From c2158ff8fb284062afb70a2fef40fbbbc94092d9 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Mon, 25 Mar 2019 08:28:23 -0700
Subject: [PATCH] Add order URI during LE cert creation failure; Fail properly
 when invalid CA passed; Update reqs

---
 lemur/certificates/schemas.py      |  3 +++
 lemur/plugins/lemur_acme/plugin.py |  5 ++++-
 requirements-dev.txt               |  4 ++--
 requirements-docs.txt              | 31 +++++++++++++++---------------
 requirements-tests.txt             | 26 ++++++++++++-------------
 requirements.txt                   | 31 +++++++++++++++---------------
 6 files changed, 52 insertions(+), 48 deletions(-)

diff --git a/lemur/certificates/schemas.py b/lemur/certificates/schemas.py
index d20fd5a7..f790d92f 100644
--- a/lemur/certificates/schemas.py
+++ b/lemur/certificates/schemas.py
@@ -96,6 +96,9 @@ class CertificateInputSchema(CertificateCreationSchema):
 
     @validates_schema
     def validate_authority(self, data):
+        if isinstance(data['authority'], str):
+            raise ValidationError("Authority not found.")
+
         if not data['authority'].active:
             raise ValidationError("The authority is inactive.", ['authority'])
 
diff --git a/lemur/plugins/lemur_acme/plugin.py b/lemur/plugins/lemur_acme/plugin.py
index 66295ed2..59cde380 100644
--- a/lemur/plugins/lemur_acme/plugin.py
+++ b/lemur/plugins/lemur_acme/plugin.py
@@ -459,7 +459,10 @@ class ACMEIssuerPlugin(IssuerPlugin):
                     "pending_cert": entry["pending_cert"],
                 })
             except (PollError, AcmeError, Exception) as e:
-                current_app.logger.error("Unable to resolve pending cert: {}".format(pending_cert), exc_info=True)
+                order_url = order.uri
+                current_app.logger.error(
+                    "Unable to resolve pending cert: {}. "
+                    "Check out {} for more information.".format(pending_cert, order_url), exc_info=True)
                 certs.append({
                     "cert": False,
                     "pending_cert": entry["pending_cert"],
diff --git a/requirements-dev.txt b/requirements-dev.txt
index e67aea64..37202d97 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -6,7 +6,7 @@
 #
 aspy.yaml==1.2.0          # via pre-commit
 bleach==3.1.0             # via readme-renderer
-certifi==2018.11.29       # via requests
+certifi==2019.3.9         # via requests
 cfgv==1.5.0               # via pre-commit
 chardet==3.0.4            # via requests
 docutils==0.14            # via readme-renderer
@@ -23,7 +23,7 @@ pre-commit==1.14.4
 pycodestyle==2.3.1        # via flake8
 pyflakes==1.6.0           # via flake8
 pygments==2.3.1           # via readme-renderer
-pyyaml==5.1b3
+pyyaml==5.1
 readme-renderer==24.0     # via twine
 requests-toolbelt==0.9.1  # via twine
 requests==2.21.0          # via requests-toolbelt, twine
diff --git a/requirements-docs.txt b/requirements-docs.txt
index e936c197..40cd73de 100644
--- a/requirements-docs.txt
+++ b/requirements-docs.txt
@@ -4,12 +4,12 @@
 #
 #    pip-compile --output-file requirements-docs.txt requirements-docs.in -U --no-index
 #
-acme==0.31.0
+acme==0.32.0
 alabaster==0.7.12         # via sphinx
 alembic-autogenerate-enums==0.0.2
 alembic==1.0.8
 amqp==2.4.2
-aniso8601==5.1.0
