provisionelb creates certs. needs some cleanup and the rest of the glue

This commit is contained in:
Jeremy Heffner 2015-08-19 16:10:45 -07:00
parent 0b9c814ea5
commit ab7b0c442c
1 changed files with 67 additions and 0 deletions

View File

@ -480,6 +480,72 @@ def unlock(path=None):
sys.stdout.write("[+] Keys have been unencrypted!\n") sys.stdout.write("[+] Keys have been unencrypted!\n")
class ProvisionELB(Command):
"""
Creates and provisions a certificate on an ELB based on a json blob
"""
option_list = (
Option('-d', '--dns', dest='dns', required=True),
Option('-e', '--elb', dest='elb', required=True),
Option('-o', '--owner', dest='owner'),
Option('-a', '--authority', dest='authority', required=True),
Option('-s','--description', dest='description'),
Option('-t','--destinations', dest='destinations'),
Option('-n','--notifications', dest='notifications')
)
def run(self, dns, elb, owner, authority, description, destinations, notifications):
from lemur.certificates import service
from lemur.certificates.views import valid_authority
from flask import g
import lemur.users.service
# convert argument lists to arrays, or empty sets
destinations = [] if not destinations else destinations.split(',')
notifications = [] if not notifications else notifications.split(',')
# set a default description
description = u'Command line provisioned keypair' if not description else unicode(description)
#grab the user
g.user = lemur.users.service.get_by_username(owner)
if not g.user:
g.user = lemur.users.service.get_all()[0] ## get the first user
dns = dns.split(',')
# get the primary CN
cn = dns[0]
# IF there are more, add them as alternate name
extensions = {}
if len(dns) > 1:
sub_alt_names = []
for alt_name in dns[1:]:
sub_alt_names.append({'nameType': 'DNSName', 'value': unicode(alt_name)})
extensions['subAltNames'] = {'names': sub_alt_names}
sys.stdout.write("subNames: {}\n".format(extensions))
sys.stdout.write("cn: {} is a {}\n".format(cn, cn.__class__))
cert = service.create(authority=valid_authority({ "name": authority}), commonName=unicode(cn), extensions=extensions,
organization=u'Netflix',
organizationalUnit=u'Operations',
country=u'US',
state=u'California',
location=u'Los Gatos',
owner=unicode(owner),
description=description,
destinations=destinations,
notifications=notifications
)
sys.stdout.write("cert {}".format(cert))
def main(): def main():
manager.add_command("start", LemurServer()) manager.add_command("start", LemurServer())
manager.add_command("runserver", Server(host='127.0.0.1')) manager.add_command("runserver", Server(host='127.0.0.1'))
@ -489,6 +555,7 @@ def main():
manager.add_command("init", InitializeApp()) manager.add_command("init", InitializeApp())
manager.add_command("create_user", CreateUser()) manager.add_command("create_user", CreateUser())
manager.add_command("create_role", CreateRole()) manager.add_command("create_role", CreateRole())
manager.add_command("provision_elb", ProvisionELB())
manager.run() manager.run()