From a6360ebfe53eec77f7224b811ceac38807474fd9 Mon Sep 17 00:00:00 2001 From: kevgliss Date: Tue, 1 Nov 2016 14:24:45 -0700 Subject: [PATCH] Adding pending certificate metric. (#473) --- lemur/__init__.py | 2 +- lemur/manage.py | 49 +++++--------------------- lemur/plugins/lemur_verisign/plugin.py | 19 ++++++++++ 3 files changed, 29 insertions(+), 41 deletions(-) diff --git a/lemur/__init__.py b/lemur/__init__.py index 3c8923a5..cb05a768 100644 --- a/lemur/__init__.py +++ b/lemur/__init__.py @@ -82,5 +82,5 @@ def configure_hook(app): return response return json_handler - for code in default_exceptions.iterkeys(): + for code, value in default_exceptions.items(): app.error_handler_spec[None][code] = make_json_handler(code) diff --git a/lemur/manage.py b/lemur/manage.py index 5c5c4a6e..1fd5601b 100755 --- a/lemur/manage.py +++ b/lemur/manage.py @@ -7,7 +7,6 @@ import os import sys import base64 import time -import arrow import requests import json @@ -770,46 +769,17 @@ def publish_verisign_units(): requests.post('http://localhost:8078/metrics', data=json.dumps(metric)) -class Rolling(Command): +@manager.command +def publish_unapproved_verisign_certificates(): """ - Rotates existing certificates to a new one on an ELB + Query the Verisign for any certificates that need to be approved. + :return: """ - option_list = ( - Option('-w', '--window', dest='window', default=24), - ) - - def run(self, window): - """ - Simple function that queries verisign for API units and posts the mertics to - Atlas API for other teams to consume. - :return: - """ - end = arrow.utcnow() - start = end.replace(hours=-window) - items = Certificate.query.filter(Certificate.not_before <= end.format('YYYY-MM-DD')) \ - .filter(Certificate.not_before >= start.format('YYYY-MM-DD')).all() - - metrics = {} - for i in items: - name = "{0},{1}".format(i.owner, i.issuer) - if metrics.get(name): - metrics[name] += 1 - else: - metrics[name] = 1 - - for name, value in metrics.iteritems(): - owner, issuer = name.split(",") - metric = [ - { - "timestamp": 1321351651, - "type": "GAUGE", - "name": "Issued Certificates", - "tags": {"owner": owner, "issuer": issuer, "window": window}, - "value": value - } - ] - - requests.post('http://localhost:8078/metrics', data=json.dumps(metric)) + from lemur.plugins import plugins + from lemur.extensions import metrics + v = plugins.get('verisign-issuer') + certs = v.get_pending_certificates() + metrics.send('pending_certificates', 'gauge', certs) class Report(Command): @@ -951,7 +921,6 @@ def main(): manager.add_command("create_role", CreateRole()) manager.add_command("provision_elb", ProvisionELB()) manager.add_command("rotate_elbs", RotateELBs()) - manager.add_command("rolling", Rolling()) manager.add_command("sources", Sources()) manager.add_command("report", Report()) manager.run() diff --git a/lemur/plugins/lemur_verisign/plugin.py b/lemur/plugins/lemur_verisign/plugin.py index c8042a89..b2ea30bc 100644 --- a/lemur/plugins/lemur_verisign/plugin.py +++ b/lemur/plugins/lemur_verisign/plugin.py @@ -188,6 +188,25 @@ class VerisignIssuerPlugin(IssuerPlugin): response = self.session.post(url, headers={'content-type': 'application/x-www-form-urlencoded'}) return handle_response(response.content)['Response']['Order'] + def get_pending_certificates(self): + """ + Uses Verisign to fetch the number of certificate awaiting approval. + + :return: + """ + url = current_app.config.get("VERISIGN_URL") + '/reportingws' + + end = arrow.now() + start = end.replace(days=-7) + data = { + 'reportType': 'summary', + 'certProductType': 'Server', + 'startDate': start.format("MM/DD/YYYY"), + 'endDate': end.format("MM/DD/YYYY"), + } + response = self.session.post(url, data=data) + return response.json()['certificateSummary'][0]['Pending'] + class VerisignSourcePlugin(SourcePlugin): title = 'Verisign'