Merge branch 'master' of https://github.com/Netflix/lemur into FasterPermalink

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.5
+FROM python:3.7
 RUN apt-get update
 RUN apt-get install -y make software-properties-common curl
 RUN curl -sL https://deb.nodesource.com/setup_7.x | bash -

lemur/notifications/messaging.py

@@ -52,7 +52,7 @@ def get_certificates(exclude=None):
 
     certs = []
 
-    for c in windowed_query(q, Certificate.id, 100):
+    for c in windowed_query(q, Certificate.id, 10000):
         if needs_notification(c):
             certs.append(c)
 
@@ -140,12 +140,6 @@ def send_expiration_notifications(exclude):
                 notification_data.append(cert_data)
                 security_data.append(cert_data)
 
-            notification_recipient = get_plugin_option(
-                "recipients", notification.options
-            )
-            if notification_recipient:
-                notification_recipient = notification_recipient.split(",")
-
             if send_notification(
                 "expiration", notification_data, [owner], notification
             ):
@@ -153,10 +147,16 @@ def send_expiration_notifications(exclude):
             else:
                 failure += 1
 
+            notification_recipient = get_plugin_option(
+                "recipients", notification.options
+            )
+            if notification_recipient:
+                notification_recipient = notification_recipient.split(",")
+                # removing owner and security_email from notification_recipient
+                notification_recipient = [i for i in notification_recipient if i not in security_email and i != owner]
+
             if (
                 notification_recipient
-                and owner != notification_recipient
-                and security_email != notification_recipient
             ):
                 if send_notification(
                     "expiration",

lemur/static/app/angular/certificates/certificate/tracking.tpl.html

@@ -33,6 +33,8 @@
                uib-tooltip="If you need a certificate with multiple domains enter your primary domain here and the rest under 'Subject Alternate Names' by clicking 'More Options'"
                ng-model="certificate.commonName" placeholder="Common Name" class="form-control"
                ng-maxlength="64"
+               ng-blur="certificate.attachCommonName()"
+               ng-focus="certificate.removeCommonName()"
                required/>
 
         <p ng-show="trackingForm.commonName.$invalid && !trackingForm.commonName.$pristine" class="help-block">

lemur/static/app/angular/certificates/services.js

@@ -18,6 +18,26 @@ angular.module('lemur')
           this.authority = authority;
           this.authority.maxDate = moment(this.authority.notAfter).subtract(1, 'days').format('YYYY/MM/DD');
         },
+        attachCommonName: function () {
+          if (this.extensions === undefined) {
+            this.extensions = {};
+          }
+
+          if (this.extensions.subAltNames === undefined) {
+            this.extensions.subAltNames = {'names': []};
+          }
+
+          if (angular.isString(this.commonName)) {
+            this.extensions.subAltNames.names.unshift({'nameType': 'DNSName', 'value': this.commonName});
+          }
+        },
+        removeCommonName: function () {
+          if (angular.isDefined(this.extensions) && angular.isDefined(this.extensions.subAltNames)) {
+            if (angular.equals(this.extensions.subAltNames.names[0].value, this.commonName)) {
+              this.extensions.subAltNames.names.shift();
+            }
+          }
+        },
         attachSubAltName: function () {
           if (this.extensions === undefined) {
             this.extensions = {};

package.json

@@ -9,7 +9,6 @@
     "bower": "^1.8.2",
     "browser-sync": "^2.3.1",
     "del": "^2.2.2",
-    "gulp": "^3.8.11",
     "gulp-autoprefixer": "^3.1.1",
     "gulp-cache": "^0.4.5",
     "gulp-concat": "^2.4.1",
@@ -60,6 +59,7 @@
     "test": "gulp test"
   },
   "devDependencies": {
+    "gulp": "^3.9.1",
     "jshint": "^2.8.0",
     "karma-chrome-launcher": "^2.0.0"
   }

requirements-docs.txt

@@ -10,15 +10,15 @@ alembic-autogenerate-enums==0.0.2
 alembic==1.0.10
 amqp==2.5.0
 aniso8601==6.0.0
-arrow==0.13.2
+arrow==0.14.2
 asn1crypto==0.24.0
 asyncpool==1.0
 babel==2.7.0              # via sphinx
 bcrypt==3.1.6
 billiard==3.6.0.0
 blinker==1.4
-boto3==1.9.158
-botocore==1.12.158
+boto3==1.9.160
+botocore==1.12.160
 celery[redis]==4.3.0
 certifi==2019.3.9
 certsrv==2.1.1
@@ -26,7 +26,7 @@ cffi==1.12.3
 chardet==3.0.4
 click==7.0
 cloudflare==2.3.0
-cryptography==2.6.1
+cryptography==2.7
 dnspython3==1.15.0
 dnspython==1.15.0
 docutils==0.14
@@ -36,7 +36,7 @@ flask-cors==3.0.7
 flask-mail==0.9.1
 flask-migrate==2.5.2
 flask-principal==0.4.0
-flask-replicated==1.2
+flask-replicated==1.3
 flask-restful==0.3.7
 flask-script==2.0.6
 flask-sqlalchemy==2.4.0
@@ -56,7 +56,7 @@ jsonlines==1.2.0
 kombu==4.5.0
 lockfile==0.12.2
 logmatic-python==0.1.7
-mako==1.0.10
+mako==1.0.11
 markupsafe==1.1.1
 marshmallow-sqlalchemy==0.16.3
 marshmallow==2.19.2
@@ -91,7 +91,7 @@ s3transfer==0.2.0
 six==1.12.0
 snowballstemmer==1.2.1    # via sphinx
 sphinx-rtd-theme==0.4.3
-sphinx==2.0.1
+sphinx==2.1.0
 sphinxcontrib-applehelp==1.0.1  # via sphinx
 sphinxcontrib-devhelp==1.0.1  # via sphinx
 sphinxcontrib-htmlhelp==1.0.2  # via sphinx

