Fixes (#576)
* Fixing email notification * Adding endpoint expiration * Fixing endpoint type for ELBs * Allowing verisign to include additional SANs
This commit is contained in:
parent
a4b32b0d31
commit
968dd52f6f
|
@ -121,8 +121,6 @@ def rotate(new_certificate_name=False, old_certificate_name=False, message=False
|
||||||
|
|
||||||
@manager.command
|
@manager.command
|
||||||
def reissue(old_certificate_name, commit=False):
|
def reissue(old_certificate_name, commit=False):
|
||||||
from lemur.certificates.service import get_by_name, reissue_certificate, get_certificate_primitives
|
|
||||||
|
|
||||||
old_cert = get_by_name(old_certificate_name)
|
old_cert = get_by_name(old_certificate_name)
|
||||||
|
|
||||||
if not old_cert:
|
if not old_cert:
|
||||||
|
|
|
@ -0,0 +1,35 @@
|
||||||
|
"""
|
||||||
|
.. module: lemur.certificate.cli
|
||||||
|
:platform: Unix
|
||||||
|
:copyright: (c) 2015 by Netflix Inc., see AUTHORS for more
|
||||||
|
:license: Apache, see LICENSE for more details.
|
||||||
|
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
||||||
|
"""
|
||||||
|
from flask_script import Manager
|
||||||
|
|
||||||
|
import arrow
|
||||||
|
from datetime import timedelta
|
||||||
|
|
||||||
|
from sqlalchemy import cast
|
||||||
|
from sqlalchemy_utils import ArrowType
|
||||||
|
|
||||||
|
from lemur import database
|
||||||
|
from lemur.extensions import metrics
|
||||||
|
from lemur.endpoints.models import Endpoint
|
||||||
|
|
||||||
|
|
||||||
|
manager = Manager(usage="Handles all endpoint related tasks.")
|
||||||
|
|
||||||
|
|
||||||
|
@manager.option('-ttl', '--time-to-live', type=int, dest='ttl', default=2, help='Time in hours, which endpoint has not been refreshed to remove the endpoint.')
|
||||||
|
def expire(ttl):
|
||||||
|
"""
|
||||||
|
Removed all endpoints that have not been recently updated.
|
||||||
|
"""
|
||||||
|
now = arrow.utcnow()
|
||||||
|
expiration = now - timedelta(hours=ttl)
|
||||||
|
endpoints = database.session_query(Endpoint).filter(cast(Endpoint.last_updated, ArrowType) <= expiration)
|
||||||
|
|
||||||
|
for endpoint in endpoints:
|
||||||
|
database.delete(endpoint)
|
||||||
|
metrics.send('endpoint_expired', 'counter', 1)
|
|
@ -23,6 +23,7 @@ from flask_script.commands import ShowUrls, Clean, Server
|
||||||
from lemur.sources.cli import manager as source_manager
|
from lemur.sources.cli import manager as source_manager
|
||||||
from lemur.certificates.cli import manager as certificate_manager
|
from lemur.certificates.cli import manager as certificate_manager
|
||||||
from lemur.notifications.cli import manager as notification_manager
|
from lemur.notifications.cli import manager as notification_manager
|
||||||
|
from lemur.endpoints.cli import manager as endpoint_manager
|
||||||
|
|
||||||
from lemur import database
|
from lemur import database
|
||||||
from lemur.users import service as user_service
|
from lemur.users import service as user_service
|
||||||
|
@ -630,6 +631,7 @@ def main():
|
||||||
manager.add_command("source", source_manager)
|
manager.add_command("source", source_manager)
|
||||||
manager.add_command("certificate", certificate_manager)
|
manager.add_command("certificate", certificate_manager)
|
||||||
manager.add_command("notify", notification_manager)
|
manager.add_command("notify", notification_manager)
|
||||||
|
manager.add_command("endpoint", endpoint_manager)
|
||||||
manager.add_command("report", Report())
|
manager.add_command("report", Report())
|
||||||
manager.run()
|
manager.run()
|
||||||
|
|
||||||
|
|
|
@ -147,7 +147,7 @@ class AWSSourcePlugin(SourcePlugin):
|
||||||
endpoint = dict(
|
endpoint = dict(
|
||||||
name=e['LoadBalancerName'],
|
name=e['LoadBalancerName'],
|
||||||
dnsname=e['DNSName'],
|
dnsname=e['DNSName'],
|
||||||
type='e',
|
type='elb',
|
||||||
port=listener['Listener']['LoadBalancerPort'],
|
port=listener['Listener']['LoadBalancerPort'],
|
||||||
certificate_name=iam.get_name_from_arn(listener['Listener']['SSLCertificateId'])
|
certificate_name=iam.get_name_from_arn(listener['Listener']['SSLCertificateId'])
|
||||||
)
|
)
|
||||||
|
|
|
@ -31,7 +31,7 @@ def render_html(template_name, message):
|
||||||
return template.render(dict(messages=message, hostname=current_app.config.get('LEMUR_HOSTNAME')))
|
return template.render(dict(messages=message, hostname=current_app.config.get('LEMUR_HOSTNAME')))
|
||||||
|
|
||||||
|
|
||||||
def send_via_ses(subject, body, targets):
|
def send_via_smtp(subject, body, targets):
|
||||||
"""
|
"""
|
||||||
Attempts to deliver email notification via SES service.
|
Attempts to deliver email notification via SES service.
|
||||||
|
|
||||||
|
@ -46,7 +46,7 @@ def send_via_ses(subject, body, targets):
|
||||||
smtp_mail.send(msg)
|
smtp_mail.send(msg)
|
||||||
|
|
||||||
|
|
||||||
def send_via_smtp(subject, body, targets):
|
def send_via_ses(subject, body, targets):
|
||||||
"""
|
"""
|
||||||
Attempts to deliver email notification via SMTP.
|
Attempts to deliver email notification via SMTP.
|
||||||
:param subject:
|
:param subject:
|
||||||
|
|
|
@ -94,6 +94,10 @@ def process_options(options):
|
||||||
'email': current_app.config.get("VERISIGN_EMAIL")
|
'email': current_app.config.get("VERISIGN_EMAIL")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if options.get('extensions'):
|
||||||
|
if options['extensions'].get('sub_alt_names'):
|
||||||
|
data['subject_alt_names'] = ",".join(x['value'] for x in options['extensions']['sub_alt_names']['names'])
|
||||||
|
|
||||||
if options.get('validity_end'):
|
if options.get('validity_end'):
|
||||||
period = get_default_issuance(options)
|
period = get_default_issuance(options)
|
||||||
data['specificEndDate'] = options['validity_end'].format("MM/DD/YYYY")
|
data['specificEndDate'] = options['validity_end'].format("MM/DD/YYYY")
|
||||||
|
|
Loading…
Reference in New Issue