* Fixing email notification

* Adding endpoint expiration

* Fixing endpoint type for ELBs

* Allowing verisign to include additional SANs
This commit is contained in:
kevgliss 2016-12-08 15:52:27 -08:00 committed by GitHub
parent a4b32b0d31
commit 968dd52f6f
6 changed files with 44 additions and 5 deletions

View File

@ -121,8 +121,6 @@ def rotate(new_certificate_name=False, old_certificate_name=False, message=False
@manager.command @manager.command
def reissue(old_certificate_name, commit=False): def reissue(old_certificate_name, commit=False):
from lemur.certificates.service import get_by_name, reissue_certificate, get_certificate_primitives
old_cert = get_by_name(old_certificate_name) old_cert = get_by_name(old_certificate_name)
if not old_cert: if not old_cert:

35
lemur/endpoints/cli.py Normal file
View File

@ -0,0 +1,35 @@
"""
.. module: lemur.certificate.cli
:platform: Unix
:copyright: (c) 2015 by Netflix Inc., see AUTHORS for more
:license: Apache, see LICENSE for more details.
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
"""
from flask_script import Manager
import arrow
from datetime import timedelta
from sqlalchemy import cast
from sqlalchemy_utils import ArrowType
from lemur import database
from lemur.extensions import metrics
from lemur.endpoints.models import Endpoint
manager = Manager(usage="Handles all endpoint related tasks.")
@manager.option('-ttl', '--time-to-live', type=int, dest='ttl', default=2, help='Time in hours, which endpoint has not been refreshed to remove the endpoint.')
def expire(ttl):
"""
Removed all endpoints that have not been recently updated.
"""
now = arrow.utcnow()
expiration = now - timedelta(hours=ttl)
endpoints = database.session_query(Endpoint).filter(cast(Endpoint.last_updated, ArrowType) <= expiration)
for endpoint in endpoints:
database.delete(endpoint)
metrics.send('endpoint_expired', 'counter', 1)

View File

@ -23,6 +23,7 @@ from flask_script.commands import ShowUrls, Clean, Server
from lemur.sources.cli import manager as source_manager from lemur.sources.cli import manager as source_manager
from lemur.certificates.cli import manager as certificate_manager from lemur.certificates.cli import manager as certificate_manager
from lemur.notifications.cli import manager as notification_manager from lemur.notifications.cli import manager as notification_manager
from lemur.endpoints.cli import manager as endpoint_manager
from lemur import database from lemur import database
from lemur.users import service as user_service from lemur.users import service as user_service
@ -630,6 +631,7 @@ def main():
manager.add_command("source", source_manager) manager.add_command("source", source_manager)
manager.add_command("certificate", certificate_manager) manager.add_command("certificate", certificate_manager)
manager.add_command("notify", notification_manager) manager.add_command("notify", notification_manager)
manager.add_command("endpoint", endpoint_manager)
manager.add_command("report", Report()) manager.add_command("report", Report())
manager.run() manager.run()

View File

@ -147,7 +147,7 @@ class AWSSourcePlugin(SourcePlugin):
endpoint = dict( endpoint = dict(
name=e['LoadBalancerName'], name=e['LoadBalancerName'],
dnsname=e['DNSName'], dnsname=e['DNSName'],
type='e', type='elb',
port=listener['Listener']['LoadBalancerPort'], port=listener['Listener']['LoadBalancerPort'],
certificate_name=iam.get_name_from_arn(listener['Listener']['SSLCertificateId']) certificate_name=iam.get_name_from_arn(listener['Listener']['SSLCertificateId'])
) )

View File

@ -31,7 +31,7 @@ def render_html(template_name, message):
return template.render(dict(messages=message, hostname=current_app.config.get('LEMUR_HOSTNAME'))) return template.render(dict(messages=message, hostname=current_app.config.get('LEMUR_HOSTNAME')))
def send_via_ses(subject, body, targets): def send_via_smtp(subject, body, targets):
""" """
Attempts to deliver email notification via SES service. Attempts to deliver email notification via SES service.
@ -46,7 +46,7 @@ def send_via_ses(subject, body, targets):
smtp_mail.send(msg) smtp_mail.send(msg)
def send_via_smtp(subject, body, targets): def send_via_ses(subject, body, targets):
""" """
Attempts to deliver email notification via SMTP. Attempts to deliver email notification via SMTP.
:param subject: :param subject:

View File

@ -94,6 +94,10 @@ def process_options(options):
'email': current_app.config.get("VERISIGN_EMAIL") 'email': current_app.config.get("VERISIGN_EMAIL")
} }
if options.get('extensions'):
if options['extensions'].get('sub_alt_names'):
data['subject_alt_names'] = ",".join(x['value'] for x in options['extensions']['sub_alt_names']['names'])
if options.get('validity_end'): if options.get('validity_end'):
period = get_default_issuance(options) period = get_default_issuance(options)
data['specificEndDate'] = options['validity_end'].format("MM/DD/YYYY") data['specificEndDate'] = options['validity_end'].format("MM/DD/YYYY")