Merge branch 'master' into master
This commit is contained in:
commit
dcf5ce0eec
|
@ -8,24 +8,21 @@
|
||||||
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
||||||
|
|
||||||
"""
|
"""
|
||||||
from itertools import groupby
|
|
||||||
from collections import defaultdict
|
from collections import defaultdict
|
||||||
|
from datetime import timedelta
|
||||||
|
from itertools import groupby
|
||||||
|
|
||||||
import arrow
|
import arrow
|
||||||
from datetime import timedelta
|
|
||||||
from flask import current_app
|
from flask import current_app
|
||||||
|
|
||||||
from sqlalchemy import and_
|
from sqlalchemy import and_
|
||||||
|
|
||||||
from lemur import database
|
from lemur import database
|
||||||
|
from lemur.certificates.models import Certificate
|
||||||
|
from lemur.certificates.schemas import certificate_notification_output_schema
|
||||||
|
from lemur.common.utils import windowed_query
|
||||||
from lemur.constants import FAILURE_METRIC_STATUS, SUCCESS_METRIC_STATUS
|
from lemur.constants import FAILURE_METRIC_STATUS, SUCCESS_METRIC_STATUS
|
||||||
from lemur.extensions import metrics, sentry
|
from lemur.extensions import metrics, sentry
|
||||||
from lemur.common.utils import windowed_query
|
|
||||||
|
|
||||||
from lemur.certificates.schemas import certificate_notification_output_schema
|
|
||||||
from lemur.certificates.models import Certificate
|
|
||||||
from lemur.pending_certificates.schemas import pending_certificate_output_schema
|
from lemur.pending_certificates.schemas import pending_certificate_output_schema
|
||||||
|
|
||||||
from lemur.plugins import plugins
|
from lemur.plugins import plugins
|
||||||
from lemur.plugins.utils import get_plugin_option
|
from lemur.plugins.utils import get_plugin_option
|
||||||
|
|
||||||
|
@ -74,10 +71,11 @@ def get_eligible_certificates(exclude=None):
|
||||||
notification_groups = []
|
notification_groups = []
|
||||||
|
|
||||||
for certificate in items:
|
for certificate in items:
|
||||||
notification = needs_notification(certificate)
|
notifications = needs_notification(certificate)
|
||||||
|
|
||||||
if notification:
|
if notifications:
|
||||||
notification_groups.append((notification, certificate))
|
for notification in notifications:
|
||||||
|
notification_groups.append((notification, certificate))
|
||||||
|
|
||||||
# group by notification
|
# group by notification
|
||||||
for notification, items in groupby(notification_groups, lambda x: x[0].label):
|
for notification, items in groupby(notification_groups, lambda x: x[0].label):
|
||||||
|
@ -133,11 +131,21 @@ def send_expiration_notifications(exclude):
|
||||||
notification_data.append(cert_data)
|
notification_data.append(cert_data)
|
||||||
security_data.append(cert_data)
|
security_data.append(cert_data)
|
||||||
|
|
||||||
|
notification_recipient = get_plugin_option('recipients', notification.options)
|
||||||
|
if notification_recipient:
|
||||||
|
notification_recipient = notification_recipient.split(",")
|
||||||
|
|
||||||
if send_notification('expiration', notification_data, [owner], notification):
|
if send_notification('expiration', notification_data, [owner], notification):
|
||||||
success += 1
|
success += 1
|
||||||
else:
|
else:
|
||||||
failure += 1
|
failure += 1
|
||||||
|
|
||||||
|
