Merge branch 'powerdnsplugin_01' of github.com:Netflix/lemur into powerdnsplugin_01

2020-02-03 19:04:05 -08:00
parent 53f81fb09f fecb5b6252
commit c38e651eb0
16 changed files with 129 additions and 24 deletions
--- a/lemur/auth/ldap.py
+++ b/lemur/auth/ldap.py
@ -105,7 +105,7 @@ class LdapPrincipal:
            role = role_service.get_by_name(self.ldap_default_role)
            if role:
                if not role.third_party:
-                    role = role.set_third_party(role.id, third_party_status=True)
+                    role = role_service.set_third_party(role.id, third_party_status=True)
                roles.add(role)

        # update their 'roles'
--- a/lemur/certificates/schemas.py
+++ b/lemur/certificates/schemas.py
@ -119,6 +119,9 @@ class CertificateInputSchema(CertificateCreationSchema):

    @validates_schema
    def validate_authority(self, data):
+        if 'authority' not in data:
+            raise ValidationError("Missing Authority.")
+
        if isinstance(data["authority"], str):
            raise ValidationError("Authority not found.")

--- a/lemur/dns_providers/cli.py
+++ b/lemur/dns_providers/cli.py
@ -1,8 +1,10 @@
 from flask_script import Manager

+import sys
+
 from lemur.constants import SUCCESS_METRIC_STATUS
 from lemur.dns_providers.service import get_all_dns_providers, set_domains
-from lemur.extensions import metrics
+from lemur.extensions import metrics, sentry
 from lemur.plugins.base import plugins

 manager = Manager(
@ -19,13 +21,20 @@ def get_all_zones():
    dns_providers = get_all_dns_providers()
    acme_plugin = plugins.get("acme-issuer")

+    function = f"{__name__}.{sys._getframe().f_code.co_name}"
+    log_data = {
+        "function": function,
+        "message": "",
+    }
+
    for dns_provider in dns_providers:
        try:
            zones = acme_plugin.get_all_zones(dns_provider)
            set_domains(dns_provider, zones)
        except Exception as e:
            print("[+] Error with DNS Provider {}: {}".format(dns_provider.name, e))
-            set_domains(dns_provider, [])
+            log_data["message"] = f"get all zones failed for {dns_provider} {e}."
+            sentry.captureException(extra=log_data)

    status = SUCCESS_METRIC_STATUS

--- a/lemur/plugins/lemur_adcs/plugin.py
+++ b/lemur/plugins/lemur_adcs/plugin.py
@ -46,7 +46,7 @@ class ADCSIssuerPlugin(IssuerPlugin):
        )
        current_app.logger.info("Requesting CSR: {0}".format(csr))
        current_app.logger.info("Issuer options: {0}".format(issuer_options))
-        cert, req_id = (
+        cert = (
            ca_server.get_cert(csr, adcs_template, encoding="b64")
            .decode("utf-8")
            .replace("\r\n", "\n")
@ -54,7 +54,7 @@ class ADCSIssuerPlugin(IssuerPlugin):
        chain = (
            ca_server.get_ca_cert(encoding="b64").decode("utf-8").replace("\r\n", "\n")
        )
-        return cert, chain, req_id
+        return cert, chain, None

    def revoke_certificate(self, certificate, comments):
        raise NotImplementedError("Not implemented\n", self, certificate, comments)
--- a/lemur/plugins/lemur_aws/plugin.py
+++ b/lemur/plugins/lemur_aws/plugin.py
@ -212,7 +212,7 @@ class AWSSourcePlugin(SourcePlugin):
        if not regions:
            regions = ec2.get_regions(account_number=account_number)
        else:
-            regions = regions.split(",")
+            regions = "".join(regions.split()).split(",")

        for region in regions:
            elbs = elb.get_all_elbs(account_number=account_number, region=region)