==1.0.1  # via sphinx
diff --git a/requirements-tests.in b/requirements-tests.in
index 71d00c31..44a5c59f 100644
--- a/requirements-tests.in
+++ b/requirements-tests.in
@@ -2,7 +2,7 @@ coverage
 factory-boy
 Faker
 freezegun
-moto>1,<2
+moto
 nose
 pyflakes
 pytest
diff --git a/requirements-tests.txt b/requirements-tests.txt
index 97819b07..4113ad2a 100644
--- a/requirements-tests.txt
+++ b/requirements-tests.txt
@@ -2,26 +2,26 @@
 # This file is autogenerated by pip-compile
 # To update, run:
 #
-#    pip-compile --output-file requirements-tests.txt requirements-tests.in
+#    pip-compile --no-index --output-file requirements-tests.txt requirements-tests.in
 #
 asn1crypto==0.24.0        # via cryptography
 attrs==17.4.0             # via pytest
 aws-xray-sdk==0.95        # via moto
-boto3==1.6.12             # via moto
+boto3==1.7.4              # via moto
 boto==2.48.0              # via moto
-botocore==1.9.12          # via boto3, moto, s3transfer
+botocore==1.10.4          # via boto3, moto, s3transfer
 certifi==2018.1.18        # via requests
 cffi==1.11.5              # via cryptography
 chardet==3.0.4            # via requests
 click==6.7                # via flask
 cookies==2.2.1            # via moto
 coverage==4.5.1
-cryptography==2.2.1       # via moto
+cryptography==2.2.2       # via moto
 docker-pycreds==0.2.2     # via docker
-docker==3.1.4             # via moto
+docker==3.2.1             # via moto
 docutils==0.14            # via botocore
 factory-boy==2.10.0
-faker==0.8.12
+faker==0.8.13
 flask==0.12.2             # via pytest-flask
 freezegun==0.3.10
 idna==2.6                 # via cryptography, requests
@@ -32,24 +32,25 @@ jsondiff==1.1.1           # via moto
 jsonpickle==0.9.6         # via aws-xray-sdk
 markupsafe==1.0           # via jinja2
 mock==2.0.0               # via moto
-moto==1.3.0
+more-itertools==4.1.0     # via pytest
+moto==1.3.1
 nose==1.3.7
-pbr==3.1.1                # via mock
+pbr==4.0.2                # via mock
 pluggy==0.6.0             # via pytest
-py==1.5.2                 # via pytest
+py==1.5.3                 # via pytest
 pyaml==17.12.1            # via moto
 pycparser==2.18           # via cffi
 pyflakes==1.6.0
 pytest-flask==0.10.0
-pytest-mock==1.7.1
-pytest==3.4.2
+pytest-mock==1.9.0
+pytest==3.5.0
 python-dateutil==2.6.1    # via botocore, faker, freezegun, moto
-pytz==2018.3              # via moto
+pytz==2018.4              # via moto
 pyyaml==3.12              # via pyaml
 requests-mock==1.4.0
 requests==2.18.4          # via aws-xray-sdk, docker, moto, requests-mock
 s3transfer==0.1.13        # via boto3
-six==1.11.0               # via cryptography, docker, docker-pycreds, faker, freezegun, mock, moto, pytest, python-dateutil, requests-mock, websocket-client
+six==1.11.0               # via cryptography, docker, docker-pycreds, faker, freezegun, mock, more-itertools, moto, pytest, python-dateutil, requests-mock, websocket-client
 text-unidecode==1.2       # via faker
 urllib3==1.22             # via requests
 websocket-client==0.47.0  # via docker
diff --git a/requirements.in b/requirements.in
index b70855e6..90a48170 100644
--- a/requirements.in
+++ b/requirements.in
@@ -1,6 +1,6 @@
 acme
-alembic-autogenerate-enums==0.0.2
-arrow==0.12.0
+alembic-autogenerate-enums
+arrow
 boto3
 cryptography
 Flask-Bcrypt==0.7.1
@@ -11,24 +11,25 @@ Flask-RESTful==0.3.6
 Flask-Script==2.0.6
 Flask-SQLAlchemy
 Flask==0.12
-future==0.16.0
-gunicorn==19.7.1
-inflection==0.3.1
-jinja2==2.10
-lockfile==0.12.2
+Flask-Cors
+future
+gunicorn
+inflection
+jinja2
+lockfile
 marshmallow-sqlalchemy
 marshmallow
-ndg-httpsclient==0.4.2
-paramiko==2.4.1  # required for lemur_linuxdst plugin
-pem==17.1.0
+ndg-httpsclient
+paramiko  # required for the SFTP destination plugin
+pem
 psycopg2
 pyjwt
-pyOpenSSL
+pyOpenSSL==17.2.0 # PINNED for a specific reason. This needs to be merged in before upgrade: https://github.com/shazow/urllib3/pull/1246
 python_ldap
-raven[flask]==6.2.1
-requests
-retrying==1.3.3
-six==1.11.0
+raven[flask]
+requests==2.11.1 # PINNED for a specific reason. This needs to be merged in before upgrade: https://github.com/shazow/urllib3/pull/1246
+retrying
+six
 SQLAlchemy-Utils
-tabulate==0.8.2
-xmltodict==0.11.0
+tabulate
+xmltodict
diff --git a/requirements.txt b/requirements.txt
index ad46fe99..5e8ef031 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -2,26 +2,24 @@
 # This file is autogenerated by pip-compile
 # To update, run:
 #
-#    pip-compile --output-file requirements.txt requirements.in
+#    pip-compile --no-index --output-file requirements.txt requirements.in
 #
-<<<<<<< HEAD
-acme==0.22.2
+acme==0.23.0
 alembic-autogenerate-enums==0.0.2
-alembic==0.9.8            # via flask-migrate
+alembic==0.9.9            # via flask-migrate
 aniso8601==3.0.0          # via flask-restful
-arrow==0.12.0
+arrow==0.12.1
 asn1crypto==0.24.0        # via cryptography
 bcrypt==3.1.4             # via flask-bcrypt, paramiko
 blinker==1.4              # via flask-mail, flask-principal, raven
-boto3==1.6.12
-botocore==1.9.12          # via boto3, s3transfer
-certifi==2018.1.18        # via requests
+boto3==1.7.4
+botocore==1.10.4          # via boto3, s3transfer
 cffi==1.11.5              # via bcrypt, cryptography, pynacl
-chardet==3.0.4            # via requests
 click==6.7                # via flask
-cryptography==2.2.1
+cryptography==2.2.2
 docutils==0.14            # via botocore
 flask-bcrypt==0.7.1
+flask-cors==3.0.3
 flask-mail==0.9.1
 flask-migrate==2.1.1
 flask-principal==0.4.0
@@ -31,7 +29,7 @@ flask-sqlalchemy==2.3.2
 flask==0.12
 future==0.16.0
 gunicorn==19.7.1
-idna==2.6                 # via cryptography, requests
+idna==2.6                 # via cryptography
 inflection==0.3.1
 itsdangerous==0.24        # via flask
 jinja2==2.10
@@ -43,30 +41,29 @@ markupsafe==1.0           # via jinja2, mako
 marshmallow-sqlalchemy==0.13.2
 marshmallow==2.15.0
 mock==2.0.0               # via acme
-ndg-httpsclient==0.4.2
+ndg-httpsclient==0.4.4
 paramiko==2.4.1
-pbr==3.1.1                # via mock
+pbr==4.0.2                # via mock
 pem==17.1.0
 psycopg2==2.7.4
 pyasn1-modules==0.2.1     # via python-ldap
-pyasn1==0.4.2             # via paramiko, pyasn1-modules, python-ldap
+pyasn1==0.4.2             # via ndg-httpsclient, paramiko, pyasn1-modules, python-ldap, requests
 pycparser==2.18           # via cffi
 pyjwt==1.6.1
 pynacl==1.2.1             # via paramiko
-pyopenssl==17.5.0
+pyopenssl==17.2.0
 pyrfc3339==1.0            # via acme
 python-dateutil==2.6.1    # via alembic, arrow, botocore
 python-editor==1.0.3      # via alembic
 python-ldap==3.0.0
-pytz==2018.3              # via acme, flask-restful, pyrfc3339
-raven[flask]==6.2.1
-requests[security]==2.18.4
+pytz==2018.4              # via acme, flask-restful, pyrfc3339
+raven[flask]==6.6.0
+requests[security]==2.11.1
 retrying==1.3.3
 s3transfer==0.1.13        # via boto3
 six==1.11.0
-sqlalchemy-utils==0.33.1
-sqlalchemy==1.2.5         # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
+sqlalchemy-utils==0.33.2
+sqlalchemy==1.2.6         # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
 tabulate==0.8.2
-urllib3==1.22             # via requests
 werkzeug==0.14.1          # via flask
 xmltodict==0.11.0

From b2e69388152b21c864d486d54c9c415b5fa36491 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Tue, 10 Apr 2018 14:28:53 -0700
Subject: [PATCH 11/22] WIP: Add support for Acme/LetsEncrypt with DNS Provider
 integration

---
 lemur/certificates/models.py                        |  2 +-
 lemur/models.py                                     | 13 +++++++++++++
 lemur/plugins/lemur_acme/plugin.py                  |  1 +
 .../app/angular/authorities/authority/authority.js  |  1 +
 .../certificates/certificate/tracking.tpl.html      |  2 +-
 .../angular/destinations/destination/destination.js |  6 ++++--
 6 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/lemur/certificates/models.py b/lemur/certificates/models.py
index 63d2ea7c..d8354d94 100644
--- a/lemur/certificates/models.py
+++ b/lemur/certificates/models.py
@@ -102,7 +102,7 @@ class Certificate(db.Model):
     serial = Column(String(128))
     cn = Column(String(128))
     deleted = Column(Boolean, index=True)
-    dns_provider_id = Column(Integer(), nullable=True)
+    dns_provider = Column(Integer(), nullable=True)
 
     not_before = Column(ArrowType)
     not_after = Column(ArrowType)
diff --git a/lemur/models.py b/lemur/models.py
index 9f352bb9..3a9cf121 100644
--- a/lemur/models.py
+++ b/lemur/models.py
@@ -132,3 +132,16 @@ pending_cert_role_associations = db.Table('pending_cert_role_associations',
                                          )
 
 Index('pending_cert_role_associations_ix', pending_cert_role_associations.c.pending_cert_id, pending_cert_role_associations.c.role_id)
+
+dns_providers = db.Table('dns_providers',
+                         Column('id', Integer(), nullable=False),
+                         Column('name', String(length=256), nullable=True),
+                         Column('description', String(length=1024), nullable=True),
+                         Column('provider_type', String(length=256), nullable=True),
+                         Column('credentials', String(length=256), nullable=True),
+                         Column('api_endpoint', String(length=256), nullable=True),
+                         Column('date_created', ArrowType(), server_default=text('now()'), nullable=False),
+                         Column('status', String(length=128), nullable=True),
+                         Column('options', JSON),
+                         PrimaryKeyConstraint('id'),
+                         UniqueConstraint('name'))
diff --git a/lemur/plugins/lemur_acme/plugin.py b/lemur/plugins/lemur_acme/plugin.py
index a7b81579..e5fd1730 100644
--- a/lemur/plugins/lemur_acme/plugin.py
+++ b/lemur/plugins/lemur_acme/plugin.py
@@ -11,6 +11,7 @@
 .. moduleauthor:: Mikhail Khodorovskiy <mikhail.khodorovskiy@jivesoftware.com>
 """
 import josepy as jose
+import json
 
 from flask import current_app
 
diff --git a/lemur/static/app/angular/authorities/authority/authority.js b/lemur/static/app/angular/authorities/authority/authority.js
index 9863bf4d..223d8fc6 100644
--- a/lemur/static/app/angular/authorities/authority/authority.js
+++ b/lemur/static/app/angular/authorities/authority/authority.js
@@ -51,6 +51,7 @@ angular.module('lemur')
           }
       });
     });
+    console.log("HERE2")
 
     $scope.getAuthoritiesByName = function (value) {
       return AuthorityService.findAuthorityByName(value).then(function (authorities) {
diff --git a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
index 21277106..fa8425ad 100644
--- a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
@@ -1,4 +1,4 @@
-<form name="trackingForm" novalidate>
+static/app/angular/certificates/certificate/tracking.tpl.html<form name="trackingForm" novalidate>
   <div class="form-horizontal">
     <div class="form-group"
          ng-class="{'has-error': trackingForm.ownerEmail.$invalid, 'has-success': !trackingForm.$invalid&&trackingForm.ownerEmail.$dirty}">
diff --git a/lemur/static/app/angular/destinations/destination/destination.js b/lemur/static/app/angular/destinations/destination/destination.js
index 21f624c8..03533949 100644
--- a/lemur/static/app/angular/destinations/destination/destination.js
+++ b/lemur/static/app/angular/destinations/destination/destination.js
@@ -44,20 +44,22 @@ angular.module('lemur')
 
