Various minor cleanups and fixes (#938)
* Documentation fixes * Various docstring and help string fixes * Minor code cleanups * Removed redundant .gitignore entry, ignored package-lock.json. * 'return' statement in certificates.service.render was redundant * Split up too long line * Non-matching tags in templates
This commit is contained in:
parent
ec5dec4a16
commit
97d83890e0
4
.gitignore
vendored
4
.gitignore
vendored
@ -13,6 +13,7 @@
|
||||
MANIFEST
|
||||
test.conf
|
||||
pip-log.txt
|
||||
package-lock.json
|
||||
/htmlcov
|
||||
/cover
|
||||
/build
|
||||
@ -27,5 +28,4 @@ pip-log.txt
|
||||
docs/_build
|
||||
.editorconfig
|
||||
.idea
|
||||
test.conf
|
||||
lemur/tests/tmp
|
||||
lemur/tests/tmp
|
||||
|
@ -93,7 +93,7 @@ Issuer Plugin Owners
|
||||
--------------------
|
||||
|
||||
This release may break your plugins, the keys in `issuer_options` have been changed from `camelCase` to `under_score`.
|
||||
This change was made to break a undue reliance on downstream options maintains a more pythonic naming convention. Renaming
|
||||
This change was made to break an undue reliance on downstream options maintains a more pythonic naming convention. Renaming
|
||||
these keys should be fairly trivial, additionally pull requests have been submitted to affected plugins to help ease the transition.
|
||||
|
||||
.. note:: This change only affects issuer plugins and does not affect any other types of plugins.
|
||||
@ -103,10 +103,10 @@ these keys should be fairly trivial, additionally pull requests have been submit
|
||||
stricter input validation and better error messages when validation fails.
|
||||
* Closed `#146 <https://github.com/Netflix/lemur/issues/146>`_ - Moved authority type to first pane of authority creation wizard.
|
||||
* Closed `#147 <https://github.com/Netflix/lemur/issues/147>`_ - Added and refactored the relationship between authorities and their
|
||||
root certificates. Displays the certificates (and chains) next the the authority in question.
|
||||
root certificates. Displays the certificates (and chains) next to the authority in question.
|
||||
* Closed `#199 <https://github.com/Netflix/lemur/issues/199>`_ - Ensures that the dates submitted to Lemur during authority and
|
||||
certificate creation are actually dates.
|
||||
* Closed `#230 <https://github.com/Netflix/lemur/issues/230>`_ - Migrated authority dropdown to a ui-select based dropdown, this
|
||||
* Closed `#230 <https://github.com/Netflix/lemur/issues/230>`_ - Migrated authority dropdown to an ui-select based dropdown, this
|
||||
should be easier to determine what authorities are available and when an authority has actually been selected.
|
||||
* Closed `#254 <https://github.com/Netflix/lemur/issues/254>`_ - Forces certificate names to be generally unique. If a certificate name
|
||||
(generated or otherwise) is found to be a duplicate we increment by appending a counter.
|
||||
@ -168,6 +168,6 @@ these keys should be fairly trivial, additionally pull requests have been submit
|
||||
0.1.5 - 2015-10-26
|
||||
~~~~~~~~~~~~~~~~~~
|
||||
|
||||
* **SECURITY ISSUE**: Switched from use a AES static key to Fernet encryption.
|
||||
* **SECURITY ISSUE**: Switched from use an AES static key to Fernet encryption.
|
||||
Affects all versions prior to 0.1.5. If upgrading this will require a data migration.
