Finished glue code to push ELBs.

This commit is contained in:
Jeremy Heffner 2015-08-24 12:18:15 -07:00
parent 3ff5cdf43f
commit 6e39a1e666
1 changed files with 58 additions and 26 deletions

View File

@ -488,12 +488,15 @@ class ProvisionELB(Command):
Option('-e', '--elb', dest='elb', required=True), Option('-e', '--elb', dest='elb', required=True),
Option('-o', '--owner', dest='owner'), Option('-o', '--owner', dest='owner'),
Option('-a', '--authority', dest='authority', required=True), Option('-a', '--authority', dest='authority', required=True),
Option('-s', '--description', dest='description'), Option('-s', '--description', dest='description', default=u'Command line provisioned keypair'),
Option('-t', '--destinations', dest='destinations'), Option('-t', '--destinations', dest='destinations'),
Option('-n', '--notifications', dest='notifications') Option('-n', '--notifications', dest='notifications'),
Option('-r', '--region', dest='region', default=u'us-east-1'),
Option('-p', '--dport', '--port', dest='dport', default=7002),
Option('--src-port', '--source-port', '--sport', dest='sport', default=443)
) )
def _configure_user(self, owner): def configure_user(self, owner):
from flask import g from flask import g
import lemur.users.service import lemur.users.service
@ -505,24 +508,19 @@ class ProvisionELB(Command):
return unicode(g.user.username) return unicode(g.user.username)
def _build_cert_options(self, destinations, notifications, description, owner, dns, authority): def build_cert_options(self, destinations, notifications, description, owner, dns, authority):
# convert argument lists to arrays, or empty sets # convert argument lists to arrays, or empty sets
destinations = [] if not destinations else destinations.split(',') destinations = [] if not destinations else self._get_destinations(destinations.split(','))
notifications = [] if not notifications else notifications.split(',') notifications = [] if not notifications else notifications.split(',')
# set a default description
description = u'Command line provisioned keypair' if not description else unicode(description)
owner = unicode(owner)
dns = dns.split(',') dns = dns.split(',')
# get the primary CN # get the primary CN
cn = unicode(dns[0]) commonName = unicode(dns.pop(0))
# IF there are more, add them as alternate name # If there are more than one fqdn, add them as alternate names
extensions = {} extensions = {}
if len(dns) > 1: if dns:
sub_alt_names = [] sub_alt_names = []
for alt_name in dns[1:]: for alt_name in dns[1:]:
@ -530,18 +528,15 @@ class ProvisionELB(Command):
extensions['subAltNames'] = {'names': sub_alt_names} extensions['subAltNames'] = {'names': sub_alt_names}
sys.stdout.write("subNames: {}\n".format(extensions))
sys.stdout.write("cn: {} is a {}\n".format(cn, cn.__class__))
from lemur.certificates.views import valid_authority from lemur.certificates.views import valid_authority
authority = valid_authority({"name": authority}) authority = valid_authority({"name": authority})
options = { options = {
'destinations': destinations, 'destinations': map(lambda x: {'id': x.id, 'label': x.label}, destinations),
'description': description, 'description': unicode(description),
'notifications': notifications, 'notifications': notifications,
'commonName': cn, 'commonName': commonName,
'extensions': extensions, 'extensions': extensions,
'authority': authority, 'authority': authority,
'owner': owner, 'owner': owner,
@ -555,22 +550,59 @@ class ProvisionELB(Command):
return options return options
def run(self, dns, elb, owner, authority, description, notifications, destinations): def get_destinations(self, destination_names):
from lemur.destinations import service
destinations = []
for destination_name in destination_names:
sys.stderr.write("looking up dest: {}\n".format(destination_name))
destinations.append(service.get_by_label(destination_name))
return destinations
def _get_destination_account(self, destinations):
for destination in self._get_destinations(destinations.split(',')):
if destination.plugin_name == 'aws-destination':
account_number = destination.plugin.get_option('accountNumber', destination.options)
sys.stdout.write('found aws account: {}\n'.format(account_number))
return account_number
sys.stderr.write("No destination AWS account provided, failing\n")
sys.exit(1)
def run(self, dns, elb_name, owner, authority, description, notifications, destinations, region, dport, sport):
from lemur.certificates import service from lemur.certificates import service
from lemur.plugins.lemur_aws import elb
# configure the owner if we can find it, or go for default, and put it in the global # configure the owner if we can find it, or go for default, and put it in the global
owner = self._configure_user(owner) owner = self.configure_user(owner)
# make a config blob from the command line arguments # make a config blob from the command line arguments
cert_options = self._build_cert_options( cert_options = self.build_cert_options(
destinations=destinations, notifications=notifications, description=description, destinations=destinations,
owner=owner, dns=dns, authority=authority) notifications=notifications,
description=description,
owner=owner,
dns=dns,
authority=authority)
sys.stdout.write("cert options: {}\n".format(cert_options)) aws_account = self.get_destination_account(destinations)
# create the certificate # create the certificate
sys.stdout.write('Creating certificate for {}'.format(cert_options['commonName']))
cert = service.create(**cert_options) cert = service.create(**cert_options)
sys.stdout.write("cert {}".format(cert))
cert_arn = cert.get_arn(aws_account)
sys.stderr.write('cert arn: {}\n'.format(cert_arn))
time.sleep(2)
# adding the listener
sys.stderr.write('Configuring elb {} from port {} to port {} in region {} with cert {}\n'.format(elb, sport, dport, region, cert_arn))
elb.create_new_listeners(aws_account, region, elb_name, [(sport, dport, 'HTTPS', cert_arn)])
def main(): def main():