diff --git a/lemur/plugins/lemur_aws/plugin.py b/lemur/plugins/lemur_aws/plugin.py index b54787ac..fcc2e0cf 100644 --- a/lemur/plugins/lemur_aws/plugin.py +++ b/lemur/plugins/lemur_aws/plugin.py @@ -419,7 +419,7 @@ class S3DestinationPlugin(ExportDestinationPlugin): :param kwargs: :return: """ - current_app.logger.debug("S3 destination plugin is started for HTTP-01 challenge") + current_app.logger.debug("S3 destination plugin is started to upload HTTP-01 challenge") function = f"{__name__}.{sys._getframe().f_code.co_name}" @@ -431,16 +431,16 @@ class S3DestinationPlugin(ExportDestinationPlugin): if not prefix.endswith("/"): prefix + "/" - res = s3.put(bucket_name=bucket_name, - region_name=region, - prefix=prefix + filename, - data=token, - encrypt=False, - account_number=account_number) - res = "Success" if res else "Failure" + response = s3.put(bucket_name=bucket_name, + region_name=region, + prefix=prefix + filename, + data=token, + encrypt=False, + account_number=account_number) + res = "Success" if response else "Failure" log_data = { "function": function, - "message": "check if any valid certificate is revoked", + "message": "upload acme token challenge", "result": res, "bucket_name": bucket_name, "filename": filename @@ -449,6 +449,34 @@ class S3DestinationPlugin(ExportDestinationPlugin): metrics.send(f"{function}", "counter", 1, metric_tags={"result": res, "bucket_name": bucket_name, "filename": filename}) + return response + + def delete_acme_token(self, token_path, options, **kwargs): + + current_app.logger.debug("S3 destination plugin is started to delete HTTP-01 challenge") + + function = f"{__name__}.{sys._getframe().f_code.co_name}" + + account_number = self.get_option("accountNumber", options) + bucket_name = self.get_option("bucket", options) + prefix = self.get_option("prefix", options) + filename = token_path.split("/")[-1] + response = s3.delete(bucket_name=bucket_name, + prefixed_object_name=prefix + filename, + account_number=account_number) + res = "Success" if response else "Failure" + log_data = { + "function": function, + "message": "delete acme token challenge", + "result": res, + "bucket_name": bucket_name, + "filename": filename + } + current_app.logger.info(log_data) + metrics.send(f"{function}", "counter", 1, metric_tags={"result": res, + "bucket_name": bucket_name, + "filename": filename}) + return response class SNSNotificationPlugin(ExpirationNotificationPlugin): diff --git a/lemur/plugins/lemur_aws/tests/test_plugin.py b/lemur/plugins/lemur_aws/tests/test_plugin.py index be9b14fd..e032cf02 100644 --- a/lemur/plugins/lemur_aws/tests/test_plugin.py +++ b/lemur/plugins/lemur_aws/tests/test_plugin.py @@ -68,10 +68,11 @@ def test_upload_acme_token(app): s3_client.create_bucket(Bucket=bucket) p = plugins.get("aws-s3") - p.upload_acme_token(token_path=token_path, - token_content=token_content, - token=token_content, - options=additional_options) + response = p.upload_acme_token(token_path=token_path, + token_content=token_content, + token=token_content, + options=additional_options) + assert response response = get(bucket_name=bucket, prefixed_object_name=prefix + token_name, @@ -80,3 +81,8 @@ def test_upload_acme_token(app): # put data, and getting the same data assert (response == token_content) + + response = p.delete_acme_token(token_path=token_path, + options=additional_options, + account_number=account) + assert response