Adding additional failure conditions to sentry tracking. (#853)

* Adding additional failure conditions to sentry tracking. * Removing sentry extension as a circular import.
2017-07-13 14:49:04 -07:00
parent 6779e19ac9
commit 61c493fc91
6 changed files with 54 additions and 34 deletions
--- a/lemur/certificates/cli.py
+++ b/lemur/certificates/cli.py
@ -12,6 +12,7 @@ from flask import current_app
 from flask_script import Manager

 from lemur import database
+from lemur.extensions import sentry
 from lemur.extensions import metrics
 from lemur.deployment import service as deployment_service
 from lemur.endpoints import service as endpoint_service
@ -146,34 +147,36 @@ def rotate(endpoint_name, new_certificate_name, old_certificate_name, message, c

    print("[+] Starting endpoint rotation.")

-    old_cert = validate_certificate(old_certificate_name)
-    new_cert = validate_certificate(new_certificate_name)
-    endpoint = validate_endpoint(endpoint_name)
+    try:
+        old_cert = validate_certificate(old_certificate_name)
+        new_cert = validate_certificate(new_certificate_name)
+        endpoint = validate_endpoint(endpoint_name)

-    if endpoint and new_cert:
-        print("[+] Rotating endpoint: {0} to certificate {1}".format(endpoint.name, new_cert.name))
-        request_rotation(endpoint, new_cert, message, commit)
-
-    elif old_cert and new_cert:
-        print("[+] Rotating all endpoints from {0} to {1}".format(old_cert.name, new_cert.name))
-
-        for endpoint in old_cert.endpoints:
-            print("[+] Rotating {0}".format(endpoint.name))
+        if endpoint and new_cert:
+            print("[+] Rotating endpoint: {0} to certificate {1}".format(endpoint.name, new_cert.name))
            request_rotation(endpoint, new_cert, message, commit)

-    else:
-        print("[+] Rotating all endpoints that have new certificates available")
-        for endpoint in endpoint_service.get_all_pending_rotation():
-            if len(endpoint.certificate.replaced) == 1:
-                print("[+] Rotating {0} to {1}".format(endpoint.name, endpoint.certificate.replaced[0].name))
-                request_rotation(endpoint, endpoint.certificate.replaced[0], message, commit)
-            else:
-                metrics.send('endpoint_rotation_failure', 'counter', 1)
-                print("[!] Failed to rotate endpoint {0} reason: Multiple replacement certificates found.".format(
-                    endpoint.name
-                ))
+        elif old_cert and new_cert:
+            print("[+] Rotating all endpoints from {0} to {1}".format(old_cert.name, new_cert.name))

-    print("[+] Done!")
+            for endpoint in old_cert.endpoints:
+                print("[+] Rotating {0}".format(endpoint.name))
+                request_rotation(endpoint, new_cert, message, commit)
+
+        else:
+            print("[+] Rotating all endpoints that have new certificates available")
+            for endpoint in endpoint_service.get_all_pending_rotation():
+                if len(endpoint.certificate.replaced) == 1:
+                    print("[+] Rotating {0} to {1}".format(endpoint.name, endpoint.certificate.replaced[0].name))
+                    request_rotation(endpoint, endpoint.certificate.replaced[0], message, commit)
+                else:
+                    metrics.send('endpoint_rotation_failure', 'counter', 1)
+                    print("[!] Failed to rotate endpoint {0} reason: Multiple replacement certificates found.".format(
+                        endpoint.name
+                    ))
+        print("[+] Done!")
+    except Exception as e:
+        sentry.captureException()


@manager.option('-o', '--old-certificate', dest='old_certificate_name', help='Name of the certificate you wish to reissue.')
@ -201,6 +204,7 @@ def reissue(old_certificate_name, commit):

        print("[+] Done!")
    except Exception as e:
+        sentry.captureException()
        metrics.send('certificate_reissue_failure', 'counter', 1)
        print(
            "[!] Failed to reissue certificate {0} reason: {1}".format(
@ -229,6 +233,7 @@ def check_revoked():
            cert.status = 'valid' if status else 'revoked'

        except Exception as e:
+            sentry.captureException()
            current_app.logger.exception(e)
            cert.status = 'unknown'

--- a/lemur/certificates/models.py
+++ b/lemur/certificates/models.py
@ -25,6 +25,7 @@ from sqlalchemy_utils.types.arrow import ArrowType
 import lemur.common.utils

 from lemur.database import db
+from lemur.extensions import sentry

 from lemur.utils import Vault
 from lemur.common import defaults
@ -323,8 +324,10 @@ class Certificate(db.Model):
                else:
                    current_app.logger.warning('Custom OIDs not yet supported for clone operation.')
        except InvalidCodepoint as e:
+            sentry.captureException()
            current_app.logger.warning('Unable to parse extensions due to underscore in dns name')
        except ValueError as e:
+            sentry.captureException()
            current_app.logger.warning('Unable to parse')
            current_app.logger.exception(e)