     DestinationApi.get(editId).then(function (destination) {
       $scope.destination = destination;
-
+      console.log("HERE1");
       PluginService.getByType('destination').then(function (plugins) {
         $scope.plugins = plugins;
-
         _.each($scope.plugins, function (plugin) {
+          console.log("HERE2");
           if (plugin.slug === $scope.destination.plugin.slug) {
             plugin.pluginOptions = $scope.destination.plugin.pluginOptions;
             $scope.destination.plugin = plugin;
             _.each($scope.destination.plugin.pluginOptions, function (option) {
+              console.log("HERE3");
               if (option.type === 'export-plugin') {
                 PluginService.getByType('export').then(function (plugins) {
                   $scope.exportPlugins = plugins;
 
                   _.each($scope.exportPlugins, function (plugin) {
+                    console.log("HERE4");
                     if (plugin.slug === option.value.slug) {
                       plugin.pluginOptions = option.value.pluginOptions;
                       option.value = plugin;

From b0bd0435c4d63e0b63c105959627294780aba7bf Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Tue, 10 Apr 2018 16:04:07 -0700
Subject: [PATCH 12/22] more stuff

---
 lemur/dns_providers/models.py                 | 22 ++++++++++---------
 lemur/dns_providers/service.py                |  8 +------
 lemur/models.py                               | 13 -----------
 .../certificates/certificate/options.tpl.html | 20 +++++++----------
 4 files changed, 21 insertions(+), 42 deletions(-)

diff --git a/lemur/dns_providers/models.py b/lemur/dns_providers/models.py
index f43aac0b..809c5247 100644
--- a/lemur/dns_providers/models.py
+++ b/lemur/dns_providers/models.py
@@ -6,13 +6,15 @@ from lemur.database import db
 
 
 class DnsProviders(db.Model):
-    __tablename__ = 'dns_providers'
-    id = Column(Integer(), primary_key=True)
-    name = Column(String(length=256), unique=True, nullable=True)
-    description = Column(String(length=1024), nullable=True)
-    provider_type = Column(String(length=256), nullable=True)
-    credentials = Column(String(length=256), nullable=True)
-    api_endpoint = Column(String(length=256), nullable=True)
-    date_created = Column(ArrowType(), server_default=text('now()'), nullable=False)
-    status = Column(String(length=128), nullable=True)
-    options = Column(JSON)
+    db.Table('dns_providers',
+             Column('id', Integer(), nullable=False),
+             Column('name', String(length=256), nullable=True),
+             Column('description', String(length=1024), nullable=True),
+             Column('provider_type', String(length=256), nullable=True),
+             Column('credentials', String(length=256), nullable=True),
+             Column('api_endpoint', String(length=256), nullable=True),
+             Column('date_created', ArrowType(), server_default=text('now()'), nullable=False),
+             Column('status', String(length=128), nullable=True),
+             Column('options', JSON),
+             PrimaryKeyConstraint('id'),
+             UniqueConstraint('name'))
\ No newline at end of file
diff --git a/lemur/dns_providers/service.py b/lemur/dns_providers/service.py
index fa752d09..3a376040 100644
--- a/lemur/dns_providers/service.py
+++ b/lemur/dns_providers/service.py
@@ -7,10 +7,4 @@ def get_all_dns_providers(status="active"):
 
     :return:
     """
-    all_dns_providers = DnsProviders.query.all()
-    dns_provider_result = []
-    for provider in all_dns_providers:
-        print(provider)
-        if provider.status == status:
-            dns_provider_result.append(provider.__dict__)
-    return dns_provider_result
+    return DnsProviders.query.all(status=status)
\ No newline at end of file
diff --git a/lemur/models.py b/lemur/models.py
index 3a9cf121..9f352bb9 100644
--- a/lemur/models.py
+++ b/lemur/models.py
@@ -132,16 +132,3 @@ pending_cert_role_associations = db.Table('pending_cert_role_associations',
                                          )
 
 Index('pending_cert_role_associations_ix', pending_cert_role_associations.c.pending_cert_id, pending_cert_role_associations.c.role_id)
-
-dns_providers = db.Table('dns_providers',
-                         Column('id', Integer(), nullable=False),
-                         Column('name', String(length=256), nullable=True),
-                         Column('description', String(length=1024), nullable=True),
-                         Column('provider_type', String(length=256), nullable=True),
-                         Column('credentials', String(length=256), nullable=True),
-                         Column('api_endpoint', String(length=256), nullable=True),
-                         Column('date_created', ArrowType(), server_default=text('now()'), nullable=False),
-                         Column('status', String(length=128), nullable=True),
-                         Column('options', JSON),
-                         PrimaryKeyConstraint('id'),
-                         UniqueConstraint('name'))
diff --git a/lemur/static/app/angular/certificates/certificate/options.tpl.html b/lemur/static/app/angular/certificates/certificate/options.tpl.html
index 14fc3de8..a498a6c8 100644
--- a/lemur/static/app/angular/certificates/certificate/options.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/options.tpl.html
@@ -234,18 +234,14 @@
             </label>
           </div>
         </div>
-       <div class="col-sm-10">
-           <!-- two -->
-           <div class="form-group">
-        <label class="control-label col-sm-2">
-          DNS Provider
-        </label>
-        <div class="col-sm-10">
-          <select class="form-control" ng-model="selected" ng-options="item as item.name for item in dnsProviders"></select>
-        </div>
-      </div>
-
-      </div>
+       <!-- <div class="form-group">
+            <label class="control-label col-sm-2">
+              DNS Provider (Only needed for LetsEncrypt or ACME implementations)
+            </label>
+            <div class="col-sm-10">
+              <select class="form-control" ng-model="certificate.extensions.crlDistributionPoints.includeCrlDp"
+                      ng-options="item for item in ['yes', 'no', 'default']"></select>
+            </div> -->
       </div>
       </div>
     </div>

From a66d85b63dece650f4ab2c18b7bc4e6b404e55c8 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Wed, 11 Apr 2018 07:48:04 -0700
Subject: [PATCH 13/22] clean up a bit

---
 lemur/dns_providers/service.py                              | 2 +-
 lemur/static/app/angular/authorities/authority/authority.js | 1 -
 .../app/angular/certificates/certificate/tracking.tpl.html  | 2 +-
 .../app/angular/destinations/destination/destination.js     | 6 ++----
 4 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/lemur/dns_providers/service.py b/lemur/dns_providers/service.py
index 3a376040..0ed27315 100644
--- a/lemur/dns_providers/service.py
+++ b/lemur/dns_providers/service.py
@@ -7,4 +7,4 @@ def get_all_dns_providers(status="active"):
 
     :return:
     """
-    return DnsProviders.query.all(status=status)
\ No newline at end of file
+    return DnsProviders.query.all(status=status)
diff --git a/lemur/static/app/angular/authorities/authority/authority.js b/lemur/static/app/angular/authorities/authority/authority.js
index 223d8fc6..9863bf4d 100644
--- a/lemur/static/app/angular/authorities/authority/authority.js
+++ b/lemur/static/app/angular/authorities/authority/authority.js
@@ -51,7 +51,6 @@ angular.module('lemur')
           }
       });
     });
-    console.log("HERE2")
 
     $scope.getAuthoritiesByName = function (value) {
       return AuthorityService.findAuthorityByName(value).then(function (authorities) {
diff --git a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
index fa8425ad..21277106 100644
--- a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
@@ -1,4 +1,4 @@
-static/app/angular/certificates/certificate/tracking.tpl.html<form name="trackingForm" novalidate>
+<form name="trackingForm" novalidate>
   <div class="form-horizontal">
     <div class="form-group"
          ng-class="{'has-error': trackingForm.ownerEmail.$invalid, 'has-success': !trackingForm.$invalid&&trackingForm.ownerEmail.$dirty}">
diff --git a/lemur/static/app/angular/destinations/destination/destination.js b/lemur/static/app/angular/destinations/destination/destination.js
index 03533949..f5210074 100644
--- a/lemur/static/app/angular/destinations/destination/destination.js
+++ b/lemur/static/app/angular/destinations/destination/destination.js
@@ -44,22 +44,20 @@ angular.module('lemur')
 
     DestinationApi.get(editId).then(function (destination) {
       $scope.destination = destination;
-      console.log("HERE1");
+
       PluginService.getByType('destination').then(function (plugins) {
         $scope.plugins = plugins;
         _.each($scope.plugins, function (plugin) {
-          console.log("HERE2");
+
           if (plugin.slug === $scope.destination.plugin.slug) {
             plugin.pluginOptions = $scope.destination.plugin.pluginOptions;
             $scope.destination.plugin = plugin;
             _.each($scope.destination.plugin.pluginOptions, function (option) {
-              console.log("HERE3");
               if (option.type === 'export-plugin') {
                 PluginService.getByType('export').then(function (plugins) {
                   $scope.exportPlugins = plugins;
 
                   _.each($scope.exportPlugins, function (plugin) {
-                    console.log("HERE4");
                     if (plugin.slug === option.value.slug) {
                       plugin.pluginOptions = option.value.pluginOptions;
                       option.value = plugin;

From 2d6d2357b5cb982fac7d2430f7ae094771b8f7a9 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Wed, 11 Apr 2018 15:56:00 -0700
Subject: [PATCH 14/22] DNS Providers list returned

---
 lemur/certificates/models.py                  |  2 +-
 lemur/dns_providers/models.py                 | 22 +++++++++----------
 lemur/dns_providers/service.py                |  8 ++++++-
 .../certificates/certificate/options.tpl.html | 20 ++++++++++-------
 .../destinations/destination/destination.js   |  2 +-
 5 files changed, 31 insertions(+), 23 deletions(-)

diff --git a/lemur/certificates/models.py b/lemur/certificates/models.py
index d8354d94..63d2ea7c 100644
--- a/lemur/certificates/models.py
+++ b/lemur/certificates/models.py
@@ -102,7 +102,7 @@ class Certificate(db.Model):
     serial = Column(String(128))
     cn = Column(String(128))
     deleted = Column(Boolean, index=True)
-    dns_provider = Column(Integer(), nullable=True)
+    dns_provider_id = Column(Integer(), nullable=True)
 
     not_before = Column(ArrowType)
     not_after = Column(ArrowType)
diff --git a/lemur/dns_providers/models.py b/lemur/dns_providers/models.py
index 809c5247..f43aac0b 100644
--- a/lemur/dns_providers/models.py
+++ b/lemur/dns_providers/models.py
@@ -6,15 +6,13 @@ from lemur.database import db
 
 
 class DnsProviders(db.Model):
-    db.Table('dns_providers',
-             Column('id', Integer(), nullable=False),
-             Column('name', String(length=256), nullable=True),
-             Column('description', String(length=1024), nullable=True),
-             Column('provider_type', String(length=256), nullable=True),
-             Column('credentials', String(length=256), nullable=True),
-             Column('api_endpoint', String(length=256), nullable=True),
-             Column('date_created', ArrowType(), server_default=text('now()'), nullable=False),
-             Column('status', String(length=128), nullable=True),
-             Column('options', JSON),
-             PrimaryKeyConstraint('id'),
-             UniqueConstraint('name'))
\ No newline at end of file
+    __tablename__ = 'dns_providers'
+    id = Column(Integer(), primary_key=True)
+    name = Column(String(length=256), unique=True, nullable=True)
+    description = Column(String(length=1024), nullable=True)
+    provider_type = Column(String(length=256), nullable=True)
+    credentials = Column(String(length=256), nullable=True)
+    api_endpoint = Column(String(length=256), nullable=True)
+    date_created = Column(ArrowType(), server_default=text('now()'), nullable=False)
+    status = Column(String(length=128), nullable=True)
+    options = Column(JSON)
diff --git a/lemur/dns_providers/service.py b/lemur/dns_providers/service.py
index 0ed27315..fa752d09 100644
--- a/lemur/dns_providers/service.py
+++ b/lemur/dns_providers/service.py
@@ -7,4 +7,10 @@ def get_all_dns_providers(status="active"):
 
     :return:
     """
-    return DnsProviders.query.all(status=status)
+    all_dns_providers = DnsProviders.query.all()
+    dns_provider_result = []
+    for provider in all_dns_providers:
+        print(provider)
+        if provider.status == status:
+            dns_provider_result.append(provider.__dict__)
+    return dns_provider_result
diff --git a/lemur/static/app/angular/certificates/certificate/options.tpl.html b/lemur/static/app/angular/certificates/certificate/options.tpl.html
index a498a6c8..14fc3de8 100644
--- a/lemur/static/app/angular/certificates/certificate/options.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/options.tpl.html
@@ -234,14 +234,18 @@
             </label>
           </div>
         </div>
-       <!-- <div class="form-group">
-            <label class="control-label col-sm-2">
-              DNS Provider (Only needed for LetsEncrypt or ACME implementations)
-            </label>
-            <div class="col-sm-10">
-              <select class="form-control" ng-model="certificate.extensions.crlDistributionPoints.includeCrlDp"
-                      ng-options="item for item in ['yes', 'no', 'default']"></select>
-            </div> -->
+       <div class="col-sm-10">
+           <!-- two -->
+           <div class="form-group">
+        <label class="control-label col-sm-2">
+          DNS Provider
+        </label>
+        <div class="col-sm-10">
+          <select class="form-control" ng-model="selected" ng-options="item as item.name for item in dnsProviders"></select>
+        </div>
+      </div>
+
+      </div>
       </div>
       </div>
     </div>
diff --git a/lemur/static/app/angular/destinations/destination/destination.js b/lemur/static/app/angular/destinations/destination/destination.js
index f5210074..21f624c8 100644
--- a/lemur/static/app/angular/destinations/destination/destination.js
+++ b/lemur/static/app/angular/destinations/destination/destination.js
@@ -47,8 +47,8 @@ angular.module('lemur')
 
