Infra
/
lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

introducing ACME_ADDITIONAL_ATTEMPTS

This commit is contained in:
Hossein Shafagh 2021-01-28 16:53:15 -08:00
parent 6eeafcf56b
commit c3e0597ef1
3 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lemur/common/celery.py
View File

@ -20,6 +20,7 @@ from flask import current_app
from lemur.authorities.service import get as get_authority
from lemur.certificates import cli as cli_certificate
from lemur.common.redis import RedisHandler
from lemur.constants import ACME_ADDITIONAL_ATTEMPTS
from lemur.destinations import service as destinations_service
from lemur.dns_providers import cli as cli_dns_providers
from lemur.endpoints import cli as cli_endpoints
@ -301,7 +302,7 @@ def fetch_acme_cert(id):
error_log["last_error"] = cert.get("last_error")
error_log["cn"] = pending_cert.cn
if pending_cert.number_attempts > 4:
if pending_cert.number_attempts > ACME_ADDITIONAL_ATTEMPTS:
error_log["message"] = "Deleting pending certificate"
send_pending_failure_notification(
pending_cert, notify_owner=pending_cert.notify

3
lemur/constants.py
View File

@ -12,6 +12,9 @@ NONSTANDARD_NAMING_TEMPLATE = "{issuer}-{not_before}-{not_after}"
SUCCESS_METRIC_STATUS = "success"
FAILURE_METRIC_STATUS = "failure"
# when ACME attempts to resolve a certificate try in total 3 times
ACME_ADDITIONAL_ATTEMPTS = 2
CERTIFICATE_KEY_TYPES = [
"RSA2048",
"RSA4096",

4
lemur/pending_certificates/cli.py
View File

@ -12,10 +12,12 @@ from flask import current_app
from flask_script import Manager
from lemur.authorities.service import get as get_authority
from lemur.constants import ACME_ADDITIONAL_ATTEMPTS
from lemur.notifications.messaging import send_pending_failure_notification
from lemur.pending_certificates import service as pending_certificate_service
from lemur.plugins.base import plugins
manager = Manager(usage="Handles pending certificate related tasks.")
@ -107,7 +109,7 @@ def fetch_all_acme():
error_log["last_error"] = cert.get("last_error")
error_log["cn"] = pending_cert.cn
if pending_cert.number_attempts > 4:
if pending_cert.number_attempts > ACME_ADDITIONAL_ATTEMPTS:
error_log["message"] = "Marking pending certificate as resolved"
send_pending_failure_notification(
pending_cert, notify_owner=pending_cert.notify