|
||||
see: `Upgrading Lemur <https://lemur.readthedocs.com/adminstration#UpgradingLemur>`_
|
||||
see: `Upgrading Lemur <https://lemur.readthedocs.io/administration#UpgradingLemur>`_
|
||||
|
@ -5,8 +5,8 @@ Lemur
|
||||
:alt: Join the chat at https://gitter.im/Netflix/lemur
|
||||
:target: https://gitter.im/Netflix/lemur?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge
|
||||
|
||||
.. image:: https://readthedocs.org/projects/lemur/badge/?version=latest
|
||||
:target: https://lemur.readthedocs.org
|
||||
.. image:: https://readthedocs.io/projects/lemur/badge/?version=latest
|
||||
:target: https://lemur.readthedocs.io
|
||||
:alt: Latest Docs
|
||||
|
||||
.. image:: https://img.shields.io/badge/NetflixOSS-active-brightgreen.svg
|
||||
@ -25,7 +25,7 @@ Project resources
|
||||
=================
|
||||
|
||||
- `Lemur Blog Post <http://techblog.netflix.com/2015/09/introducing-lemur.html>`_
|
||||
- `Documentation <http://lemur.readthedocs.org/>`_
|
||||
- `Documentation <http://lemur.readthedocs.io/>`_
|
||||
- `Source code <https://github.com/netflix/lemur>`_
|
||||
- `Issue tracker <https://github.com/netflix/lemur/issues>`_
|
||||
- `Docker <https://github.com/Netflix/lemur-docker>`_
|
||||
|
@ -28,14 +28,14 @@ Basic Configuration
|
||||
|
||||
LOG_FILE = "/logs/lemur/lemur-test.log"
|
||||
|
||||
.. data:: debug
|
||||
.. data:: DEBUG
|
||||
:noindex:
|
||||
|
||||
Sets the flask debug flag to true (if supported by the webserver)
|
||||
|
||||
::
|
||||
|
||||
debug = False
|
||||
DEBUG = False
|
||||
|
||||
.. warning::
|
||||
This should never be used in a production environment as it exposes Lemur to
|
||||
@ -959,7 +959,7 @@ After you have the latest version of the Lemur code base you must run any needed
|
||||
This will ensure that any needed tables or columns are created or destroyed.
|
||||
|
||||
.. note::
|
||||
Internally, this uses `Alembic <https://alembic.readthedocs.org/en/latest/>`_ to manage database migrations.
|
||||
Internally, this uses `Alembic <http://alembic.zzzcomputing.com/en/latest/>`_ to manage database migrations.
|
||||
|
||||
.. note::
|
||||
By default Alembic looks for the `migrations` folder in the current working directory.The migrations folder is
|
||||
|
@ -132,8 +132,8 @@ class Ping(Resource):
|
||||
this example we use an OpenIDConnect authentication flow, that is essentially OAuth2 underneath. If you have an
|
||||
OAuth2 provider you want to use Lemur there would be two steps:
|
||||
|
||||
1. Define your own class that inherits from :class:`flask.ext.restful.Resource` and create the HTTP methods the \
|
||||
provider uses for it's callbacks.
|
||||
1. Define your own class that inherits from :class:`flask_restful.Resource` and create the HTTP methods the \
|
||||
provider uses for its callbacks.
|
||||
2. Add or change the Lemur AngularJS Configuration to point to your new provider
|
||||
"""
|
||||
def __init__(self):
|
||||
|
@ -146,7 +146,7 @@ class CertificateNestedOutputSchema(LemurOutputSchema):
|
||||
notify = fields.Boolean()
|
||||
rotation_policy = fields.Nested(RotationPolicyNestedOutputSchema)
|
||||
|
||||
# Note aliasing is the first step in deprecating these fields.
|
||||
# Note aliasing is the first step in deprecating these fields.
|
||||
cn = fields.String() # deprecated
|
||||
common_name = fields.String(attribute='cn')
|
||||
|
||||
@ -177,7 +177,7 @@ class CertificateOutputSchema(LemurOutputSchema):
|
||||
|
||||
rotation = fields.Boolean()