       PluginService.getByType('destination').then(function (plugins) {
         $scope.plugins = plugins;
-        _.each($scope.plugins, function (plugin) {
 
+        _.each($scope.plugins, function (plugin) {
           if (plugin.slug === $scope.destination.plugin.slug) {
             plugin.pluginOptions = $scope.destination.plugin.pluginOptions;
             $scope.destination.plugin = plugin;

From 993958c356830bcc3d5bc0bb6a3b576b1cea026b Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Thu, 12 Apr 2018 08:52:47 -0700
Subject: [PATCH 15/22] up-reqs

---
 Makefile                     | 1 -
 lemur/common/schema.py       | 2 +-
 lemur/migrations/alembic.ini | 2 +-
 requirements-dev.txt         | 2 ++
 requirements-docs.txt        | 1 +
 requirements-tests.txt       | 6 +++++-
 requirements.txt             | 6 ++++++
 7 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/Makefile b/Makefile
index 92181461..c0b9c3fe 100644
--- a/Makefile
+++ b/Makefile
@@ -120,5 +120,4 @@ endif
 	@echo "--> Done installing new dependencies"
 	@echo ""
 
-
 .PHONY: develop dev-postgres dev-docs setup-git build clean update-submodules test testloop test-cli test-js test-python lint lint-python lint-js coverage publish release
diff --git a/lemur/common/schema.py b/lemur/common/schema.py
index 1e081f8c..940f267c 100644
--- a/lemur/common/schema.py
+++ b/lemur/common/schema.py
@@ -148,7 +148,7 @@ def validate_schema(input_schema, output_schema):
                     request_data = request.get_json()
                 else:
                     request_data = request.args
-
+                print(data)
                 data, errors = input_schema.load(request_data)
 
                 if errors:
diff --git a/lemur/migrations/alembic.ini b/lemur/migrations/alembic.ini
index f8ed4801..6c3428e7 100644
--- a/lemur/migrations/alembic.ini
+++ b/lemur/migrations/alembic.ini
@@ -8,7 +8,7 @@
 # the 'revision' command, regardless of autogenerate
 # revision_environment = false
 
-
+script_location = .
 # Logging configuration
 [loggers]
 keys = root,sqlalchemy,alembic
diff --git a/requirements-dev.txt b/requirements-dev.txt
index f94fa610..9c2d4400 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -9,6 +9,8 @@ cached-property==1.4.2    # via pre-commit
 certifi==2018.1.18        # via requests
 cfgv==1.0.0               # via pre-commit
 chardet==3.0.4            # via requests
+configparser==3.5.0       # via flake8
+enum34==1.1.6             # via flake8
 flake8==3.5.0
 identify==1.0.11          # via pre-commit
 idna==2.6                 # via requests
diff --git a/requirements-docs.txt b/requirements-docs.txt
index a8b93db2..a11881c2 100644
--- a/requirements-docs.txt
+++ b/requirements-docs.txt
@@ -24,4 +24,5 @@ sphinx-rtd-theme==0.3.0
 sphinx==1.7.2
 sphinxcontrib-httpdomain==1.6.1
 sphinxcontrib-websupport==1.0.1  # via sphinx
+typing==3.6.4             # via sphinx
 urllib3==1.22             # via requests
diff --git a/requirements-tests.txt b/requirements-tests.txt
index 4113ad2a..5fb4a4dc 100644
--- a/requirements-tests.txt
+++ b/requirements-tests.txt
@@ -20,18 +20,22 @@ cryptography==2.2.2       # via moto
 docker-pycreds==0.2.2     # via docker
 docker==3.2.1             # via moto
 docutils==0.14            # via botocore
+enum34==1.1.6             # via cryptography
 factory-boy==2.10.0
 faker==0.8.13
 flask==0.12.2             # via pytest-flask
 freezegun==0.3.10
+funcsigs==1.0.2           # via mock, pytest
+futures==3.2.0            # via s3transfer
 idna==2.6                 # via cryptography, requests
+ipaddress==1.0.19         # via cryptography, docker, faker
 itsdangerous==0.24        # via flask
 jinja2==2.10              # via flask, moto
 jmespath==0.9.3           # via boto3, botocore
 jsondiff==1.1.1           # via moto
 jsonpickle==0.9.6         # via aws-xray-sdk
 markupsafe==1.0           # via jinja2
-mock==2.0.0               # via moto
+mock==2.0.0               # via moto, pytest-mock
 more-itertools==4.1.0     # via pytest
 moto==1.3.1
 nose==1.3.7
diff --git a/requirements.txt b/requirements.txt
index 5e8ef031..2f7c9458 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -10,14 +10,17 @@ alembic==0.9.9            # via flask-migrate
 aniso8601==3.0.0          # via flask-restful
 arrow==0.12.1
 asn1crypto==0.24.0        # via cryptography
+backports.functools-lru-cache==1.5  # via arrow
 bcrypt==3.1.4             # via flask-bcrypt, paramiko
 blinker==1.4              # via flask-mail, flask-principal, raven
 boto3==1.7.4
 botocore==1.10.4          # via boto3, s3transfer
 cffi==1.11.5              # via bcrypt, cryptography, pynacl
 click==6.7                # via flask
+contextlib2==0.5.5        # via raven
 cryptography==2.2.2
 docutils==0.14            # via botocore
+enum34==1.1.6             # via cryptography
 flask-bcrypt==0.7.1
 flask-cors==3.0.3
 flask-mail==0.9.1
@@ -27,10 +30,13 @@ flask-restful==0.3.6
 flask-script==2.0.6
 flask-sqlalchemy==2.3.2
 flask==0.12
+funcsigs==1.0.2           # via mock
 future==0.16.0
+futures==3.2.0            # via s3transfer
 gunicorn==19.7.1
 idna==2.6                 # via cryptography
 inflection==0.3.1
+ipaddress==1.0.19         # via cryptography
 itsdangerous==0.24        # via flask
 jinja2==2.10
 jmespath==0.9.3           # via boto3, botocore

From 3538f1a62969b081e29a12bbf52242210e9a9f2d Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Thu, 12 Apr 2018 08:58:04 -0700
Subject: [PATCH 16/22] fix_errors

---
 lemur/common/schema.py       | 2 +-
 lemur/migrations/alembic.ini | 1 -
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/lemur/common/schema.py b/lemur/common/schema.py
index 940f267c..51e257c7 100644
--- a/lemur/common/schema.py
+++ b/lemur/common/schema.py
@@ -148,7 +148,7 @@ def validate_schema(input_schema, output_schema):
                     request_data = request.get_json()
                 else:
                     request_data = request.args
-                print(data)
+                
                 data, errors = input_schema.load(request_data)
 
                 if errors:
diff --git a/lemur/migrations/alembic.ini b/lemur/migrations/alembic.ini
index 6c3428e7..b2e42cfa 100644
--- a/lemur/migrations/alembic.ini
+++ b/lemur/migrations/alembic.ini
@@ -8,7 +8,6 @@
 # the 'revision' command, regardless of autogenerate
 # revision_environment = false
 
-script_location = .
 # Logging configuration
 [loggers]
 keys = root,sqlalchemy,alembic

From 4d05a09a204a14c37ae309279de83b9f7c2628d1 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Thu, 12 Apr 2018 08:59:06 -0700
Subject: [PATCH 17/22] fix_changes

---
 lemur/common/schema.py       | 2 +-
 lemur/migrations/alembic.ini | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/lemur/common/schema.py b/lemur/common/schema.py
index 51e257c7..1e081f8c 100644
--- a/lemur/common/schema.py
+++ b/lemur/common/schema.py
@@ -148,7 +148,7 @@ def validate_schema(input_schema, output_schema):
                     request_data = request.get_json()
                 else:
                     request_data = request.args
-                
+
                 data, errors = input_schema.load(request_data)
 
                 if errors:
diff --git a/lemur/migrations/alembic.ini b/lemur/migrations/alembic.ini
index b2e42cfa..f8ed4801 100644
--- a/lemur/migrations/alembic.ini
+++ b/lemur/migrations/alembic.ini
@@ -8,6 +8,7 @@
 # the 'revision' command, regardless of autogenerate
 # revision_environment = false
 
+
 # Logging configuration
 [loggers]
 keys = root,sqlalchemy,alembic

From f43100a247b4e77815ef6cf94548bae4dd6c6fc4 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Thu, 12 Apr 2018 12:34:08 -0700
Subject: [PATCH 18/22] py3

---
 requirements-dev.txt   | 2 --
 requirements-docs.txt  | 1 -
 requirements-tests.txt | 6 +-----
 requirements.txt       | 6 ------
 4 files changed, 1 insertion(+), 14 deletions(-)

diff --git a/requirements-dev.txt b/requirements-dev.txt
index 9c2d4400..f94fa610 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -9,8 +9,6 @@ cached-property==1.4.2    # via pre-commit
 certifi==2018.1.18        # via requests
 cfgv==1.0.0               # via pre-commit
 chardet==3.0.4            # via requests
-configparser==3.5.0       # via flake8
-enum34==1.1.6             # via flake8
 flake8==3.5.0
 identify==1.0.11          # via pre-commit
 idna==2.6                 # via requests
diff --git a/requirements-docs.txt b/requirements-docs.txt
index a11881c2..a8b93db2 100644
--- a/requirements-docs.txt
+++ b/requirements-docs.txt
@@ -24,5 +24,4 @@ sphinx-rtd-theme==0.3.0
 sphinx==1.7.2
 sphinxcontrib-httpdomain==1.6.1
 sphinxcontrib-websupport==1.0.1  # via sphinx
-typing==3.6.4             # via sphinx
 urllib3==1.22             # via requests
diff --git a/requirements-tests.txt b/requirements-tests.txt
index 5fb4a4dc..4113ad2a 100644
--- a/requirements-tests.txt
+++ b/requirements-tests.txt
@@ -20,22 +20,18 @@ cryptography==2.2.2       # via moto
 docker-pycreds==0.2.2     # via docker
 docker==3.2.1             # via moto
 docutils==0.14            # via botocore
-enum34==1.1.6             # via cryptography
 factory-boy==2.10.0
 faker==0.8.13
 flask==0.12.2             # via pytest-flask
 freezegun==0.3.10
-funcsigs==1.0.2           # via mock, pytest
-futures==3.2.0            # via s3transfer
 idna==2.6                 # via cryptography, requests
-ipaddress==1.0.19         # via cryptography, docker, faker
 itsdangerous==0.24        # via flask
 jinja2==2.10              # via flask, moto
 jmespath==0.9.3           # via boto3, botocore
 jsondiff==1.1.1           # via moto
 jsonpickle==0.9.6         # via aws-xray-sdk
 markupsafe==1.0           # via jinja2
-mock==2.0.0               # via moto, pytest-mock
+mock==2.0.0               # via moto
 more-itertools==4.1.0     # via pytest
 moto==1.3.1
 nose==1.3.7
diff --git a/requirements.txt b/requirements.txt
index 2f7c9458..5e8ef031 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -10,17 +10,14 @@ alembic==0.9.9            # via flask-migrate
 aniso8601==3.0.0          # via flask-restful
 arrow==0.12.1
 asn1crypto==0.24.0        # via cryptography
-backports.functools-lru-cache==1.5  # via arrow
 bcrypt==3.1.4             # via flask-bcrypt, paramiko
 blinker==1.4              # via flask-mail, flask-principal, raven
 boto3==1.7.4
 botocore==1.10.4          # via boto3, s3transfer
 cffi==1.11.5              # via bcrypt, cryptography, pynacl
 click==6.7                # via flask
-contextlib2==0.5.5        # via raven
 cryptography==2.2.2
 docutils==0.14            # via botocore
-enum34==1.1.6             # via cryptography
 flask-bcrypt==0.7.1
 flask-cors==3.0.3
 flask-mail==0.9.1
@@ -30,13 +27,10 @@ flask-restful==0.3.6
 flask-script==2.0.6
 flask-sqlalchemy==2.3.2
 flask==0.12
-funcsigs==1.0.2           # via mock
 future==0.16.0
-futures==3.2.0            # via s3transfer
 gunicorn==19.7.1
 idna==2.6                 # via cryptography
 inflection==0.3.1
-ipaddress==1.0.19         # via cryptography
 itsdangerous==0.24        # via flask
 jinja2==2.10
 jmespath==0.9.3           # via boto3, botocore

From 309d10c4e2482f6d43f7f1c436489e4b706816da Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Fri, 13 Apr 2018 12:52:36 -0700
Subject: [PATCH 19/22] stuff

