Infra
/
lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

creating a cli to handle entrust deactivation

This commit is contained in:
Hossein Shafagh 2020-10-21 19:52:51 -07:00
parent 906b3b2337
commit a4dba0cb35
1 changed files with 41 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
lemur/certificates/cli.py
View File

@ -735,3 +735,44 @@ def automatically_enable_autorotate():
}) })
cert.rotation = True cert.rotation = True
database.update(cert) database.update(cert)
@manager.command
def deactivate_entrust_certificates():
"""
Attempt to deactivate test certificates issued by Entrust
"""
log_data = {
"function": f"{__name__}.{sys._getframe().f_code.co_name}",
"message": "Deactivating Entrust certificates"
}
certificates = get_all_valid_certs(['entrust-issuer'])
entrust_plugin = plugins.get('entrust-issuer')
for cert in certificates:
try:
response = entrust_plugin.deactivate_certificate(cert)
if response == 200:
cert.status = "revoked"
else:
cert.status = "unknown"
log_data["valid"] = cert.status
log_data["certificate_name"] = cert.name
log_data["certificate_id"] = cert.id
metrics.send(
"certificate_deactivate",
"counter",
1,
metric_tags={"status": log_data["valid"],
"certificate_name": log_data["certificate_name"],
"certificate_id": log_data["certificate_id"]},
)
current_app.logger.info(log_data)
database.update(cert)
except Exception as e:
sentry.captureException()
current_app.logger.exception(e)