+aniso8601==6.0.0
 arrow==0.13.1
 asn1crypto==0.24.0
 asyncpool==1.0
@@ -17,10 +17,10 @@ babel==2.6.0              # via sphinx
 bcrypt==3.1.6
 billiard==3.5.0.5
 blinker==1.4
-boto3==1.9.107
-botocore==1.12.107
-celery[redis]==4.2.1
-certifi==2018.11.29
+boto3==1.9.120
+botocore==1.12.120
+celery[redis]==4.2.2
+certifi==2019.3.9
 certsrv==2.1.1
 cffi==1.12.2
 chardet==3.0.4
@@ -52,16 +52,16 @@ josepy==1.1.0
 jsonlines==1.2.0
 kombu==4.3.0
 lockfile==0.12.2
-mako==1.0.7
+mako==1.0.8
 markupsafe==1.1.1
-marshmallow-sqlalchemy==0.16.0
-marshmallow==2.18.1
+marshmallow-sqlalchemy==0.16.1
+marshmallow==2.19.1
 mock==2.0.0
 ndg-httpsclient==0.5.1
 packaging==19.0           # via sphinx
 paramiko==2.4.2
 pbr==5.1.3
-pem==18.2.0
+pem==19.1.0
 psycopg2==2.7.7
 pyasn1-modules==0.2.4
 pyasn1==0.4.5
@@ -75,10 +75,9 @@ pyrfc3339==1.1
 python-dateutil==2.8.0
 python-editor==1.0.4
 pytz==2018.9
-pyyaml==5.1b3
+pyyaml==5.1
 raven[flask]==6.10.0
 redis==2.10.6
-relativetimebuilder==0.2.0
 requests-toolbelt==0.9.1
 requests[security]==2.21.0
 retrying==1.3.3
@@ -86,13 +85,13 @@ s3transfer==0.2.0
 six==1.12.0
 snowballstemmer==1.2.1    # via sphinx
 sphinx-rtd-theme==0.4.3
-sphinx==1.8.4
+sphinx==1.8.5
 sphinxcontrib-httpdomain==1.7.0
 sphinxcontrib-websupport==1.1.0  # via sphinx
 sqlalchemy-utils==0.33.11
-sqlalchemy==1.3.0
+sqlalchemy==1.3.1
 tabulate==0.8.3
 urllib3==1.24.1
-vine==1.2.0
-werkzeug==0.14.1
+vine==1.3.0
+werkzeug==0.15.1
 xmltodict==0.12.0
diff --git a/requirements-tests.txt b/requirements-tests.txt
index 55e38cbf..ed48cfdd 100644
--- a/requirements-tests.txt
+++ b/requirements-tests.txt
@@ -8,21 +8,21 @@ asn1crypto==0.24.0        # via cryptography
 atomicwrites==1.3.0       # via pytest
 attrs==19.1.0             # via pytest
 aws-xray-sdk==0.95        # via moto
-boto3==1.9.107            # via moto
+boto3==1.9.120            # via moto
 boto==2.49.0              # via moto
-botocore==1.12.107        # via boto3, moto, s3transfer
-certifi==2018.11.29       # via requests
+botocore==1.12.120        # via boto3, moto, s3transfer
+certifi==2019.3.9         # via requests
 cffi==1.12.2              # via cryptography
 chardet==3.0.4            # via requests
 click==7.0                # via flask
-coverage==4.5.2
+coverage==4.5.3
 cryptography==2.6.1       # via moto
 docker-pycreds==0.4.0     # via docker
-docker==3.7.0             # via moto
+docker==3.7.1             # via moto
 docutils==0.14            # via botocore
 ecdsa==0.13               # via python-jose
 factory-boy==2.11.1
-faker==1.0.2
+faker==1.0.4
 flask==1.0.2              # via pytest-flask
 freezegun==0.3.11
 future==0.17.1            # via python-jose
@@ -42,23 +42,23 @@ pluggy==0.9.0             # via pytest
 py==1.8.0                 # via pytest
 pyaml==18.11.0            # via moto
 pycparser==2.19           # via cffi
-pycryptodome==3.7.3       # via python-jose
+pycryptodome==3.8.0       # via python-jose
 pyflakes==2.1.1
 pytest-flask==0.14.0
-pytest-mock==1.10.1
-pytest==4.3.0
+pytest-mock==1.10.2
+pytest==4.3.1
 python-dateutil==2.8.0    # via botocore, faker, freezegun, moto
 python-jose==2.0.2        # via moto
 pytz==2018.9              # via moto
-pyyaml==5.1b3
+pyyaml==5.1
 requests-mock==1.5.2
 requests==2.21.0          # via aws-xray-sdk, docker, moto, requests-mock, responses