---
 lemur/static/app/angular/app.js                          | 9 +++++++++
 .../angular/certificates/certificate/options.tpl.html    | 4 +++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/lemur/static/app/angular/app.js b/lemur/static/app/angular/app.js
index c19cb37f..68509fa5 100644
--- a/lemur/static/app/angular/app.js
+++ b/lemur/static/app/angular/app.js
@@ -109,6 +109,15 @@
     };
   });
 
+  lemur.service('DnsService', function (LemurRestangular) {
+    var DnsService = this;
+    DnsService.get = function () {
+      return LemurRestangular.all('dns_service').customGET().then(function (dns_service) {
+        return dns_service;
+      });
+    };
+  });
+
   lemur.directive('lemurBadRequest', [function () {
 			return {
 				template: '<h4>{{ directiveData.message }}</h4>' +
diff --git a/lemur/static/app/angular/certificates/certificate/options.tpl.html b/lemur/static/app/angular/certificates/certificate/options.tpl.html
index 14fc3de8..a2e440fd 100644
--- a/lemur/static/app/angular/certificates/certificate/options.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/options.tpl.html
@@ -241,7 +241,9 @@
           DNS Provider
         </label>
         <div class="col-sm-10">
-          <select class="form-control" ng-model="selected" ng-options="item as item.name for item in dnsProviders"></select>
+          <select class="form-control" ng-model="certificate.dns_provider" ng-options="item as item.name for item in dns_providers">
+              <option value="">-- choose an entry. Needed for LetsEncrypt --</option>
+          </select>
         </div>
       </div>
 

From fbce1ef7c797e83e7fb684b1dbf25ff505a6e836 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Fri, 13 Apr 2018 14:47:18 -0700
Subject: [PATCH 20/22] temp digicert fix

---
 lemur/plugins/lemur_digicert/plugin.py | 2 +-
 requirements-tests.txt                 | 9 +++++----
 requirements.txt                       | 2 +-
 3 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/lemur/plugins/lemur_digicert/plugin.py b/lemur/plugins/lemur_digicert/plugin.py
index ae6a5924..59790185 100644
--- a/lemur/plugins/lemur_digicert/plugin.py
+++ b/lemur/plugins/lemur_digicert/plugin.py
@@ -157,7 +157,7 @@ def map_cis_fields(options, csr):
         "csr": csr,
         "signature_hash": signature_hash(options.get('signing_algorithm')),
         "validity": {
-            "valid_to": options['validity_end'].format('YYYY-MM-DDTHH:MM:SSZ')
+            "valid_to": options['validity_end'].format('YYYY-MM-DD')
         },
         "organization": {
             "name": options['organization'],
diff --git a/requirements-tests.txt b/requirements-tests.txt
index 4113ad2a..1e36cef5 100644
--- a/requirements-tests.txt
+++ b/requirements-tests.txt
@@ -14,7 +14,7 @@ certifi==2018.1.18        # via requests
 cffi==1.11.5              # via cryptography
 chardet==3.0.4            # via requests
 click==6.7                # via flask
-cookies==2.2.1            # via moto
+cookies==2.2.1            # via moto, responses
 coverage==4.5.1
 cryptography==2.2.2       # via moto
 docker-pycreds==0.2.2     # via docker
@@ -33,7 +33,7 @@ jsonpickle==0.9.6         # via aws-xray-sdk
 markupsafe==1.0           # via jinja2
 mock==2.0.0               # via moto
 more-itertools==4.1.0     # via pytest
-moto==1.3.1
+moto==1.3.2
 nose==1.3.7
 pbr==4.0.2                # via mock
 pluggy==0.6.0             # via pytest
@@ -48,9 +48,10 @@ python-dateutil==2.6.1    # via botocore, faker, freezegun, moto
 pytz==2018.4              # via moto
 pyyaml==3.12              # via pyaml
 requests-mock==1.4.0
-requests==2.18.4          # via aws-xray-sdk, docker, moto, requests-mock
+requests==2.18.4          # via aws-xray-sdk, docker, moto, requests-mock, responses
+responses==0.9.0          # via moto
 s3transfer==0.1.13        # via boto3
-six==1.11.0               # via cryptography, docker, docker-pycreds, faker, freezegun, mock, more-itertools, moto, pytest, python-dateutil, requests-mock, websocket-client
+six==1.11.0               # via cryptography, docker, docker-pycreds, faker, freezegun, mock, more-itertools, moto, pytest, python-dateutil, requests-mock, responses, websocket-client
 text-unidecode==1.2       # via faker
 urllib3==1.22             # via requests
 websocket-client==0.47.0  # via docker
diff --git a/requirements.txt b/requirements.txt
index 5e8ef031..15c7a1fe 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -34,7 +34,7 @@ inflection==0.3.1
 itsdangerous==0.24        # via flask
 jinja2==2.10
 jmespath==0.9.3           # via boto3, botocore
-josepy==1.0.1             # via acme
+josepy==1.1.0             # via acme
 lockfile==0.12.2
 mako==1.0.7               # via alembic
 markupsafe==1.0           # via jinja2, mako

From 44e3b33aaa9a58ece57fbb605c943fc43066cda6 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Fri, 20 Apr 2018 14:49:54 -0700
Subject: [PATCH 21/22] More stuff. Will prioritize this more next week

---
 lemur/certificates/schemas.py                 |  4 +-
 lemur/defaults/schemas.py                     |  2 -
 lemur/defaults/views.py                       |  3 -
 lemur/dns_providers/models.py                 |  3 +-
 lemur/dns_providers/schemas.py                |  6 +-
 lemur/dns_providers/service.py                | 37 +++++--
 lemur/dns_providers/views.py                  | 23 ++++-
 lemur/plugins/lemur_acme/plugin.py            | 60 ++++++------
 .../lemur_digicert/tests/test_digicert.py     | 12 +--
 lemur/schemas.py                              | 10 ++
 lemur/static/app/angular/app.js               | 10 +-
 .../certificates/certificate/certificate.js   |  5 +
 .../certificates/certificate/options.tpl.html | 14 +--
 .../certificate/tracking.tpl.html             | 11 +++
 .../app/angular/certificates/services.js      |  7 +-
 .../dns_provider/dns_provider.js              | 98 +++++++++++++++++++
 .../dns_provider/dns_provider.tpl.html        | 93 ++++++++++++++++++
 .../app/angular/dns_providers/services.js     | 38 +++++++
 .../app/angular/dns_providers/view/view.js    | 84 ++++++++++++++++
 .../angular/dns_providers/view/view.tpl.html  | 54 ++++++++++
 .../angular/pending_certificates/services.js  |  1 -
 lemur/static/app/index.html                   |  1 +
 22 files changed, 496 insertions(+), 80 deletions(-)
 create mode 100644 lemur/static/app/angular/dns_providers/dns_provider/dns_provider.js
 create mode 100644 lemur/static/app/angular/dns_providers/dns_provider/dns_provider.tpl.html
 create mode 100644 lemur/static/app/angular/dns_providers/services.js
 create mode 100644 lemur/static/app/angular/dns_providers/view/view.js
 create mode 100644 lemur/static/app/angular/dns_providers/view/view.tpl.html

diff --git a/lemur/certificates/schemas.py b/lemur/certificates/schemas.py
index 651aa647..f98f6a67 100644
--- a/lemur/certificates/schemas.py
+++ b/lemur/certificates/schemas.py
@@ -18,7 +18,8 @@ from lemur.schemas import (
     ExtensionSchema,
     AssociatedRoleSchema,
     EndpointNestedOutputSchema,
-    AssociatedRotationPolicySchema
+    AssociatedRotationPolicySchema,
+    DnsProviderSchema
 )
 
 from lemur.authorities.schemas import AuthorityNestedOutputSchema
@@ -70,6 +71,7 @@ class CertificateInputSchema(CertificateCreationSchema):
     replaces = fields.Nested(AssociatedCertificateSchema, missing=[], many=True)
     replacements = fields.Nested(AssociatedCertificateSchema, missing=[], many=True)  # deprecated
     roles = fields.Nested(AssociatedRoleSchema, missing=[], many=True)
+    dns_provider = fields.Nested(DnsProviderSchema, missing={}, required=False)
 
     csr = fields.String(validate=validators.csr)
     key_type = fields.String(validate=validate.OneOf(['RSA2048', 'RSA4096']), missing='RSA2048')
diff --git a/lemur/defaults/schemas.py b/lemur/defaults/schemas.py
index 58ba31af..c03d6d85 100644
--- a/lemur/defaults/schemas.py
+++ b/lemur/defaults/schemas.py
@@ -8,7 +8,6 @@
 from marshmallow import fields
 from lemur.common.schema import LemurOutputSchema
 from lemur.authorities.schemas import AuthorityNestedOutputSchema
-from lemur.dns_providers.schemas import DnsProvidersNestedOutputSchema
 
 
 class DefaultOutputSchema(LemurOutputSchema):
@@ -19,7 +18,6 @@ class DefaultOutputSchema(LemurOutputSchema):
     organization = fields.String()
     organizational_unit = fields.String()
     issuer_plugin = fields.String()
-    dns_providers = fields.List(fields.Nested(DnsProvidersNestedOutputSchema))
 
 
 default_output_schema = DefaultOutputSchema()
diff --git a/lemur/defaults/views.py b/lemur/defaults/views.py
index 7ba38fa0..5fe3cf41 100644
--- a/lemur/defaults/views.py
+++ b/lemur/defaults/views.py
@@ -9,7 +9,6 @@ from flask_restful import Api
 from lemur.common.schema import validate_schema
 from lemur.authorities.service import get_by_name
 from lemur.auth.service import AuthenticatedResource
-from lemur.dns_providers.service import get_all_dns_providers
 
 from lemur.defaults.schemas import default_output_schema
 
@@ -61,7 +60,6 @@ class LemurDefaults(AuthenticatedResource):
         """
 
         default_authority = get_by_name(current_app.config.get('LEMUR_DEFAULT_AUTHORITY'))
-        dns_providers = get_all_dns_providers()
 
         return dict(
             country=current_app.config.get('LEMUR_DEFAULT_COUNTRY'),
@@ -71,7 +69,6 @@ class LemurDefaults(AuthenticatedResource):
             organizational_unit=current_app.config.get('LEMUR_DEFAULT_ORGANIZATIONAL_UNIT'),
             issuer_plugin=current_app.config.get('LEMUR_DEFAULT_ISSUER_PLUGIN'),
             authority=default_authority,
-            dns_providers=dns_providers,
         )
 
 
diff --git a/lemur/dns_providers/models.py b/lemur/dns_providers/models.py
index f43aac0b..e0b50134 100644
--- a/lemur/dns_providers/models.py
+++ b/lemur/dns_providers/models.py
@@ -15,4 +15,5 @@ class DnsProviders(db.Model):
     api_endpoint = Column(String(length=256), nullable=True)
     date_created = Column(ArrowType(), server_default=text('now()'), nullable=False)
     status = Column(String(length=128), nullable=True)
-    options = Column(JSON)
+    options = Column(JSON, nullable=True)
+    domains = Column(JSON, nullable=True)
diff --git a/lemur/dns_providers/schemas.py b/lemur/dns_providers/schemas.py
index bae9570c..df2042c6 100644
--- a/lemur/dns_providers/schemas.py
+++ b/lemur/dns_providers/schemas.py
@@ -8,13 +8,11 @@ class DnsProvidersNestedOutputSchema(LemurOutputSchema):
     __envelope__ = False
     id = fields.Integer()
     name = fields.String()
-    description = fields.String()
     provider_type = fields.String()
+    description = fields.String()
     credentials = fields.String()
     api_endpoint = fields.String()
     date_created = ArrowDateTime()
-    status = fields.String()
-    options = fields.String()
 
 
-default_output_schema = DnsProvidersNestedOutputSchema()
+dns_provider_schema = DnsProvidersNestedOutputSchema()
diff --git a/lemur/dns_providers/service.py b/lemur/dns_providers/service.py
index fa752d09..03314513 100644
--- a/lemur/dns_providers/service.py
+++ b/lemur/dns_providers/service.py
@@ -1,16 +1,33 @@
+from lemur import database
 from lemur.dns_providers.models import DnsProviders
 
 
-def get_all_dns_providers(status="active"):
+def render(args):
     """
-    Retrieves all certificates within Lemur.
-
+    Helper that helps us render the REST Api responses.
+    :param args:
     :return:
     """
-    all_dns_providers = DnsProviders.query.all()
-    dns_provider_result = []
-    for provider in all_dns_providers:
-        print(provider)
-        if provider.status == status:
-            dns_provider_result.append(provider.__dict__)
-    return dns_provider_result
+    query = database.session_query(DnsProviders)
+
+    return database.sort_and_page(query, DnsProviders, args)
+
+
+def get(dns_provider_id):
+    """
+    Retrieves a dns provider by its lemur assigned ID.
+
+    :param dns_provider_id: Lemur assigned ID
+    :rtype : DnsProvider
+    :return:
+    """
+    return database.get(DnsProviders, dns_provider_id)
+
+
+def delete(dns_provider_id):
+    """
+    Deletes a DNS provider.
+
+    :param dns_provider_id: Lemur assigned ID
+    """
+    database.delete(get(dns_provider_id))
\ No newline at end of file
diff --git a/lemur/dns_providers/views.py b/lemur/dns_providers/views.py
index faa76aac..0f324bdf 100644
--- a/lemur/dns_providers/views.py
+++ b/lemur/dns_providers/views.py
@@ -5,13 +5,15 @@
     :license: Apache, see LICENSE for more details.
 .. moduleauthor:: Curtis Castrapel <ccastrapel@netflix.com>
 """
-from flask import Blueprint
+from flask import Blueprint, g
 from flask_restful import reqparse, Api
 
