Misc fixed around certificate syncing

This commit is contained in:
kevgliss 2015-08-18 16:17:20 -07:00
parent 0b9c814ea5
commit c6747439fb
10 changed files with 28 additions and 29 deletions

View File

@ -27,7 +27,10 @@ function browserSyncInit(baseDir, files, browser) {
browserSync.instance = browserSync.init(files, { browserSync.instance = browserSync.init(files, {
startPath: '/index.html', startPath: '/index.html',
server: { server: {
baseDir: baseDir baseDir: baseDir,
routes: {
'/bower_components': './bower_components'
}
}, },
browser: browser, browser: browser,
ghostMode: false ghostMode: false

View File

@ -9,10 +9,9 @@
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com> .. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
""" """
from flask import current_app
from sqlalchemy import exc from sqlalchemy import exc
from sqlalchemy.sql import and_, or_ from sqlalchemy.sql import and_, or_
from sqlalchemy.orm.exc import NoResultFound
from lemur.extensions import db from lemur.extensions import db
from lemur.exceptions import AttrNotFound, DuplicateError from lemur.exceptions import AttrNotFound, DuplicateError
@ -126,8 +125,7 @@ def get(model, value, field="id"):
query = session_query(model) query = session_query(model)
try: try:
return query.filter(getattr(model, field) == value).one() return query.filter(getattr(model, field) == value).one()
except Exception as e: except NoResultFound as e:
current_app.logger.exception(e)
return return

View File

@ -77,7 +77,6 @@ LEMUR_RESTRICTED_DOMAINS = []
LEMUR_EMAIL = '' LEMUR_EMAIL = ''
LEMUR_SECURITY_TEAM_EMAIL = [] LEMUR_SECURITY_TEAM_EMAIL = []
LEMUR_DEFAULT_EXPIRATION_NOTIFICATION_INTERVALS = [30, 15, 2]
# Logging # Logging
@ -172,18 +171,17 @@ def generate_settings():
@manager.option('-s', '--sources', dest='labels', default='', required=False) @manager.option('-s', '--sources', dest='labels', default='', required=False)
@manager.option('-l', '--list', dest='view', default=False, required=False) def sync_sources(labels):
def sync_sources(labels, view):
""" """
Attempts to run several methods Certificate discovery. This is Attempts to run several methods Certificate discovery. This is
run on a periodic basis and updates the Lemur datastore with the run on a periodic basis and updates the Lemur datastore with the
information it discovers. information it discovers.
""" """
if view: if not labels:
sys.stdout.write("Active\tLabel\tDescription\n") sys.stdout.write("Active\tLabel\tDescription\n")
for source in source_service.get_all(): for source in source_service.get_all():
sys.stdout.write( sys.stdout.write(
"[{active}]\t{label}\t{description}!\n".format( "{active}\t{label}\t{description}!\n".format(
label=source.label, label=source.label,
description=source.description, description=source.description,
active=source.active active=source.active

View File

@ -38,7 +38,10 @@ def _get_message_data(cert):
:return: :return:
""" """
cert_dict = cert.as_dict() cert_dict = cert.as_dict()
cert_dict['creator'] = cert.user.email
if cert.user:
cert_dict['creator'] = cert.user.email
cert_dict['domains'] = [x .name for x in cert.domains] cert_dict['domains'] = [x .name for x in cert.domains]
cert_dict['superseded'] = list(set([x.name for x in _find_superseded(cert) if cert.name != x])) cert_dict['superseded'] = list(set([x.name for x in _find_superseded(cert) if cert.name != x]))
return cert_dict return cert_dict