|
||||
|
||||
# Note aliasing is the first step in deprecating these fields.
|
||||
# Note aliasing is the first step in deprecating these fields.
|
||||
notify = fields.Boolean()
|
||||
active = fields.Boolean(attribute='notify')
|
||||
|
||||
|
@ -291,7 +291,6 @@ def render(args):
|
||||
Certificate.authority_id.in_(sub_query)
|
||||
)
|
||||
)
|
||||
return database.sort_and_page(query, Certificate, args)
|
||||
|
||||
elif 'destination' in terms:
|
||||
query = query.filter(Certificate.destinations.any(Destination.id == terms[1]))
|
||||
|
@ -19,7 +19,7 @@ def ocsp_verify(cert_path, issuer_chain_path):
|
||||
"""
|
||||
Attempts to verify a certificate via OCSP. OCSP is a more modern version
|
||||
of CRL in that it will query the OCSP URI in order to determine if the
|
||||
certificate as been revoked
|
||||
certificate has been revoked
|
||||
|
||||
:param cert_path:
|
||||
:param issuer_chain_path:
|
||||
|
@ -84,7 +84,7 @@ class CertificatesList(AuthenticatedResource):
|
||||
"deleted": null,
|
||||
"notifications": [{
|
||||
"id": 1
|
||||
}]
|
||||
}],
|
||||
"signingAlgorithm": "sha256",
|
||||
"user": {
|
||||
"username": "jane",
|
||||
@ -169,7 +169,7 @@ class CertificatesList(AuthenticatedResource):
|
||||
},
|
||||
"replacements": [{
|
||||
"id": 1
|
||||
},
|
||||
}],
|
||||
"notify": true,
|
||||
"validityEnd": "2026-01-01T08:00:00.000Z",
|
||||
"authority": {
|
||||
@ -215,7 +215,7 @@ class CertificatesList(AuthenticatedResource):
|
||||
"deleted": null,
|
||||
"notifications": [{
|
||||
"id": 1
|
||||
}]
|
||||
}],
|
||||
"signingAlgorithm": "sha256",
|
||||
"user": {
|
||||
"username": "jane",
|
||||
@ -232,7 +232,7 @@ class CertificatesList(AuthenticatedResource):
|
||||
"replaces": [{
|
||||
"id": 1
|
||||
}],
|
||||
"rotation": True,
|
||||
"rotation": true,
|
||||
"rotationPolicy": {"name": "default"},
|
||||
"name": "WILDCARD.test.example.net-SymantecCorporation-20160603-20180112",
|
||||
"roles": [{
|
||||
@ -331,7 +331,7 @@ class CertificatesUpload(AuthenticatedResource):
|
||||
"deleted": null,
|
||||
"notifications": [{
|
||||
"id": 1
|
||||
}]
|
||||
}],
|
||||
"signingAlgorithm": "sha256",
|
||||
"user": {
|
||||
"username": "jane",
|
||||
@ -346,7 +346,7 @@ class CertificatesUpload(AuthenticatedResource):
|
||||
"name": "*.test.example.net"
|
||||
}],
|
||||
"replaces": [],
|
||||
"rotation": True,
|
||||
"rotation": true,
|
||||
"rotationPolicy": {"name": "default"},
|
||||
"name": "WILDCARD.test.example.net-SymantecCorporation-20160603-20180112",
|
||||
"roles": [{
|
||||
@ -417,7 +417,7 @@ class CertificatePrivateKey(AuthenticatedResource):
|
||||
Content-Type: text/javascript
|
||||
|
||||
{
|
||||
"key": "-----BEGIN ...",
|
||||
"key": "-----BEGIN ..."
|
||||
}
|
||||
|
||||
:reqheader Authorization: OAuth token to authenticate
|
||||
@ -495,7 +495,7 @@ class Certificates(AuthenticatedResource):
|
||||
"deleted": null,
|
||||
"notifications": [{
|
||||
"id": 1
|
||||
}]
|
||||
}],
|
||||
"signingAlgorithm": "sha256",
|
||||
"user": {
|
||||
"username": "jane",
|
||||
@ -509,7 +509,7 @@ class Certificates(AuthenticatedResource):
|
||||
"id": 1090,
|
||||
"name": "*.test.example.net"
|
||||
}],
|
||||
"rotation": True,
|
||||
"rotation": true,
|
||||
"rotationPolicy": {"name": "default"},
|
||||
"replaces": [],
|
||||
"replaced": [],
|
||||
@ -605,7 +605,7 @@ class Certificates(AuthenticatedResource):
|
||||
"description": "This is a google group based role created by Lemur",
|
||||
"name": "joe@example.com"
|
||||
}],
|
||||
