Merge pull request #1946 from castrapel/safer_reissue

safer reissue, fix celery sync job
This commit is contained in:
Curtis 2018-10-29 14:41:43 -07:00 committed by GitHub
commit baa73c7f3e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 35 additions and 3 deletions

View File

@ -238,7 +238,17 @@ def reissue(old_certificate_name, commit):
if not old_cert: if not old_cert:
for certificate in get_all_pending_reissue(): for certificate in get_all_pending_reissue():
try:
request_reissue(certificate, commit) request_reissue(certificate, commit)
except Exception as e:
sentry.captureException()
current_app.logger.exception(
"Error reissuing certificate: {}".format(certificate.name), exc_info=True)
print(
"[!] Failed to reissue certificates. Reason: {}".format(
e
)
)
else: else:
request_reissue(old_cert, commit) request_reissue(old_cert, commit)

View File

@ -210,4 +210,4 @@ def sync_source(source):
:return: :return:
""" """
current_app.logger.debug("Syncing source {}".format(source)) current_app.logger.debug("Syncing source {}".format(source))
sync([source], True) sync([source])

View File

@ -10,7 +10,7 @@ from sqlalchemy.orm import relationship
from sqlalchemy_utils import JSONType from sqlalchemy_utils import JSONType
from sqlalchemy_utils.types.arrow import ArrowType from sqlalchemy_utils.types.arrow import ArrowType
from lemur.certificates.models import get_or_increase_name from lemur.certificates.models import get_sequence
from lemur.common import defaults, utils from lemur.common import defaults, utils
from lemur.database import db from lemur.database import db
from lemur.models import pending_cert_source_associations, \ from lemur.models import pending_cert_source_associations, \
@ -19,6 +19,28 @@ from lemur.models import pending_cert_source_associations, \
from lemur.utils import Vault from lemur.utils import Vault
def get_or_increase_name(name, serial):
certificates = PendingCertificate.query.filter(PendingCertificate.name.ilike('{0}%'.format(name))).all()
if not certificates:
return name
serial_name = '{0}-{1}'.format(name, hex(int(serial))[2:].upper())
certificates = PendingCertificate.query.filter(PendingCertificate.name.ilike('{0}%'.format(serial_name))).all()
if not certificates:
return serial_name
ends = [0]
root, end = get_sequence(serial_name)
for cert in certificates:
root, end = get_sequence(cert.name)
if end:
ends.append(end)
return '{0}-{1}'.format(root, max(ends) + 1)
class PendingCertificate(db.Model): class PendingCertificate(db.Model):
__tablename__ = 'pending_certs' __tablename__ = 'pending_certs'
id = Column(Integer, primary_key=True) id = Column(Integer, primary_key=True)