requirements-tests.txt

@@ -12,16 +12,16 @@ aws-sam-translator==1.11.0  # via cfn-lint
 aws-xray-sdk==2.4.2       # via moto
 bandit==1.6.0
 black==19.3b0
-boto3==1.9.158            # via aws-sam-translator, moto
+boto3==1.9.160            # via aws-sam-translator, moto
 boto==2.49.0              # via moto
-botocore==1.12.158        # via aws-xray-sdk, boto3, moto, s3transfer
+botocore==1.12.160        # via aws-xray-sdk, boto3, moto, s3transfer
 certifi==2019.3.9         # via requests
 cffi==1.12.3              # via cryptography
-cfn-lint==0.21.3          # via moto
+cfn-lint==0.21.4          # via moto
 chardet==3.0.4            # via requests
 click==7.0                # via black, flask
 coverage==4.5.3
-cryptography==2.6.1       # via moto
+cryptography==2.7         # via moto
 docker==4.0.1             # via moto
 docutils==0.14            # via botocore
 ecdsa==0.13.2             # via python-jose
@@ -33,7 +33,7 @@ future==0.17.1            # via aws-xray-sdk, python-jose
 gitdb2==2.0.5             # via gitpython
 gitpython==2.1.11         # via bandit
 idna==2.8                 # via moto, requests
-importlib-metadata==0.17  # via pluggy
+importlib-metadata==0.17  # via pluggy, pytest
 itsdangerous==1.1.0       # via flask
 jinja2==2.10.1            # via flask, moto
 jmespath==0.9.4           # via boto3, botocore
@@ -47,30 +47,32 @@ mock==3.0.5               # via moto
 more-itertools==7.0.0     # via pytest
 moto==1.3.8
 nose==1.3.7
+packaging==19.0           # via pytest
 pbr==5.2.1                # via stevedore
 pluggy==0.12.0            # via pytest
 py==1.8.0                 # via pytest
 pyasn1==0.4.5             # via rsa
 pycparser==2.19           # via cffi
 pyflakes==2.1.1
+pyparsing==2.4.0          # via packaging
 pytest-flask==0.15.0
 pytest-mock==1.10.4
-pytest==4.5.0
+pytest==4.6.2
 python-dateutil==2.8.0    # via botocore, faker, freezegun, moto
 python-jose==3.0.1        # via moto
 pytz==2019.1              # via moto
 pyyaml==5.1
 requests-mock==1.6.0
-requests==2.21.0          # via cfn-lint, docker, moto, requests-mock, responses
+requests==2.22.0          # via cfn-lint, docker, moto, requests-mock, responses
 responses==0.10.6         # via moto
 rsa==4.0                  # via python-jose
 s3transfer==0.2.0         # via boto3
-six==1.12.0               # via aws-sam-translator, bandit, cfn-lint, cryptography, docker, faker, freezegun, mock, moto, pytest, python-dateutil, python-jose, requests-mock, responses, stevedore, websocket-client
+six==1.12.0               # via aws-sam-translator, bandit, cfn-lint, cryptography, docker, faker, freezegun, mock, moto, packaging, pytest, python-dateutil, python-jose, requests-mock, responses, stevedore, websocket-client
 smmap2==2.0.5             # via gitdb2
 stevedore==1.30.1         # via bandit
 text-unidecode==1.2       # via faker
 toml==0.10.0              # via black
-urllib3==1.24.3           # via botocore, requests
+urllib3==1.25.3           # via botocore, requests
 wcwidth==0.1.7            # via pytest
 websocket-client==0.56.0  # via docker
 werkzeug==0.15.4          # via flask, moto, pytest-flask

requirements.txt

@@ -9,14 +9,14 @@ alembic-autogenerate-enums==0.0.2
 alembic==1.0.10           # via flask-migrate
 amqp==2.5.0               # via kombu
 aniso8601==6.0.0          # via flask-restful
-arrow==0.13.2
+arrow==0.14.2
 asn1crypto==0.24.0        # via cryptography
 asyncpool==1.0
 bcrypt==3.1.6             # via flask-bcrypt, paramiko
 billiard==3.6.0.0         # via celery
 blinker==1.4              # via flask-mail, flask-principal, raven
-boto3==1.9.158
-botocore==1.12.158
+boto3==1.9.160
+botocore==1.12.160
 celery[redis]==4.3.0
 certifi==2019.3.9
 certsrv==2.1.1
@@ -24,7 +24,7 @@ cffi==1.12.3              # via bcrypt, cryptography, pynacl
 chardet==3.0.4            # via requests
 click==7.0                # via flask
 cloudflare==2.3.0
-cryptography==2.6.1
+cryptography==2.7
 dnspython3==1.15.0
 dnspython==1.15.0         # via dnspython3
 docutils==0.14            # via botocore
@@ -34,7 +34,7 @@ flask-cors==3.0.7
 flask-mail==0.9.1
 flask-migrate==2.5.2
 flask-principal==0.4.0
-flask-replicated==1.2
+flask-replicated==1.3
 flask-restful==0.3.7
 flask-script==2.0.6
 flask-sqlalchemy==2.4.0
@@ -53,7 +53,7 @@ jsonlines==1.2.0          # via cloudflare
 kombu==4.5.0
 lockfile==0.12.2
 logmatic-python==0.1.7
-mako==1.0.10              # via alembic
+mako==1.0.11              # via alembic
 markupsafe==1.1.1         # via jinja2, mako
 marshmallow-sqlalchemy==0.16.3
 marshmallow==2.19.2