"rotation": True,
|
||||
"rotation": true,
|
||||
"rotationPolicy": {"name": "default"},
|
||||
"san": null
|
||||
}
|
||||
@ -697,7 +697,7 @@ class NotificationCertificatesList(AuthenticatedResource):
|
||||
"deleted": null,
|
||||
"notifications": [{
|
||||
"id": 1
|
||||
}]
|
||||
}],
|
||||
"signingAlgorithm": "sha256",
|
||||
"user": {
|
||||
"username": "jane",
|
||||
@ -713,7 +713,7 @@ class NotificationCertificatesList(AuthenticatedResource):
|
||||
}],
|
||||
"replaces": [],
|
||||
"replaced": [],
|
||||
"rotation": True,
|
||||
"rotation": true,
|
||||
"rotationPolicy": {"name": "default"},
|
||||
"name": "WILDCARD.test.example.net-SymantecCorporation-20160603-20180112",
|
||||
"roles": [{
|
||||
@ -820,7 +820,7 @@ class CertificatesReplacementsList(AuthenticatedResource):
|
||||
}],
|
||||
"replaces": [],
|
||||
"replaced": [],
|
||||
"rotation": True,
|
||||
"rotation": true,
|
||||
"rotationPolicy": {"name": "default"},
|
||||
"name": "WILDCARD.test.example.net-SymantecCorporation-20160603-20180112",
|
||||
"roles": [{
|
||||
|
@ -9,7 +9,7 @@ THREADS_PER_PAGE = 8
|
||||
|
||||
# These will need to be set to `True` if you are developing locally
|
||||
CORS = False
|
||||
debug = False
|
||||
DEBUG = False
|
||||
|
||||
# Logging
|
||||
|
||||
|
@ -188,8 +188,10 @@ def install_plugins(app):
|
||||
|
||||
# ensure that we have some way to notify
|
||||
with app.app_context():
|
||||
slug = app.config.get("LEMUR_DEFAULT_NOTIFICATION_PLUGIN", "email-notification")
|
||||
try:
|
||||
slug = app.config.get("LEMUR_DEFAULT_NOTIFICATION_PLUGIN", "email-notification")
|
||||
plugins.get(slug)
|
||||
except KeyError:
|
||||
raise Exception("Unable to location notification plugin: {slug}. Ensure that LEMUR_DEFAULT_NOTIFICATION_PLUGIN is set to a valid and installed notification plugin.".format(slug=slug))
|
||||
raise Exception("Unable to location notification plugin: {slug}. Ensure that "
|
||||
"LEMUR_DEFAULT_NOTIFICATION_PLUGIN is set to a valid and installed notification plugin."
|
||||
.format(slug=slug))
|
||||
|
@ -375,7 +375,7 @@ class LemurServer(Command):
|
||||
|
||||
app = WSGIApplication()
|
||||
|
||||
# run startup tasks on a app like object
|
||||
# run startup tasks on an app like object
|
||||
validate_conf(current_app, REQUIRED_VARIABLES)
|
||||
|
||||
app.app_uri = 'lemur:create_app(config="{0}")'.format(current_app.config.get('CONFIG_PATH'))
|
||||
|
@ -143,7 +143,7 @@ def send_expiration_notifications(exclude):
|
||||
|
||||
def send_rotation_notification(certificate, notification_plugin=None):
|
||||
"""
|
||||
Sends a report to certificate owners when their certificate as been
|
||||
Sends a report to certificate owners when their certificate has been
|
||||
rotated.
|
||||
|
||||
:param certificate:
|
||||
|
@ -101,7 +101,7 @@ class IPlugin(local):
|
||||
Returns a list of tuples pointing to various resources for this plugin.
|
||||
>>> def get_resource_links(self):
|
||||
>>> return [
|
||||
>>> ('Documentation', 'http://lemury.readthedocs.org'),
|
||||
>>> ('Documentation', 'https://lemur.readthedocs.io'),
|
||||
>>> ('Bug Tracker', 'https://github.com/Netflix/lemur/issues'),
|
||||
>>> ('Source', 'https://github.com/Netflix/lemur'),
|
||||
>>> ]
|
||||
|
@ -98,7 +98,7 @@ def get_all_elbs_v2(**kwargs):
|
||||
@retry(retry_on_exception=retry_throttled, stop_max_attempt_number=7, wait_exponential_multiplier=1000)
|
||||
def get_listener_arn_from_endpoint(endpoint_name, endpoint_port, **kwargs):
|
||||
"""
|
||||
Get a listener ARN from a endpoint.
