Infra
/
lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Allow specification of dns provider name only

This commit is contained in:
Curtis Castrapel 2018-05-10 12:48:49 -07:00
parent f4a010e505
commit 52e7ff9919
5 changed files with 28 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lemur/certificates/schemas.py
View File

@ -25,12 +25,12 @@ from lemur.schemas import (
AssociatedDestinationSchema,
AssociatedCertificateSchema,
AssociatedNotificationSchema,
AssociatedDnsProviderSchema,
PluginInputSchema,
ExtensionSchema,
AssociatedRoleSchema,
EndpointNestedOutputSchema,
AssociatedRotationPolicySchema,
DnsProviderSchema
)
from lemur.users.schemas import UserNestedOutputSchema
@ -69,8 +69,7 @@ class CertificateInputSchema(CertificateCreationSchema):
replaces = fields.Nested(AssociatedCertificateSchema, missing=[], many=True)
replacements = fields.Nested(AssociatedCertificateSchema, missing=[], many=True) # deprecated
roles = fields.Nested(AssociatedRoleSchema, missing=[], many=True)
dns_provider = fields.Nested(DnsProviderSchema, missing={}, required=False, allow_none=True)
dns_provider_id = fields.Integer(required=False, allow_none=True)
dns_provider = fields.Nested(AssociatedDnsProviderSchema, required=False)
csr = fields.String(validate=validators.csr)

4
lemur/migrations/versions/3adfdd6598df_.py
View File

@ -71,8 +71,12 @@ def upgrade():
existing_type=sa.INTEGER(),
nullable=True)
print("Creating dns_providers_id foreign key on pending_certs table")
op.create_foreign_key(None, 'pending_certs', 'dns_providers', ['dns_provider_id'], ['id'], ondelete='CASCADE')
def downgrade():
print("Removing dns_providers_id foreign key on pending_certs table")
op.drop_constraint(None, 'pending_certs', type_='foreignkey')
print("Reverting column types in the api_keys table")
op.alter_column('api_keys', 'user_id',
existing_type=sa.INTEGER(),

8
lemur/pending_certificates/models.py
View File

@ -38,7 +38,7 @@ class PendingCertificate(db.Model):
private_key = Column(Vault, nullable=True)
date_created = Column(ArrowType, PassiveDefault(func.now()), nullable=False)
dns_provider_id = Column(Integer(), nullable=True)
dns_provider_id = Column(Integer, ForeignKey('dns_providers.id', ondelete="CASCADE"))
status = Column(String(128))
@ -97,6 +97,6 @@ class PendingCertificate(db.Model):
self.rotation = kwargs.get('rotation')
self.rotation_policy = kwargs.get('rotation_policy')
try:
self.dns_provider_id = kwargs.get('dns_provider')["id"]
except (AttributeError, KeyError, TypeError):
self.dns_provider_id = kwargs.get('dns_provider_id')
self.dns_provider_id = kwargs.get('dns_provider').id
except (AttributeError, KeyError, TypeError, Exception):
pass

20
lemur/plugins/lemur_acme/plugin.py
View File

@ -260,11 +260,12 @@ class ACMEIssuerPlugin(IssuerPlugin):
pending = []
certs = []
for pending_cert in pending_certs:
acme_client, registration = setup_acme_client(pending_cert.authority)
order_info = authorization_service.get(pending_cert.external_id)
dns_provider = dns_provider_service.get(pending_cert.dns_provider_id)
dns_provider_type = self.get_dns_provider(dns_provider.provider_type)
try:
acme_client, registration = setup_acme_client(pending_cert.authority)
order_info = authorization_service.get(pending_cert.external_id)
dns_provider = dns_provider_service.get(pending_cert.dns_provider_id)
dns_provider_type = self.get_dns_provider(dns_provider.provider_type)
authorizations = get_authorizations(
acme_client, order_info.account_number, order_info.domains, dns_provider_type)
pending.append({
@ -323,14 +324,9 @@ class ACMEIssuerPlugin(IssuerPlugin):
authority = issuer_options.get('authority')
create_immediately = issuer_options.get('create_immediately', False)
acme_client, registration = setup_acme_client(authority)
dns_provider_d = issuer_options.get('dns_provider')
if not dns_provider_d:
try:
dns_provider = dns_provider_service.get(issuer_options['dns_provider_id'])
except KeyError:
raise InvalidConfiguration("DNS Provider setting is required for ACME certificates.")
else:
dns_provider = dns_provider_service.get(dns_provider_d.get("id"))
dns_provider = issuer_options.get('dns_provider')
if not dns_provider:
raise InvalidConfiguration("DNS Provider setting is required for ACME certificates.")
credentials = json.loads(dns_provider.credentials)
current_app.logger.debug("Using DNS provider: {0}".format(dns_provider.provider_type))

15
lemur/schemas.py
View File

@ -21,6 +21,7 @@ from lemur.plugins.utils import get_plugin_option
from lemur.roles.models import Role
from lemur.users.models import User
from lemur.authorities.models import Authority
from lemur.dns_providers.models import DnsProviders
from lemur.policies.models import RotationPolicy
from lemur.certificates.models import Certificate
from lemur.destinations.models import Destination
@ -105,6 +106,15 @@ class AssociatedAuthoritySchema(LemurInputSchema):
return fetch_objects(Authority, data, many=many)
class AssociatedDnsProviderSchema(LemurInputSchema):
id = fields.Int()
name = fields.String()
@post_load
def get_object(self, data, many=False):
return fetch_objects(DnsProviders, data, many=many)
class AssociatedRoleSchema(LemurInputSchema):
id = fields.Int()
name = fields.String()
@ -159,11 +169,6 @@ class AssociatedRotationPolicySchema(LemurInputSchema):
return fetch_objects(RotationPolicy, data, many=many)
class DnsProviderSchema(LemurInputSchema):
id = fields.Integer()
name = fields.String()
class PluginInputSchema(LemurInputSchema):
plugin_options = fields.List(fields.Dict(), validate=validate_options)
slug = fields.String(required=True)