-responses==0.10.5         # via moto
+responses==0.10.6         # via moto
 s3transfer==0.2.0         # via boto3
 six==1.12.0               # via cryptography, docker, docker-pycreds, faker, freezegun, mock, moto, pytest, python-dateutil, python-jose, requests-mock, responses, websocket-client
 text-unidecode==1.2       # via faker
 urllib3==1.24.1           # via botocore, requests
-websocket-client==0.55.0  # via docker
-werkzeug==0.14.1          # via flask, moto, pytest-flask
+websocket-client==0.56.0  # via docker
+werkzeug==0.15.1          # via flask, moto, pytest-flask
 wrapt==1.11.1             # via aws-xray-sdk
 xmltodict==0.12.0         # via moto
diff --git a/requirements.txt b/requirements.txt
index 2aa5f157..9adbdf37 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -4,21 +4,21 @@
 #
 #    pip-compile --output-file requirements.txt requirements.in -U --no-index
 #
-acme==0.31.0
+acme==0.32.0
 alembic-autogenerate-enums==0.0.2
 alembic==1.0.8            # via flask-migrate
 amqp==2.4.2               # via kombu
-aniso8601==5.1.0          # via flask-restful, relativetimebuilder
+aniso8601==6.0.0          # via flask-restful
 arrow==0.13.1
 asn1crypto==0.24.0        # via cryptography
 asyncpool==1.0
 bcrypt==3.1.6             # via flask-bcrypt, paramiko
 billiard==3.5.0.5         # via celery
 blinker==1.4              # via flask-mail, flask-principal, raven
-boto3==1.9.107
-botocore==1.12.107
-celery[redis]==4.2.1
-certifi==2018.11.29
+boto3==1.9.120
+botocore==1.12.120
+celery[redis]==4.2.2
+certifi==2019.3.9
 certsrv==2.1.1
 cffi==1.12.2              # via bcrypt, cryptography, pynacl
 chardet==3.0.4            # via requests
@@ -49,15 +49,15 @@ josepy==1.1.0             # via acme
 jsonlines==1.2.0          # via cloudflare
 kombu==4.3.0
 lockfile==0.12.2
-mako==1.0.7               # via alembic
+mako==1.0.8               # via alembic
 markupsafe==1.1.1         # via jinja2, mako
-marshmallow-sqlalchemy==0.16.0
-marshmallow==2.18.1
+marshmallow-sqlalchemy==0.16.1
+marshmallow==2.19.1
 mock==2.0.0               # via acme
 ndg-httpsclient==0.5.1
 paramiko==2.4.2
 pbr==5.1.3                # via mock
-pem==18.2.0
+pem==19.1.0
 psycopg2==2.7.7
 pyasn1-modules==0.2.4     # via python-ldap
 pyasn1==0.4.5             # via ndg-httpsclient, paramiko, pyasn1-modules, python-ldap
@@ -68,21 +68,20 @@ pyopenssl==19.0.0
 pyrfc3339==1.1            # via acme
 python-dateutil==2.8.0    # via alembic, arrow, botocore
 python-editor==1.0.4      # via alembic
-python-ldap==3.1.0
+python-ldap==3.2.0
 pytz==2018.9              # via acme, celery, flask-restful, pyrfc3339
-pyyaml==5.1b3
+pyyaml==5.1
 raven[flask]==6.10.0
 redis==2.10.6
-relativetimebuilder==0.2.0  # via aniso8601
 requests-toolbelt==0.9.1  # via acme
 requests[security]==2.21.0
 retrying==1.3.3
 s3transfer==0.2.0         # via boto3
 six==1.12.0
 sqlalchemy-utils==0.33.11
-sqlalchemy==1.3.0         # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
+sqlalchemy==1.3.1         # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
 tabulate==0.8.3
 urllib3==1.24.1           # via botocore, requests
-vine==1.2.0               # via amqp
-werkzeug==0.14.1          # via flask
+vine==1.3.0               # via amqp
+werkzeug==0.15.1          # via flask
 xmltodict==0.12.0