-
+from lemur.auth.permissions import admin_permission
 from lemur.auth.service import AuthenticatedResource
-
+from lemur.common.schema import validate_schema
+from lemur.common.utils import paginated_parser
 from lemur.dns_providers import service
+from lemur.dns_providers.schemas import dns_provider_schema
 
 mod = Blueprint('dns_providers', __name__)
 api = Api(mod)
@@ -23,6 +25,7 @@ class DnsProvidersList(AuthenticatedResource):
         self.reqparse = reqparse.RequestParser()
         super(DnsProvidersList, self).__init__()
 
+    @validate_schema(None, dns_provider_schema)
     def get(self):
         """
         .. http:get:: /dns_providers
@@ -66,7 +69,19 @@ class DnsProvidersList(AuthenticatedResource):
            :statuscode 403: unauthenticated
 
         """
-        return service.get_all_dns_providers()
+        parser = paginated_parser.copy()
+        parser.add_argument('id', type=int, location='args')
+        parser.add_argument('name', type=str, location='args')
+        parser.add_argument('type', type=str, location='args')
+
+        args = parser.parse_args()
+        args['user'] = g.user
+        return service.render(args)
+
+    @admin_permission.require(http_exception=403)
+    def delete(self, dns_provider_id):
+        service.delete(dns_provider_id)
+        return {'result': True}
 
 
 api.add_resource(DnsProvidersList, '/dns_providers', endpoint='dns_providers')
diff --git a/lemur/plugins/lemur_acme/plugin.py b/lemur/plugins/lemur_acme/plugin.py
index e5fd1730..4f64d521 100644
--- a/lemur/plugins/lemur_acme/plugin.py
+++ b/lemur/plugins/lemur_acme/plugin.py
@@ -9,6 +9,7 @@
 
 .. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
 .. moduleauthor:: Mikhail Khodorovskiy <mikhail.khodorovskiy@jivesoftware.com>
+.. moduleauthor:: Curtis Castrapel <ccastrapel@netflix.com>
 """
 import josepy as jose
 import json
@@ -23,7 +24,6 @@ from lemur.common.utils import generate_private_key
 
 import OpenSSL.crypto
 
-from lemur.common.utils import validate_conf
 from lemur.plugins.bases import IssuerPlugin
 from lemur.plugins import lemur_acme as acme
 
@@ -97,20 +97,26 @@ def request_certificate(acme_client, authorizations, csr):
         OpenSSL.crypto.FILETYPE_PEM, cert_response.body
     ).decode('utf-8')
 
-    pem_certificate_chain = "\n".join(
-        OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert.decode("utf-8"))
-        for cert in acme_client.fetch_chain(cert_response)
-    ).decode('utf-8')
+    full_chain = []
+    for cert in acme_client.fetch_chain(cert_response):
+        chain = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert)
+        full_chain.append(chain.decode("utf-8"))
+    pem_certificate_chain = "\n".join(full_chain)
 
-    current_app.logger.debug("{0} {1}".format(type(pem_certificate). type(pem_certificate_chain)))
+    current_app.logger.debug("{0} {1}".format(type(pem_certificate), type(pem_certificate_chain)))
     return pem_certificate, pem_certificate_chain
 
 
 def setup_acme_client(authority):
-    options = json.loads(authority.get('options', '[]'))
-    email = options.getcurrent_app.config.get('ACME_EMAIL')
-    tel = current_app.config.get('ACME_TEL')
-    directory_url = current_app.config.get('ACME_DIRECTORY_URL')
+    if not authority.options:
+        raise Exception("Invalid authority. Options not set")
+    options = {}
+    for o in json.loads(authority.options):
+        print(o)
+        options[o.get("name")] = o.get("value")
+    email = options.get('email', current_app.config.get('ACME_EMAIL'))
+    tel = options.get('telephone', current_app.config.get('ACME_TEL'))
+    directory_url = options.get('acme_url', current_app.config.get('ACME_DIRECTORY_URL'))
     contact = ('mailto:{}'.format(email), 'tel:{}'.format(tel))
 
     key = jose.JWKRSA(key=generate_private_key('RSA2048'))
@@ -173,7 +179,7 @@ class ACMEIssuerPlugin(IssuerPlugin):
     description = 'Enables the creation of certificates via ACME CAs (including Let\'s Encrypt)'
     version = acme.VERSION
 
-    author = 'Kevin Glisson'
+    author = 'Netflix'
     author_url = 'https://github.com/netflix/lemur.git'
 
     options = [
@@ -207,18 +213,6 @@ class ACMEIssuerPlugin(IssuerPlugin):
     ]
 
     def __init__(self, *args, **kwargs):
-        required_vars = [
-            'ACME_DIRECTORY_URL',
-            'ACME_TEL',
-            'ACME_EMAIL',
-            'ACME_AWS_ACCOUNT_NUMBER',
-            'ACME_ROOT'
-        ]
-
-        validate_conf(current_app, required_vars)
-        self.dns_provider_name = current_app.config.get('ACME_DNS_PROVIDER', 'route53')
-        current_app.logger.debug("Using DNS provider: {0}".format(self.dns_provider_name))
-        self.dns_provider = __import__(self.dns_provider_name, globals(), locals(), [], 1)
         super(ACMEIssuerPlugin, self).__init__(*args, **kwargs)
 
     def create_certificate(self, csr, issuer_options):
@@ -229,12 +223,22 @@ class ACMEIssuerPlugin(IssuerPlugin):
         :param issuer_options:
         :return: :raise Exception:
         """
-        current_app.logger.debug("Requesting a new acme certificate: {0}".format(issuer_options))
-        acme_client, registration = setup_acme_client(issuer_options.get(issuer_options.get('authority')))
-        # Deal with account number per certificate
-        account_number = current_app.config.get('ACME_AWS_ACCOUNT_NUMBER')
+        authority = issuer_options.get('authority')
+        acme_client, registration = setup_acme_client(authority)
+        dns_provider = issuer_options.get('dns_provider')
+        if not dns_provider:
+            raise Exception("DNS Provider setting is required for ACME certificates.")
+        credentials = json.loads(dns_provider.credentials)
+
+        current_app.logger.debug("Using DNS provider: {0}".format(dns_provider.provider_type))
+        dns_provider_type = __import__(dns_provider.provider_type, globals(), locals(), [], 1)
+        account_number = credentials.get("account_number")
+        if dns_provider.provider_type == 'route53' and not account_number:
+            error = "DNS Provider {} does not have an account number configured.".format(dns_provider.name)
+            current_app.logger.error(error)
+            raise Exception(error)
         domains = get_domains(issuer_options)
-        authorizations = get_authorizations(acme_client, account_number, domains, self.dns_provider)
+        authorizations = get_authorizations(acme_client, account_number, domains, dns_provider_type)
         pem_certificate, pem_certificate_chain = request_certificate(acme_client, authorizations, csr)
         # TODO add external ID (if possible)
         return pem_certificate, pem_certificate_chain, None
diff --git a/lemur/plugins/lemur_digicert/tests/test_digicert.py b/lemur/plugins/lemur_digicert/tests/test_digicert.py
index 91f27ad4..53536fce 100644
--- a/lemur/plugins/lemur_digicert/tests/test_digicert.py
+++ b/lemur/plugins/lemur_digicert/tests/test_digicert.py
@@ -150,11 +150,7 @@ def test_signature_hash(app):
         signature_hash('sdfdsf')
 
 
-def test_issuer_plugin_create_certificate():
-    import requests_mock
-    from lemur.plugins.lemur_digicert.plugin import DigiCertIssuerPlugin
-
-    pem_fixture = """\
+def test_issuer_plugin_create_certificate(certificate_="""\
 -----BEGIN CERTIFICATE-----
 abc
 -----END CERTIFICATE-----
@@ -164,7 +160,11 @@ def
 -----BEGIN CERTIFICATE-----
 ghi
 -----END CERTIFICATE-----
-"""
+"""):
+    import requests_mock
+    from lemur.plugins.lemur_digicert.plugin import DigiCertIssuerPlugin
+
+    pem_fixture = certificate_
 
     subject = DigiCertIssuerPlugin()
     adapter = requests_mock.Adapter()
diff --git a/lemur/schemas.py b/lemur/schemas.py
index 9d1836cd..03bffc11 100644
--- a/lemur/schemas.py
+++ b/lemur/schemas.py
@@ -21,6 +21,7 @@ from lemur.plugins.utils import get_plugin_option
 from lemur.roles.models import Role
 from lemur.users.models import User
 from lemur.authorities.models import Authority
+from lemur.dns_providers.models import DnsProviders
 from lemur.policies.models import RotationPolicy
 from lemur.certificates.models import Certificate
 from lemur.destinations.models import Destination
@@ -159,6 +160,15 @@ class AssociatedRotationPolicySchema(LemurInputSchema):
         return fetch_objects(RotationPolicy, data, many=many)
 
 
+class DnsProviderSchema(LemurInputSchema):
+    id = fields.Integer()
+    name = fields.String()
+
+    @post_load
+    def get_object(self, data, many=False):
+        return fetch_objects(DnsProviders, data, many=many)
+
+
 class PluginInputSchema(LemurInputSchema):
     plugin_options = fields.List(fields.Dict(), validate=validate_options)
     slug = fields.String(required=True)
diff --git a/lemur/static/app/angular/app.js b/lemur/static/app/angular/app.js
index 68509fa5..b71518b4 100644
--- a/lemur/static/app/angular/app.js
+++ b/lemur/static/app/angular/app.js
@@ -109,11 +109,11 @@
     };
   });
 
-  lemur.service('DnsService', function (LemurRestangular) {
-    var DnsService = this;
-    DnsService.get = function () {
-      return LemurRestangular.all('dns_service').customGET().then(function (dns_service) {
-        return dns_service;
+  lemur.service('DnsProviders', function (LemurRestangular) {
+    var DnsProviders = this;
+    DnsProviders.get = function () {
+      return LemurRestangular.all('dns_providers').customGET().then(function (dnsProviders) {
+        return dnsProviders;
       });
     };
   });
diff --git a/lemur/static/app/angular/certificates/certificate/certificate.js b/lemur/static/app/angular/certificates/certificate/certificate.js
index fdd773fd..1294dd32 100644
--- a/lemur/static/app/angular/certificates/certificate/certificate.js
+++ b/lemur/static/app/angular/certificates/certificate/certificate.js
@@ -134,6 +134,11 @@ angular.module('lemur')
       $scope.certificate.validityYears = null;
     };
 
+    CertificateService.getDnsProviders().then(function (providers) {
+            $scope.dnsProviders = providers;
+        }
+    );
+
     $scope.create = function (certificate) {
       WizardHandler.wizard().context.loading = true;
       CertificateService.create(certificate).then(
diff --git a/lemur/static/app/angular/certificates/certificate/options.tpl.html b/lemur/static/app/angular/certificates/certificate/options.tpl.html
index a2e440fd..7e47cf18 100644
--- a/lemur/static/app/angular/certificates/certificate/options.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/options.tpl.html
@@ -235,19 +235,7 @@
           </div>
         </div>
        <div class="col-sm-10">
-           <!-- two -->
-           <div class="form-group">
-        <label class="control-label col-sm-2">
-          DNS Provider
-        </label>
-        <div class="col-sm-10">
-          <select class="form-control" ng-model="certificate.dns_provider" ng-options="item as item.name for item in dns_providers">
-              <option value="">-- choose an entry. Needed for LetsEncrypt --</option>
-          </select>
-        </div>
-      </div>
-
-      </div>
+       </div></div>
       </div>
       </div>
     </div>
diff --git a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
index 21277106..fb74d208 100644
--- a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
@@ -107,6 +107,17 @@
         </ui-select>
       </div>
     </div>
+       <div class="form-group" ng-show="certificate.authority.plugin.slug == 'acme-issuer'">
+        <label class="control-label col-sm-2">
+          DNS Provider:
+        </label>
+
+        <div class="col-sm-10">
+          <select class="form-control" ng-model="certificate.dnsProvider" ng-options="item as item.name for item in dnsProviders.items track by item.id">
+              <option value="">- choose an entry. Neded for ACME Providers -</option>
+          </select>
+        </div>
+      </div>
     <div class="form-group">
       <label class="control-label col-sm-2"
              uib-tooltip="If no date is selected Lemur attempts to issue a 2 year certificate">
diff --git a/lemur/static/app/angular/certificates/services.js b/lemur/static/app/angular/certificates/services.js
index e3bd5c64..ee69428d 100644
--- a/lemur/static/app/angular/certificates/services.js
+++ b/lemur/static/app/angular/certificates/services.js
@@ -149,7 +149,7 @@ angular.module('lemur')
     });
     return LemurRestangular.all('certificates');
   })
-  .service('CertificateService', function ($location, CertificateApi, AuthorityService, AuthorityApi, LemurRestangular, DefaultService) {
+  .service('CertificateService', function ($location, CertificateApi, AuthorityService, AuthorityApi, LemurRestangular, DefaultService, DnsProviders) {
     var CertificateService = this;
     CertificateService.findCertificatesByName = function (filterValue) {
       return CertificateApi.getList({'filter[name]': filterValue})
@@ -243,10 +243,13 @@ angular.module('lemur')
             certificate.authority = defaults.authority;
           }
         }
-        certificate.dns_providers = defaults.dnsProviders;
       });
     };
 
