Adding better error handling around certificate rotation (#562)
This commit is contained in:
parent
9030aed8a4
commit
e622a49b72
|
@ -372,9 +372,9 @@ class CertificatesUpload(AuthenticatedResource):
|
||||||
:statuscode 200: no error
|
:statuscode 200: no error
|
||||||
|
|
||||||
"""
|
"""
|
||||||
|
data['creator'] = g.user
|
||||||
if data.get('destinations'):
|
if data.get('destinations'):
|
||||||
if data.get('private_key'):
|
if data.get('private_key'):
|
||||||
data['creator'] = g.user
|
|
||||||
return service.upload(**data)
|
return service.upload(**data)
|
||||||
else:
|
else:
|
||||||
raise Exception("Private key must be provided in order to upload certificate to AWS")
|
raise Exception("Private key must be provided in order to upload certificate to AWS")
|
||||||
|
|
|
@ -105,6 +105,7 @@ def rotate_certificate(endpoint, new_cert):
|
||||||
try:
|
try:
|
||||||
endpoint.source.plugin.update_endpoint(endpoint, new_cert)
|
endpoint.source.plugin.update_endpoint(endpoint, new_cert)
|
||||||
endpoint.certificate = new_cert
|
endpoint.certificate = new_cert
|
||||||
|
database.update(endpoint)
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
metrics.send('rotate_failure', 'counter', 1, metric_tags={'endpoint': endpoint.name})
|
metrics.send('rotate_failure', 'counter', 1, metric_tags={'endpoint': endpoint.name})
|
||||||
current_app.logger.exception(e)
|
current_app.logger.exception(e)
|
||||||
|
|
|
@ -21,7 +21,7 @@ def retry_throttled(exception):
|
||||||
:return:
|
:return:
|
||||||
"""
|
"""
|
||||||
if isinstance(exception, botocore.exceptions.ClientError):
|
if isinstance(exception, botocore.exceptions.ClientError):
|
||||||
if 'Throttling' in exception.message:
|
if exception.response['Error']['Code'] == 'LoadBalancerNotFound':
|
||||||
return True
|
return True
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
@ -104,6 +104,7 @@ def describe_load_balancer_types(policies, **kwargs):
|
||||||
|
|
||||||
|
|
||||||
@sts_client('elb')
|
@sts_client('elb')
|
||||||
|
@retry(retry_on_exception=retry_throttled, stop_max_attempt_number=7, wait_exponential_multiplier=1000)
|
||||||
def attach_certificate(name, port, certificate_id, **kwargs):
|
def attach_certificate(name, port, certificate_id, **kwargs):
|
||||||
"""
|
"""
|
||||||
Attaches a certificate to a listener, throws exception
|
Attaches a certificate to a listener, throws exception
|
||||||
|
@ -113,4 +114,10 @@ def attach_certificate(name, port, certificate_id, **kwargs):
|
||||||
:param port:
|
:param port:
|
||||||
:param certificate_id:
|
:param certificate_id:
|
||||||
"""
|
"""
|
||||||
return kwargs['client'].set_load_balancer_listener_ssl_certificate(LoadBalancerName=name, LoadBalancerPort=port, SSLCertificateId=certificate_id)
|
try:
|
||||||
|
return kwargs['client'].set_load_balancer_listener_ssl_certificate(LoadBalancerName=name, LoadBalancerPort=port, SSLCertificateId=certificate_id)
|
||||||
|
except botocore.exceptions.ClientError as e:
|
||||||
|
if e.response['Error']['Code'] == 'LoadBalancerNotFound':
|
||||||
|
current_app.logger.warning("Loadbalancer does not exist.")
|
||||||
|
else:
|
||||||
|
raise e
|
||||||
|
|
Loading…
Reference in New Issue