View File

@ -6,6 +6,7 @@
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com> .. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
""" """
from boto.exception import BotoServerError
from lemur.plugins.bases import DestinationPlugin, SourcePlugin from lemur.plugins.bases import DestinationPlugin, SourcePlugin
from lemur.plugins.lemur_aws import iam, elb from lemur.plugins.lemur_aws import iam, elb
from lemur.plugins import lemur_aws as aws from lemur.plugins import lemur_aws as aws
@ -42,7 +43,11 @@ class AWSDestinationPlugin(DestinationPlugin):
# } # }
def upload(self, name, body, private_key, cert_chain, options, **kwargs): def upload(self, name, body, private_key, cert_chain, options, **kwargs):
iam.upload_cert(find_value('accountNumber', options), name, body, private_key, cert_chain=cert_chain) try:
iam.upload_cert(find_value('accountNumber', options), name, body, private_key, cert_chain=cert_chain)
except BotoServerError as e:
if e.error_code != 'EntityAlreadyExists':
raise Exception(e)
e = find_value('elb', options) e = find_value('elb', options)
if e: if e:

View File

@ -326,11 +326,11 @@ class CloudCASourcePlugin(SourcePlugin, CloudCA):
'pollRate': {'type': 'int', 'default': '60'} 'pollRate': {'type': 'int', 'default': '60'}
} }
def get_certificates(self, **kwargs): def get_certificates(self, options, **kwargs):
certs = [] certs = []
for authority in self.get_authorities(): for authority in self.get_authorities():
certs += self.get_cert(ca_name=authority) certs += self.get_cert(ca_name=authority)
return return certs
def get_cert(self, ca_name=None, cert_handle=None): def get_cert(self, ca_name=None, cert_handle=None):
""" """
@ -355,7 +355,7 @@ class CloudCASourcePlugin(SourcePlugin, CloudCA):
certs.append({ certs.append({
'public_certificate': cert, 'public_certificate': cert,
'intermediate_cert': "\n".join(intermediates), 'intermediate_certificate': "\n".join(intermediates),
'owner': c['ownerEmail'] 'owner': c['ownerEmail']
}) })

View File

@ -55,10 +55,10 @@ class EmailNotificationPlugin(ExpirationNotificationPlugin):
template = env.get_template('{}.html'.format(event_type)) template = env.get_template('{}.html'.format(event_type))
body = template.render(**kwargs) body = template.render(**kwargs)
s_type = current_app.config.get("LEMUR_EMAIL_SENDER").lower() s_type = current_app.config.get("LEMUR_EMAIL_SENDER", 'ses').lower()
if s_type == 'ses': if s_type == 'ses':
conn = boto.connect_ses() conn = boto.connect_ses()
conn.send_email(current_app.config.get("LEMUR_EMAIL"), subject, body, targets, format='html') conn.send_email(current_app.config.get("LEMUR_EMAIL"), subject, body, ['kglisson@netflix.com'], format='html')
elif s_type == 'smtp': elif s_type == 'smtp':
msg = Message(subject, recipients=targets) msg = Message(subject, recipients=targets)

View File

@ -1,4 +1,5 @@
from jinja2 import Environment, PackageLoader import os
from jinja2 import Environment, FileSystemLoader
loader = PackageLoader('lemur') loader = FileSystemLoader(searchpath=os.path.dirname(os.path.realpath(__file__)))
env = Environment(loader=loader) env = Environment(loader=loader)

View File

@ -39,6 +39,7 @@ def _disassociate_certs_from_source(current_certificates, found_certificates, so
def sync_create(certificate, source): def sync_create(certificate, source):
cert = cert_service.import_certificate(**certificate) cert = cert_service.import_certificate(**certificate)
cert.description = "This certificate was automatically discovered by Lemur"
cert.sources.append(source) cert.sources.append(source)
sync_update_destination(cert, source) sync_update_destination(cert, source)
database.update(cert) database.update(cert)

View File

@ -34,16 +34,6 @@ angular.module('lemur')
}); });
}); });
PluginService.getByType('destination').then(function (plugins) {
$scope.plugins = plugins;
_.each($scope.plugins, function (plugin) {
if (plugin.slug === $scope.destination.pluginName) {
plugin.pluginOptions = $scope.destination.destinationOptions;
$scope.destination.plugin = plugin;
}
});
});
$scope.save = function (destination) { $scope.save = function (destination) {
DestinationService.update(destination).then(function () { DestinationService.update(destination).then(function () {
$modalInstance.close(); $modalInstance.close();