+    CertificateService.getDnsProviders = function () {
+      return DnsProviders.get();
+    }
+
     CertificateService.loadPrivateKey = function (certificate) {
       return certificate.customGET('key');
     };
diff --git a/lemur/static/app/angular/dns_providers/dns_provider/dns_provider.js b/lemur/static/app/angular/dns_providers/dns_provider/dns_provider.js
new file mode 100644
index 00000000..91df1f7d
--- /dev/null
+++ b/lemur/static/app/angular/dns_providers/dns_provider/dns_provider.js
@@ -0,0 +1,98 @@
+'use strict';
+
+angular.module('lemur')
+
+  .controller('DnsProviderCreateController', function ($scope, $uibModalInstance, PluginService, DnsProviderService, LemurRestangular, toaster) {
+    $scope.dns_provider = LemurRestangular.restangularizeElement(null, {}, 'dns_providers');
+
+    PluginService.getByType('dns_provider').then(function (plugins) {
+      $scope.plugins = plugins;
+    });
+
+    PluginService.getByType('export').then(function (plugins) {
+      $scope.exportPlugins = plugins;
+    });
+
+    $scope.save = function (dns_provider) {
+      DnsProvider.create(dns_provider.then(
+        function () {
+          toaster.pop({
+            type: 'success',
+            title: dns_provider.label,
+            body: 'Successfully Created!'
+          });
+          $uibModalInstance.close();
+        }, function (response) {
+          toaster.pop({
+            type: 'error',
+            title: dns_provider.label,
+            body: 'lemur-bad-request',
+            bodyOutputType: 'directive',
+            directiveData: response.data,
+            timeout: 100000
+          });
+        });
+    };
+
+    $scope.cancel = function () {
+      $uibModalInstance.dismiss('cancel');
+    };
+  })
+
+  .controller('DnsProviderEditController', function ($scope, $uibModalInstance, DnsProviderService, DnsProviderApi, PluginService, toaster, editId) {
+
+
+    DnsProviderApi.get(editId).then(function (dns_provider) {
+      $scope.dns_provider = dns_provider;
+
+      PluginService.getByType('dns_provider').then(function (plugins) {
+        $scope.plugins = plugins;
+
+        _.each($scope.plugins, function (plugin) {
+          if (plugin.slug === $scope.dns_provider.plugin.slug) {
+            plugin.pluginOptions = $scope.dns_provider.plugin.pluginOptions;
+            $scope.dns_provider.plugin = plugin;
+            _.each($scope.dns_provider.plugin.pluginOptions, function (option) {
+              if (option.type === 'export-plugin') {
+                PluginService.getByType('export').then(function (plugins) {
+                  $scope.exportPlugins = plugins;
+
+                  _.each($scope.exportPlugins, function (plugin) {
+                    if (plugin.slug === option.value.slug) {
+                      plugin.pluginOptions = option.value.pluginOptions;
+                      option.value = plugin;
+                    }
+                  });
+                });
+              }
+            });
+          }
+        });
+      });
+    });
+
+    $scope.save = function (dns_provider) {
+      DnsProviderService.update(dns_provider).then(
+        function () {
+          toaster.pop({
+            type: 'success',
+            title: dns_provider.label,
+            body: 'Successfully Updated!'
+          });
+          $uibModalInstance.close();
+        }, function (response) {
+          toaster.pop({
+            type: 'error',
+            title: dns_provider.label,
+            body: 'lemur-bad-request',
+            bodyOutputType: 'directive',
+            directiveData: response.data,
+            timeout: 100000
+          });
+        });
+    };
+
+    $scope.cancel = function () {
+      $uibModalInstance.dismiss('cancel');
+    };
+  });
diff --git a/lemur/static/app/angular/dns_providers/dns_provider/dns_provider.tpl.html b/lemur/static/app/angular/dns_providers/dns_provider/dns_provider.tpl.html
new file mode 100644
index 00000000..1a7beb7c
--- /dev/null
+++ b/lemur/static/app/angular/dns_providers/dns_provider/dns_provider.tpl.html
@@ -0,0 +1,93 @@
+<div class="modal-header">
+  <button type="button" class="close" ng-click="cancel()" aria-label="Close"><span aria-hidden="true">&times;</span>
+  </button>
+  <h3><span ng-show="!dns_provider.fromServer">Create</span><span ng-show="dns_provider.fromServer">Edit</span>
+    DnsProvider <span class="text-muted"><small>oh the places you will go!</small></span></h3>
+</div>
+<div class="modal-body">
+  <form name="createForm" class="form-horizontal" role="form" novalidate>
+    <div class="form-group"
+         ng-class="{'has-error': createForm.label.$invalid, 'has-success': !createForm.label.$invalid&&createForm.label.$dirty}">
+      <label class="control-label col-sm-2">
+        Label
+      </label>
+      <div class="col-sm-10">
+        <input name="label" ng-model="dns_provider.label" placeholder="Label" class="form-control" required/>
+        <p ng-show="createForm.label.$invalid && !createForm.label.$pristine" class="help-block">You must enter an
+          dns_provider label</p>
+      </div>
+    </div>
+    <div class="form-group">
+      <label class="control-label col-sm-2">
+        Description
+      </label>
+      <div class="col-sm-10">
+        <textarea name="comments" ng-model="dns_provider.description" placeholder="Something elegant"
+                  class="form-control"></textarea>
+      </div>
+    </div>
+    <div class="form-group">
+      <label class="control-label col-sm-2">
+        Plugin
+      </label>
+      <div class="col-sm-10">
+        <select class="form-control" ng-model="dns_provider.plugin" ng-options="plugin.title for plugin in plugins"
+                required></select>
+      </div>
+    </div>
+    <div class="form-group" ng-repeat="item in dns_provider.plugin.pluginOptions">
+      <ng-form name="subForm" class="form-horizontal" role="form" novalidate>
+        <div ng-class="{'has-error': subForm.sub.$invalid, 'has-success': !subForm.sub.$invalid&&subForm.sub.$dirty}">
+          <label class="control-label col-sm-2">
+            {{ item.name | titleCase }}
+          </label>
+          <div class="col-sm-10">
+            <input name="sub" ng-if="item.type == 'int'" type="number" ng-pattern="item.validation?item.validation:'^[0-9]+$'" 
+                   class="form-control" ng-model="item.value"/>
+            <select name="sub" ng-if="item.type == 'select'" class="form-control" ng-options="i for i in item.available"
+                    ng-model="item.value"></select>
+            <input name="sub" ng-if="item.type == 'bool'" class="form-control" type="checkbox" ng-model="item.value">
+            <input name="sub" ng-if="item.type == 'str'" type="text" class="form-control" ng-model="item.value"/>
+            <div ng-if="item.type == 'export-plugin'">
+              <form name="exportForm" class="form-horizontal" role="form" novalidate>
+                <select class="form-control" ng-model="item.value"
+                        ng-options="plugin.title for plugin in exportPlugins" required></select>
+                <div class="col-sm-10">
+                  <div class="form-group" ng-repeat="item in item.value.pluginOptions">
+                    <ng-form name="subForm" class="form-horizontal" role="form" novalidate>
+                      <div
+                        ng-class="{'has-error': subForm.sub.$invalid, 'has-success': !subForm.sub.$invalid&&subForm.sub.$dirty}">
+                        <label class="control-label col-sm-2">
+                          {{ item.name | titleCase }}
+                        </label>
+                        <div class="col-sm-10">
+                          <input name="sub" ng-if="item.type == 'int'" type="number" ng-pattern="item.validation?item.validation:'^[0-9]+$'"
+                                 class="form-control" ng-model="item.value"/>
+                          <select name="sub" ng-if="item.type == 'select'" class="form-control"
+                                  ng-options="i for i in item.available" ng-model="item.value"></select>
+                          <input name="sub" ng-if="item.type == 'bool'" class="form-control" type="checkbox"
+                                 ng-model="item.value">
+                          <input name="sub" ng-if="item.type == 'str'" type="text" class="form-control"
+                                 ng-model="item.value" ng-pattern="item.validation"/>
+                          <p ng-show="subForm.sub.$invalid && !subForm.sub.$pristine"
+                             class="help-block">{{ item.helpMessage }}</p>
+                        </div>
+                      </div>
+                    </ng-form>
+                  </div>
+                </div>
+              </form>
+            </div>
+            <p ng-show="subForm.sub.$invalid && !subForm.sub.$pristine" class="help-block">{{ item.helpMessage }}</p>
+          </div>
+        </div>
+      </ng-form>
+    </div>
+  </form>
+</div>
+<div class="modal-footer">
+  <button ng-click="save(dns_provider)" type="submit" ng-disabled="createForm.$invalid" class="btn btn-primary">Save
+  </button>
+  <button ng-click="cancel()" class="btn btn-danger">Cancel</button>
+</div>
+
diff --git a/lemur/static/app/angular/dns_providers/services.js b/lemur/static/app/angular/dns_providers/services.js
new file mode 100644
index 00000000..2846d275
--- /dev/null
+++ b/lemur/static/app/angular/dns_providers/services.js
@@ -0,0 +1,38 @@
+'use strict';
+angular.module('lemur')
+  .service('DnsProviderApi', function (LemurRestangular) {
+    return LemurRestangular.all('dns_providers');
+  })
+  .service('DnsProviderService', function ($location,  DnsProviderApi, PluginService, DnsProviders) {
+    var DnsProviderService = this;
+    DnsProviderService.findDnsProvidersByName = function (filterValue) {
+      return DnsProviderApi.getList({'filter[label]': filterValue})
+        .then(function (dns_providers) {
+          return dns_providers;
+        });
+    };
+
+    DnsProviderService.getDnsProviders = function () {
+      return DnsProviders.get();
+    }
+
+    DnsProviderService.create = function (dns_provider) {
+      return DnsProviderApi.post(dns_provider);
+    };
+
+    DnsProviderService.get = function () {
+      return DnsProviderApi.get();
+    };
+
+
+    DnsProviderService.update = function (dns_provider) {
+      return dns_provider.put();
+    };
+
+    DnsProviderService.getPlugin = function (dns_provider) {
+      return PluginService.getByName(dns_provider.pluginName).then(function (plugin) {
+        dns_provider.plugin = plugin;
+      });
+    };
+    return DnsProviderService;
+  });
diff --git a/lemur/static/app/angular/dns_providers/view/view.js b/lemur/static/app/angular/dns_providers/view/view.js
new file mode 100644
index 00000000..7b323dc5
--- /dev/null
+++ b/lemur/static/app/angular/dns_providers/view/view.js
@@ -0,0 +1,84 @@
+'use strict';
+
+angular.module('lemur')
+
+  .config(function config($stateProvider) {
+    $stateProvider.state('dns_providers', {
+      url: '/dns_providers',
+      templateUrl: '/angular/dns_providers/view/view.tpl.html',
+      controller: 'DnsProvidersViewController'
+    });
+  })
+
+  .controller('DnsProvidersViewController', function ($scope, $uibModal, DnsProviderApi, DnsProviderService, ngTableParams, toaster) {
+    $scope.filter = {};
+    $scope.dnsProvidersTable = new ngTableParams({
+      page: 1,            // show first page
+      count: 10,          // count per page
+      sorting: {
+        id: 'desc'     // initial sorting
+      },
+      filter: $scope.filter
+    }, {
+      total: 0,           // length of data
+      getData: function ($defer, params) {
+        DnsProviderApi.getList(params.url()).then(
+          function (data) {
+            params.total(data.total);
+            $defer.resolve(data);
+          }
+        );
+      }
+    });
+
+    $scope.remove = function (dns_provider) {
+      dns_provider.remove().then(
+        function () {
+            $scope.dnsProvidersTable.reload();
+          },
+          function (response) {
+            toaster.pop({
+              type: 'error',
+              title: 'Opps',
+              body: 'I see what you did there: ' + response.data.message
+            });
+          }
+      );
+    };
+
+    $scope.edit = function (dns_providerId) {
+      var uibModalInstance = $uibModal.open({
+        animation: true,
+        templateUrl: '/angular/dns_providers/dns_provider/dns_provider.tpl.html',
+        controller: 'DnsProvidersEditController',
+        size: 'lg',
+        backdrop: 'static',
+        resolve: {
+            editId: function () {
+              return dns_providerId;
+            }
+        }
+      });
+
+      uibModalInstance.result.then(function () {
+        $scope.dnsProvidersTable.reload();
+      });
+
+    };
+
+    $scope.create = function () {
+      var uibModalInstance = $uibModal.open({
+        animation: true,
+        controller: 'DnsProvidersCreateController',
+        templateUrl: '/angular/dns_providers/dns_provider/dns_provider.tpl.html',
+        size: 'lg',
+        backdrop: 'static'
+      });
+
+      uibModalInstance.result.then(function () {
+        $scope.dnsProvidersTable.reload();
+      });
+
+    };
+
+  });
diff --git a/lemur/static/app/angular/dns_providers/view/view.tpl.html b/lemur/static/app/angular/dns_providers/view/view.tpl.html
new file mode 100644
index 00000000..fca794c2
--- /dev/null
+++ b/lemur/static/app/angular/dns_providers/view/view.tpl.html
@@ -0,0 +1,54 @@
+<div class="row">
+  <div class="col-md-12">
+    <h2 class="featurette-heading">DNS Providers
+      <span class="text-muted"><small>the root of all problems</small></span></h2>
+    <div class="panel panel-default">
+      <div class="panel-heading">
+        <div class="btn-group pull-right">
+          <button ng-click="create()" class="btn btn-primary">Create</button>
+        </div>
+        <div class="btn-group">
+            <button ng-model="showFilter" class="btn btn-default" uib-btn-checkbox
+                    btn-checkbox-true="1"
+                    btn-checkbox-false="0">Filter</button>
+        </div>
+        <div class="clearfix"></div>
+      </div>
+      <div class="table-responsive">
+        <table ng-table="dnsProvidersTable" class="table table-striped" show-filter="showFilter" template-pagination="angular/pager.html" >
+          <tbody>
+          <tr ng-repeat="dns_provider in $data track by $index">
+            <td data-title="'Name'" sortable="'name'" filter="{ 'name': 'text' }">
+              <ul class="list-unstyled">
+                <li>{{ dns_provider.name }}</li>
+                <li><span class="text-muted">{{ dns_provider.description }}</span></li>
+              </ul>
+            </td>
+              <td data-title="'Type'" sortable="'type'" filter="{ 'type': 'text' }">
+                  <ul class="list-unstyled">
+                      <li>{{ dns_provider.providerType }}</li>
+                  </ul>
+              </td>
+            <td data-title="'Domains'" sortable="'domains'" filter="{ 'domains': 'text' }">
+              <ul class="list-unstyled">
+                <li>{{ dns_provider.domains }}</li>
+                <li><span class="text-muted">{{ dns_provider.description }}</span></li>
+              </ul>
+            </td>
+            <td data-title="''">
+              <div class="btn-group-vertical pull-right">
+                <button uib-tooltip="Edit DNS Provider" ng-click="edit(dns_provider.id)" class="btn btn-sm btn-info">
+                  Edit
+                </button>
+                <button uib-tooltip="Delete DNS Provider" ng-click="remove(dns_provider)" type="button" class="btn btn-sm btn-danger pull-left">
+                  Remove
+                </button>
+              </div>
+            </td>
+          </tr>
+          </tbody>
+        </table>
+      </div>
+    </div>
+  </div>
+</div>
diff --git a/lemur/static/app/angular/pending_certificates/services.js b/lemur/static/app/angular/pending_certificates/services.js
index 95637641..32b335ac 100644
--- a/lemur/static/app/angular/pending_certificates/services.js
+++ b/lemur/static/app/angular/pending_certificates/services.js
@@ -230,7 +230,6 @@ angular.module('lemur')
             certificate.authority = defaults.authority;
           }
         }
-        certificate.dns_providers = defaults.dnsProviders;
       });
     };
 
