Infra
/
lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

exclude revoked certs from default to auto-rotate

This commit is contained in:
Hossein Shafagh 2021-03-04 19:11:20 -08:00
parent cf7de0aa59
commit e530664da6
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lemur/certificates/service.py
View File

@ -153,6 +153,7 @@ def get_all_certs_attached_to_endpoint_without_autorotate():
return ( return (
Certificate.query.filter(Certificate.endpoints.any()) Certificate.query.filter(Certificate.endpoints.any())
.filter(Certificate.rotation == false()) .filter(Certificate.rotation == false())
.filter(Certificate.revoked == false())
.filter(Certificate.not_after >= arrow.now()) .filter(Certificate.not_after >= arrow.now())
.filter(not_(Certificate.replaced.any())) .filter(not_(Certificate.replaced.any()))
.all() # noqa .all() # noqa