|
||||
Get a listener ARN from an endpoint.
|
||||
:param endpoint_name:
|
||||
:param endpoint_port:
|
||||
:return:
|
||||
|
@ -62,7 +62,7 @@ class LinuxDstPlugin(DestinationPlugin):
|
||||
"name": "exportType",
|
||||
"required": True,
|
||||
"value": "NGINX",
|
||||
"helpMessage": "Reference the docs for an explaination of each export type",
|
||||
"helpMessage": "Reference the docs for an explanation of each export type",
|
||||
"type": "select"
|
||||
}
|
||||
]
|
||||
|
@ -19,7 +19,7 @@ def copy_cert(cert_cn, dst_user, dst_priv, dst_priv_key, dst_host, dst_port, dst
|
||||
sftp = ssh.open_sftp()
|
||||
|
||||
# make the directory on the destination server
|
||||
# files will be in a a folder based on the cert_cn
|
||||
# files will be in a folder based on the cert_cn
|
||||
# example:
|
||||
# destination folder: /etc/nginx/certs/
|
||||
# files will go in: /etc/nginx/certs/your.cn.com/cert.pem
|
||||
|
@ -98,7 +98,7 @@ class OpenSSLExportPlugin(ExportPlugin):
|
||||
'name': 'passphrase',
|
||||
'type': 'str',
|
||||
'required': False,
|
||||
'helpMessage': 'If no passphrase is given one will be generated for you, we highly recommend this. Minimum length is 8.',
|
||||
'helpMessage': 'If no passphrase is given one will be generated for you, we highly recommend this.',
|
||||
'validation': ''
|
||||
},
|
||||
{
|
||||
@ -111,7 +111,7 @@ class OpenSSLExportPlugin(ExportPlugin):
|
||||
|
||||
def export(self, body, chain, key, options, **kwargs):
|
||||
"""
|
||||
Generates a Java Keystore or Truststore
|
||||
Generates a PKCS#12 archive.
|
||||
|
||||
:param key:
|
||||
:param chain:
|
||||
|
@ -113,7 +113,7 @@
|
||||
<span class="pull-right">{{ certificate.serialHex }}</span>
|
||||
</li>
|
||||
<li
|
||||
uib-tooltip="Lemur will attempt to check a certificates validity, this is used to track whether a certificate as been revoked"
|
||||
uib-tooltip="Lemur will attempt to check a certificates validity, this is used to track whether a certificate has been revoked"
|
||||
class="list-group-item">
|
||||
<strong>Validity</strong>
|
||||
<span class="pull-right">
|
||||
@ -179,7 +179,7 @@
|
||||
<ul class="list-group">
|
||||
<li class="list-group-item" ng-repeat="replaces in certificate.replaces">
|
||||
<strong>{{ replaces.name }}</strong>
|
||||
<p>{{ replaces.description}}</p>
|
||||
<p>{{ replaces.description }}</p>
|
||||
</li>
|
||||
</ul>
|
||||
</uib-tab>
|
||||
@ -221,4 +221,3 @@
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -45,7 +45,7 @@ angular.module('lemur')
|
||||
body: 'Unable to update! ' + response.data.message,
|
||||
timeout: 100000
|
||||
});
|
||||
domain.sensitive = domain.sensitive ? false : true;
|
||||
domain.sensitive = !domain.sensitive;
|
||||
});
|
||||
};
|
||||
|
||||
|
@ -95,7 +95,7 @@
|
||||
<div class="container">
|
||||
<p class="text-muted">
|
||||
<span>Lemur is broken regularly by <a href="https://github.com/Netflix/lemur.git">Netflix</a>.</span>
|
||||
<span class="pull-right">Confused? Check out our <a href="https://lemur.readthedocs.org/en/latest">docs</a>!</span>
|
||||
<span class="pull-right">Confused? Check out our <a href="https://lemur.readthedocs.io/en/latest">docs</a>!</span>
|
||||
</p>
|
||||
</div>
|
||||
</footer>
|
||||
|
Loading…
Reference in New Issue
Block a user