diff --git a/lemur/static/app/index.html b/lemur/static/app/index.html
index 0320ea69..466cfe9e 100644
--- a/lemur/static/app/index.html
+++ b/lemur/static/app/index.html
@@ -65,6 +65,7 @@
                             <li><a ui-sref="domains">Domains</a></li>
                             <li><a ui-sref="logs">Logs</a></li>
                             <li><a ui-sref="keys">Api Keys</a></li>
+                            <li><a ui-sref="dns_providers">DNS Providers</a></li>
                         </ul>
                     </li>
                 </ul>

From 7704f51441287e00509ea448f702e249d0806de4 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Tue, 24 Apr 2018 09:38:57 -0700
Subject: [PATCH 22/22] Working acme flow. Pending DNS providers UI

---
 lemur/authorizations/__init__.py              |  0
 lemur/authorizations/models.py                | 34 +++++++++++++
 lemur/authorizations/service.py               | 24 +++++++++
 lemur/certificates/schemas.py                 |  2 +-
 lemur/dns_providers/models.py                 |  2 +-
 lemur/dns_providers/service.py                |  2 +-
 lemur/models.py                               |  4 +-
 lemur/pending_certificates/cli.py             |  2 +-
 lemur/pending_certificates/models.py          |  7 +++
 lemur/plugins/bases/issuer.py                 |  2 +-
 lemur/plugins/lemur_acme/plugin.py            | 50 ++++++++++++++++---
 lemur/plugins/lemur_acme/route53.py           |  2 +-
 lemur/plugins/lemur_digicert/plugin.py        |  3 +-
 lemur/schemas.py                              |  4 --
 .../app/angular/certificates/services.js      |  2 +-
 .../dns_provider/dns_provider.js              |  4 +-
 .../app/angular/dns_providers/services.js     |  2 +-
 lemur/tests/plugins/issuer_plugin.py          |  3 +-
 lemur/tests/test_certificates.py              | 28 +++++++----
 19 files changed, 143 insertions(+), 34 deletions(-)
 create mode 100644 lemur/authorizations/__init__.py
 create mode 100644 lemur/authorizations/models.py
 create mode 100644 lemur/authorizations/service.py

diff --git a/lemur/authorizations/__init__.py b/lemur/authorizations/__init__.py
new file mode 100644
index 00000000..e69de29b
diff --git a/lemur/authorizations/models.py b/lemur/authorizations/models.py
new file mode 100644
index 00000000..1c9e587b
--- /dev/null
+++ b/lemur/authorizations/models.py
@@ -0,0 +1,34 @@
+"""
+.. module: lemur.authorizations.models
+    :platform: unix
+    :copyright: (c) 2015 by Netflix Inc., see AUTHORS for more
+    :license: Apache, see LICENSE for more details.
+.. moduleauthor:: Netflix Secops <secops@netflix.com>
+"""
+from sqlalchemy import Column, Integer, String
+from sqlalchemy_utils import JSONType
+from lemur.database import db
+
+from lemur.plugins.base import plugins
+
+
+class Authorizations(db.Model):
+    __tablename__ = 'pending_dns_authorizations'
+    id = Column(Integer, primary_key=True, autoincrement=True)
+    account_number = Column(String(128))
+    domains = Column(JSONType)
+    dns_provider_type = Column(String(128))
+    options = Column(JSONType)
+
+    @property
+    def plugin(self):
+        return plugins.get(self.plugin_name)
+
+    def __repr__(self):
+        return "Authorizations(id={id})".format(label=self.id)
+
+    def __init__(self, account_number, domains, dns_provider_type, options=None):
+        self.account_number = account_number
+        self.domains = domains
+        self.dns_provider_type = dns_provider_type
+        self.options = options
diff --git a/lemur/authorizations/service.py b/lemur/authorizations/service.py
new file mode 100644
index 00000000..d1a8b874
--- /dev/null
+++ b/lemur/authorizations/service.py
@@ -0,0 +1,24 @@
+"""
+.. module: lemur.pending_certificates.service
+    Copyright (c) 2017 and onwards Instart Logic, Inc.  All rights reserved.
+.. moduleauthor:: Secops <secops@netflix.com>
+"""
+from lemur import database
+
+from lemur.authorizations.models import Authorizations
+
+
+def get(authorization_id):
+    """
+    Retrieve dns authorization by ID
+    """
+    return database.get(Authorizations, authorization_id)
+
+
+def create(account_number, domains, dns_provider_type, options=None):
+    """
+    Creates a new dns authorization.
+    """
+
+    authorization = Authorizations(account_number, domains, dns_provider_type, options)
+    return database.create(authorization)
diff --git a/lemur/certificates/schemas.py b/lemur/certificates/schemas.py
index f98f6a67..cce4aa33 100644
--- a/lemur/certificates/schemas.py
+++ b/lemur/certificates/schemas.py
@@ -71,7 +71,7 @@ class CertificateInputSchema(CertificateCreationSchema):
     replaces = fields.Nested(AssociatedCertificateSchema, missing=[], many=True)
     replacements = fields.Nested(AssociatedCertificateSchema, missing=[], many=True)  # deprecated
     roles = fields.Nested(AssociatedRoleSchema, missing=[], many=True)
-    dns_provider = fields.Nested(DnsProviderSchema, missing={}, required=False)
+    dns_provider = fields.Nested(DnsProviderSchema, missing={}, required=False, allow_none=True)
 
     csr = fields.String(validate=validators.csr)
     key_type = fields.String(validate=validate.OneOf(['RSA2048', 'RSA4096']), missing='RSA2048')
diff --git a/lemur/dns_providers/models.py b/lemur/dns_providers/models.py
index e0b50134..7a1fdd01 100644
--- a/lemur/dns_providers/models.py
+++ b/lemur/dns_providers/models.py
@@ -1,4 +1,4 @@
-from sqlalchemy import Column, Integer, PrimaryKeyConstraint, String, text, UniqueConstraint
+from sqlalchemy import Column, Integer, String, text
 from sqlalchemy.dialects.postgresql import JSON
 from sqlalchemy_utils import ArrowType
 
diff --git a/lemur/dns_providers/service.py b/lemur/dns_providers/service.py
index 03314513..b2eef9e1 100644
--- a/lemur/dns_providers/service.py
+++ b/lemur/dns_providers/service.py
@@ -30,4 +30,4 @@ def delete(dns_provider_id):
 
     :param dns_provider_id: Lemur assigned ID
     """
-    database.delete(get(dns_provider_id))
\ No newline at end of file
+    database.delete(get(dns_provider_id))
diff --git a/lemur/models.py b/lemur/models.py
index 9f352bb9..02c64dbe 100644
--- a/lemur/models.py
+++ b/lemur/models.py
@@ -8,9 +8,7 @@
     :license: Apache, see LICENSE for more details.
 .. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
 """
-from sqlalchemy import Column, Integer, ForeignKey, Index, PrimaryKeyConstraint, String, text, UniqueConstraint
-from sqlalchemy.dialects.postgresql import JSON
-from sqlalchemy_utils import ArrowType
+from sqlalchemy import Column, Integer, ForeignKey, Index, UniqueConstraint
 
 from lemur.database import db
 
diff --git a/lemur/pending_certificates/cli.py b/lemur/pending_certificates/cli.py
index ff846fe1..ae69bc0d 100644
--- a/lemur/pending_certificates/cli.py
+++ b/lemur/pending_certificates/cli.py
@@ -29,7 +29,7 @@ def fetch(ids):
 
     for cert in pending_certs:
         authority = plugins.get(cert.authority.plugin_name)
-        real_cert = authority.get_ordered_certificate(cert.external_id)
+        real_cert = authority.get_ordered_certificate(cert)
         if real_cert:
             # If a real certificate was returned from issuer, then create it in Lemur and delete
             # the pending certificate
diff --git a/lemur/pending_certificates/models.py b/lemur/pending_certificates/models.py
index 0e841968..b29759ec 100644
--- a/lemur/pending_certificates/models.py
+++ b/lemur/pending_certificates/models.py
@@ -8,6 +8,7 @@ from datetime import datetime as dt
 from sqlalchemy.orm import relationship
 from sqlalchemy import Integer, ForeignKey, String, PassiveDefault, func, Column, Text, Boolean
 from sqlalchemy_utils.types.arrow import ArrowType
+from sqlalchemy_utils import JSONType
 
 import lemur.common.utils
 from lemur.certificates.models import get_or_increase_name
@@ -37,6 +38,7 @@ class PendingCertificate(db.Model):
     private_key = Column(Vault, nullable=True)
 
     date_created = Column(ArrowType, PassiveDefault(func.now()), nullable=False)
+    dns_provider_id = Column(Integer(), nullable=True)
 
     status = Column(String(128))
 
@@ -54,6 +56,7 @@ class PendingCertificate(db.Model):
                             secondary=pending_cert_replacement_associations,
                             backref='pending_cert',
                             passive_deletes=True)
+    options = Column(JSONType)
 
     rotation_policy = relationship("RotationPolicy")
 
@@ -93,3 +96,7 @@ class PendingCertificate(db.Model):
         self.replaces = kwargs.get('replaces', [])
         self.rotation = kwargs.get('rotation')
         self.rotation_policy = kwargs.get('rotation_policy')
+        try:
+            self.dns_provider_id = kwargs.get('dns_provider', {}).get("id")
+        except AttributeError:
+            self.dns_provider_id = None
diff --git a/lemur/plugins/bases/issuer.py b/lemur/plugins/bases/issuer.py
index 1cca60d7..dc9ca076 100644
--- a/lemur/plugins/bases/issuer.py
+++ b/lemur/plugins/bases/issuer.py
@@ -25,7 +25,7 @@ class IssuerPlugin(Plugin):
     def revoke_certificate(self, certificate, comments):
         raise NotImplementedError
 