if notification_recipient and owner != notification_recipient and security_email != notification_recipient:
|
||||||
|
if send_notification('expiration', notification_data, notification_recipient, notification):
|
||||||
|
success += 1
|
||||||
|
else:
|
||||||
|
failure += 1
|
||||||
|
|
||||||
if send_notification('expiration', security_data, security_email, notification):
|
if send_notification('expiration', security_data, security_email, notification):
|
||||||
success += 1
|
success += 1
|
||||||
else:
|
else:
|
||||||
|
@ -228,6 +236,8 @@ def needs_notification(certificate):
|
||||||
now = arrow.utcnow()
|
now = arrow.utcnow()
|
||||||
days = (certificate.not_after - now).days
|
days = (certificate.not_after - now).days
|
||||||
|
|
||||||
|
notifications = []
|
||||||
|
|
||||||
for notification in certificate.notifications:
|
for notification in certificate.notifications:
|
||||||
if not notification.active or not notification.options:
|
if not notification.active or not notification.options:
|
||||||
return
|
return
|
||||||
|
@ -248,4 +258,5 @@ def needs_notification(certificate):
|
||||||
raise Exception("Invalid base unit for expiration interval: {0}".format(unit))
|
raise Exception("Invalid base unit for expiration interval: {0}".format(unit))
|
||||||
|
|
||||||
if days == interval:
|
if days == interval:
|
||||||
return notification
|
notifications.append(notification)
|
||||||
|
return notifications
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
aspy.yaml==1.1.1 # via pre-commit
|
aspy.yaml==1.1.1 # via pre-commit
|
||||||
bleach==3.0.2 # via readme-renderer
|
bleach==3.0.2 # via readme-renderer
|
||||||
cached-property==1.5.1 # via pre-commit
|
cached-property==1.5.1 # via pre-commit
|
||||||
certifi==2018.10.15 # via requests
|
certifi==2018.11.29 # via requests
|
||||||
cfgv==1.1.0 # via pre-commit
|
cfgv==1.1.0 # via pre-commit
|
||||||
chardet==3.0.4 # via requests
|
chardet==3.0.4 # via requests
|
||||||
docutils==0.14 # via readme-renderer
|
docutils==0.14 # via readme-renderer
|
||||||
|
|
|
@ -76,7 +76,7 @@ python-editor==1.0.3
|
||||||
pytz==2018.7
|
pytz==2018.7
|
||||||
pyyaml==3.13
|
pyyaml==3.13
|
||||||
raven[flask]==6.9.0
|
raven[flask]==6.9.0
|
||||||
redis==3.0.1
|
redis==2.10.6
|
||||||
requests-toolbelt==0.8.0
|
requests-toolbelt==0.8.0
|
||||||
requests[security]==2.20.1
|
requests[security]==2.20.1
|
||||||
retrying==1.3.3
|
retrying==1.3.3
|
||||||
|
|
|
@ -8,17 +8,17 @@ asn1crypto==0.24.0 # via cryptography
|
||||||
atomicwrites==1.2.1 # via pytest
|
atomicwrites==1.2.1 # via pytest
|
||||||
attrs==18.2.0 # via pytest
|
attrs==18.2.0 # via pytest
|
||||||
aws-xray-sdk==0.95 # via moto
|
aws-xray-sdk==0.95 # via moto
|
||||||
boto3==1.9.53 # via moto
|
boto3==1.9.60 # via moto
|
||||||
boto==2.49.0 # via moto
|
boto==2.49.0 # via moto
|
||||||
botocore==1.12.53 # via boto3, moto, s3transfer
|
botocore==1.12.60 # via boto3, moto, s3transfer
|
||||||
certifi==2018.10.15 # via requests
|
certifi==2018.11.29 # via requests
|
||||||
cffi==1.11.5 # via cryptography
|
cffi==1.11.5 # via cryptography
|
||||||
chardet==3.0.4 # via requests
|
chardet==3.0.4 # via requests
|
||||||
click==7.0 # via flask
|
click==7.0 # via flask
|
||||||
coverage==4.5.2
|
coverage==4.5.2
|
||||||
cryptography==2.4.2 # via moto
|
cryptography==2.4.2 # via moto
|
||||||
docker-pycreds==0.3.0 # via docker
|
docker-pycreds==0.4.0 # via docker