-    def get_ordered_certificate(self, order_id):
+    def get_ordered_certificate(self, certificate):
         raise NotImplementedError
 
     def cancel_ordered_certificate(self, pending_cert, **kwargs):
diff --git a/lemur/plugins/lemur_acme/plugin.py b/lemur/plugins/lemur_acme/plugin.py
index 4f64d521..e7e6d8c3 100644
--- a/lemur/plugins/lemur_acme/plugin.py
+++ b/lemur/plugins/lemur_acme/plugin.py
@@ -24,6 +24,8 @@ from lemur.common.utils import generate_private_key
 
 import OpenSSL.crypto
 
+from lemur.authorizations import service as authorization_service
+from lemur.dns_providers import service as dns_provider_service
 from lemur.plugins.bases import IssuerPlugin
 from lemur.plugins import lemur_acme as acme
 
@@ -153,11 +155,14 @@ def get_domains(options):
 
 def get_authorizations(acme_client, account_number, domains, dns_provider):
     authorizations = []
-    try:
-        for domain in domains:
-            authz_record = start_dns_challenge(acme_client, account_number, domain, dns_provider)
-            authorizations.append(authz_record)
+    for domain in domains:
+        authz_record = start_dns_challenge(acme_client, account_number, domain, dns_provider)
+        authorizations.append(authz_record)
+    return authorizations
 
+
+def finalize_authorizations(acme_client, account_number, dns_provider, authorizations):
+    try:
         for authz_record in authorizations:
             complete_dns_challenge(acme_client, account_number, authz_record, dns_provider)
     finally:
@@ -215,6 +220,23 @@ class ACMEIssuerPlugin(IssuerPlugin):
     def __init__(self, *args, **kwargs):
         super(ACMEIssuerPlugin, self).__init__(*args, **kwargs)
 
+    def get_ordered_certificate(self, pending_cert):
+        acme_client, registration = setup_acme_client(pending_cert.authority)
+        order_info = authorization_service.get(pending_cert.external_id)
+        dns_provider = dns_provider_service.get(pending_cert.dns_provider_id)
+        dns_provider_type = __import__(dns_provider.provider_type, globals(), locals(), [], 1)
+        authorizations = get_authorizations(
+            acme_client, order_info.account_number, order_info.domains, dns_provider_type)
+
+        finalize_authorizations(acme_client, order_info.account_number, dns_provider_type, authorizations)
+        pem_certificate, pem_certificate_chain = request_certificate(acme_client, authorizations, pending_cert.csr)
+        cert = {
+            'body': "\n".join(str(pem_certificate).splitlines()),
+            'chain': "\n".join(str(pem_certificate_chain).splitlines()),
+            'external_id': str(pending_cert.external_id)
+        }
+        return cert
+
     def create_certificate(self, csr, issuer_options):
         """
         Creates an ACME certificate.
@@ -224,10 +246,12 @@ class ACMEIssuerPlugin(IssuerPlugin):
         :return: :raise Exception:
         """
         authority = issuer_options.get('authority')
+        create_immediately = issuer_options.get('create_immediately', False)
         acme_client, registration = setup_acme_client(authority)
-        dns_provider = issuer_options.get('dns_provider')
-        if not dns_provider:
+        dns_provider_d = issuer_options.get('dns_provider')
+        if not dns_provider_d:
             raise Exception("DNS Provider setting is required for ACME certificates.")
+        dns_provider = dns_provider_service.get(dns_provider_d.get("id"))
         credentials = json.loads(dns_provider.credentials)
 
         current_app.logger.debug("Using DNS provider: {0}".format(dns_provider.provider_type))
@@ -238,7 +262,21 @@ class ACMEIssuerPlugin(IssuerPlugin):
             current_app.logger.error(error)
             raise Exception(error)
         domains = get_domains(issuer_options)
+        if not create_immediately:
+            # Create pending authorizations that we'll need to do the creation
+            authz_domains = []
+            for d in domains:
+                if type(d) == str:
+                    authz_domains.append(d)
+                else:
+                    authz_domains.append(d.value)
+
+            dns_authorization = authorization_service.create(account_number, authz_domains, dns_provider.provider_type)
+            # Return id of the DNS Authorization
+            return None, None, dns_authorization.id
+
         authorizations = get_authorizations(acme_client, account_number, domains, dns_provider_type)
+        finalize_authorizations(acme_client, account_number, dns_provider_type, authorizations)
         pem_certificate, pem_certificate_chain = request_certificate(acme_client, authorizations, csr)
         # TODO add external ID (if possible)
         return pem_certificate, pem_certificate_chain, None
diff --git a/lemur/plugins/lemur_acme/route53.py b/lemur/plugins/lemur_acme/route53.py
index 9e5b9688..a95cfcd1 100644
--- a/lemur/plugins/lemur_acme/route53.py
+++ b/lemur/plugins/lemur_acme/route53.py
@@ -58,7 +58,7 @@ def change_txt_record(action, zone_id, domain, value, client=None):
 def create_txt_record(host, value, account_number):
     zone_id = find_zone_id(host, account_number=account_number)
     change_id = change_txt_record(
-        "CREATE",
+        "UPSERT",
         zone_id,
         host,
         value,
diff --git a/lemur/plugins/lemur_digicert/plugin.py b/lemur/plugins/lemur_digicert/plugin.py
index bfe41b4c..619b24e7 100644
--- a/lemur/plugins/lemur_digicert/plugin.py
+++ b/lemur/plugins/lemur_digicert/plugin.py
@@ -325,8 +325,9 @@ class DigiCertIssuerPlugin(IssuerPlugin):
         response = self.session.put(create_url, data=json.dumps({'comments': comments}))
         return handle_response(response)
 
-    def get_ordered_certificate(self, order_id):
+    def get_ordered_certificate(self, pending_cert):
         """ Retrieve a certificate via order id """
+        order_id = pending_cert.external_id
         base_url = current_app.config.get('DIGICERT_URL')
         try:
             certificate_id = get_certificate_id(self.session, base_url, order_id)
diff --git a/lemur/schemas.py b/lemur/schemas.py
index 03bffc11..09915e70 100644
--- a/lemur/schemas.py
+++ b/lemur/schemas.py
@@ -164,10 +164,6 @@ class DnsProviderSchema(LemurInputSchema):
     id = fields.Integer()
     name = fields.String()
 
-    @post_load
-    def get_object(self, data, many=False):
-        return fetch_objects(DnsProviders, data, many=many)
-
 
 class PluginInputSchema(LemurInputSchema):
     plugin_options = fields.List(fields.Dict(), validate=validate_options)
diff --git a/lemur/static/app/angular/certificates/services.js b/lemur/static/app/angular/certificates/services.js
index ee69428d..61e4e45d 100644
--- a/lemur/static/app/angular/certificates/services.js
+++ b/lemur/static/app/angular/certificates/services.js
@@ -248,7 +248,7 @@ angular.module('lemur')
 
     CertificateService.getDnsProviders = function () {
       return DnsProviders.get();
-    }
+    };
 
     CertificateService.loadPrivateKey = function (certificate) {
       return certificate.customGET('key');
diff --git a/lemur/static/app/angular/dns_providers/dns_provider/dns_provider.js b/lemur/static/app/angular/dns_providers/dns_provider/dns_provider.js
index 91df1f7d..b9417634 100644
--- a/lemur/static/app/angular/dns_providers/dns_provider/dns_provider.js
+++ b/lemur/static/app/angular/dns_providers/dns_provider/dns_provider.js
@@ -14,7 +14,7 @@ angular.module('lemur')
     });
 
     $scope.save = function (dns_provider) {
-      DnsProvider.create(dns_provider.then(
+      DnsProviderService.create(dns_provider.then(
         function () {
           toaster.pop({
             type: 'success',
@@ -31,7 +31,7 @@ angular.module('lemur')
             directiveData: response.data,
             timeout: 100000
           });
-        });
+        }));
     };
 
     $scope.cancel = function () {
diff --git a/lemur/static/app/angular/dns_providers/services.js b/lemur/static/app/angular/dns_providers/services.js
index 2846d275..0bc5aeb5 100644
--- a/lemur/static/app/angular/dns_providers/services.js
+++ b/lemur/static/app/angular/dns_providers/services.js
@@ -14,7 +14,7 @@ angular.module('lemur')
 
     DnsProviderService.getDnsProviders = function () {
       return DnsProviders.get();
-    }
+    };
 
     DnsProviderService.create = function (dns_provider) {
       return DnsProviderApi.post(dns_provider);
diff --git a/lemur/tests/plugins/issuer_plugin.py b/lemur/tests/plugins/issuer_plugin.py
index ee760954..acc7dcab 100644
--- a/lemur/tests/plugins/issuer_plugin.py
+++ b/lemur/tests/plugins/issuer_plugin.py
@@ -37,7 +37,8 @@ class TestAsyncIssuerPlugin(IssuerPlugin):
     def create_certificate(self, csr, issuer_options):
         return "", "", 12345
 
-    def get_ordered_certificate(self, order_id):
+    def get_ordered_certificate(self, pending_cert):
+        order_id = pending_cert.external_id
         return INTERNAL_VALID_LONG_STR, INTERNAL_VALID_SAN_STR, 54321
 
     @staticmethod
diff --git a/lemur/tests/test_certificates.py b/lemur/tests/test_certificates.py
index a5bebe15..68082f4c 100644
--- a/lemur/tests/test_certificates.py
+++ b/lemur/tests/test_certificates.py
@@ -63,7 +63,7 @@ def test_get_certificate_primitives(certificate):
 
     with freeze_time(datetime.date(year=2016, month=10, day=30)):
         primitives = get_certificate_primitives(certificate)
-        assert len(primitives) == 23
+        assert len(primitives) == 24
 
 
 def test_certificate_edit_schema(session):
@@ -152,7 +152,8 @@ def test_certificate_input_schema(client, authority):
         'authority': {'id': authority.id},
         'description': 'testtestest',
         'validityEnd': arrow.get(2016, 11, 9).isoformat(),
-        'validityStart': arrow.get(2015, 11, 9).isoformat()
+        'validityStart': arrow.get(2015, 11, 9).isoformat(),
+        'dns_provider': None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -165,7 +166,7 @@ def test_certificate_input_schema(client, authority):
     assert data['country'] == 'US'
     assert data['location'] == 'Los Gatos'
 
-    assert len(data.keys()) == 18
+    assert len(data.keys()) == 19
 
 
 def test_certificate_input_with_extensions(client, authority):
@@ -192,7 +193,8 @@ def test_certificate_input_with_extensions(client, authority):
                     {'nameType': 'DNSName', 'value': 'test.example.com'}
                 ]
             }
-        }
+        },
+        'dns_provider': None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -206,7 +208,8 @@ def test_certificate_out_of_range_date(client, authority):
         'owner': 'jim@example.com',
         'authority': {'id': authority.id},
         'description': 'testtestest',
-        'validityYears': 100
+        'validityYears': 100,
+        'dns_provider': None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -230,7 +233,8 @@ def test_certificate_valid_years(client, authority):
         'owner': 'jim@example.com',
         'authority': {'id': authority.id},
         'description': 'testtestest',
-        'validityYears': 1
+        'validityYears': 1,
+        'dns_provider': None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -245,7 +249,8 @@ def test_certificate_valid_dates(client, authority):
         'authority': {'id': authority.id},
         'description': 'testtestest',
         'validityStart': '2020-01-01T00:00:00',
-        'validityEnd': '2020-01-01T00:00:01'
+        'validityEnd': '2020-01-01T00:00:01',
+        'dns_provider': None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -262,6 +267,7 @@ def test_certificate_cn_admin(client, authority, logged_in_admin):
         'description': 'testtestest',
         'validityStart': '2020-01-01T00:00:00',
         'validityEnd': '2020-01-01T00:00:01',
+        'dns_provider': None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -285,7 +291,8 @@ def test_certificate_allowed_names(client, authority, session, logged_in_user):
                     {'nameType': 'IPAddress', 'value': '127.0.0.1'},
                 ]
             }
-        }
+        },
+        'dns_provider': None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -306,6 +313,7 @@ def test_certificate_incative_authority(client, authority, session, logged_in_us
         'description': 'testtestest',
         'validityStart': '2020-01-01T00:00:00',
         'validityEnd': '2020-01-01T00:00:01',
+        'dns_provider': None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -329,7 +337,8 @@ def test_certificate_disallowed_names(client, authority, session, logged_in_user
                     {'nameType': 'DNSName', 'value': 'evilhacker.org'},
                 ]
             }
-        }
+        },
+        'dns_provider': None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -348,6 +357,7 @@ def test_certificate_sensitive_name(client, authority, session, logged_in_user):
         'description': 'testtestest',
         'validityStart': '2020-01-01T00:00:00',
         'validityEnd': '2020-01-01T00:00:01',
+        'dns_provider': None,
     }
     session.add(Domain(name='sensitive.example.com', sensitive=True))