|
||||||
docker==3.5.1 # via moto
|
docker==3.6.0 # via moto
|
||||||
docutils==0.14 # via botocore
|
docutils==0.14 # via botocore
|
||||||
ecdsa==0.13 # via python-jose
|
ecdsa==0.13 # via python-jose
|
||||||
factory-boy==2.11.1
|
factory-boy==2.11.1
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
#
|
#
|
||||||
# pip-compile --no-index --output-file requirements.txt requirements.in
|
# pip-compile --no-index --output-file requirements.txt requirements.in
|
||||||
#
|
#
|
||||||
acme==0.28.0
|
acme==0.29.1
|
||||||
alembic-autogenerate-enums==0.0.2
|
alembic-autogenerate-enums==0.0.2
|
||||||
alembic==1.0.5 # via flask-migrate
|
alembic==1.0.5 # via flask-migrate
|
||||||
amqp==2.3.2 # via kombu
|
amqp==2.3.2 # via kombu
|
||||||
|
@ -13,12 +13,12 @@ arrow==0.12.1
|
||||||
asn1crypto==0.24.0 # via cryptography
|
asn1crypto==0.24.0 # via cryptography
|
||||||
asyncpool==1.0
|
asyncpool==1.0
|
||||||
bcrypt==3.1.4 # via flask-bcrypt, paramiko
|
bcrypt==3.1.4 # via flask-bcrypt, paramiko
|
||||||
billiard==3.5.0.4 # via celery
|
billiard==3.5.0.5 # via celery
|
||||||
blinker==1.4 # via flask-mail, flask-principal, raven
|
blinker==1.4 # via flask-mail, flask-principal, raven
|
||||||
boto3==1.9.53
|
boto3==1.9.60
|
||||||
botocore==1.12.53
|
botocore==1.12.60
|
||||||
celery[redis]==4.2.1
|
celery[redis]==4.2.1
|
||||||
certifi==2018.10.15
|
certifi==2018.11.29
|
||||||
cffi==1.11.5 # via bcrypt, cryptography, pynacl
|
cffi==1.11.5 # via bcrypt, cryptography, pynacl
|
||||||
chardet==3.0.4 # via requests
|
chardet==3.0.4 # via requests
|
||||||
click==7.0 # via flask
|
click==7.0 # via flask
|
||||||
|
@ -46,7 +46,7 @@ jinja2==2.10
|
||||||
jmespath==0.9.3 # via boto3, botocore
|
jmespath==0.9.3 # via boto3, botocore
|
||||||
josepy==1.1.0 # via acme
|
josepy==1.1.0 # via acme
|
||||||
jsonlines==1.2.0 # via cloudflare
|
jsonlines==1.2.0 # via cloudflare
|
||||||
kombu==4.2.1 # via celery
|
kombu==4.2.2 # via celery
|
||||||
lockfile==0.12.2
|
lockfile==0.12.2
|
||||||
mako==1.0.7 # via alembic
|
mako==1.0.7 # via alembic
|
||||||
markupsafe==1.1.0 # via jinja2, mako
|
markupsafe==1.1.0 # via jinja2, mako
|
||||||
|
@ -61,7 +61,7 @@ psycopg2==2.7.6.1
|
||||||
pyasn1-modules==0.2.2 # via python-ldap
|
pyasn1-modules==0.2.2 # via python-ldap
|
||||||
pyasn1==0.4.4 # via ndg-httpsclient, paramiko, pyasn1-modules, python-ldap
|
pyasn1==0.4.4 # via ndg-httpsclient, paramiko, pyasn1-modules, python-ldap
|
||||||
pycparser==2.19 # via cffi
|
pycparser==2.19 # via cffi
|
||||||
pyjwt==1.6.4
|
pyjwt==1.7.0
|
||||||
pynacl==1.3.0 # via paramiko
|
pynacl==1.3.0 # via paramiko
|
||||||
pyopenssl==18.0.0
|
pyopenssl==18.0.0
|
||||||
pyrfc3339==1.1 # via acme
|
pyrfc3339==1.1 # via acme
|
||||||
|
@ -77,7 +77,7 @@ requests[security]==2.20.1
|
||||||
retrying==1.3.3
|
retrying==1.3.3
|
||||||
s3transfer==0.1.13 # via boto3
|
s3transfer==0.1.13 # via boto3
|
||||||
six==1.11.0
|
six==1.11.0
|
||||||
sqlalchemy-utils==0.33.8
|
sqlalchemy-utils==0.33.9
|
||||||
sqlalchemy==1.2.14 # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
|
sqlalchemy==1.2.14 # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
|
||||||
tabulate==0.8.2
|
tabulate==0.8.2
|
||||||
urllib3==1.24.1 # via botocore, requests
|
urllib3==1.24.1 # via botocore, requests
|
||||||
|
|
Loading…
Reference in New Issue