Adding better error handling around certificate rotation (#562)

This commit is contained in:
kevgliss 2016-12-05 15:12:55 -08:00 committed by GitHub
parent 9030aed8a4
commit e622a49b72
3 changed files with 11 additions and 3 deletions

View File

@ -372,9 +372,9 @@ class CertificatesUpload(AuthenticatedResource):
:statuscode 200: no error :statuscode 200: no error
""" """
data['creator'] = g.user
if data.get('destinations'): if data.get('destinations'):
if data.get('private_key'): if data.get('private_key'):
data['creator'] = g.user
return service.upload(**data) return service.upload(**data)
else: else:
raise Exception("Private key must be provided in order to upload certificate to AWS") raise Exception("Private key must be provided in order to upload certificate to AWS")

View File

@ -105,6 +105,7 @@ def rotate_certificate(endpoint, new_cert):
try: try:
endpoint.source.plugin.update_endpoint(endpoint, new_cert) endpoint.source.plugin.update_endpoint(endpoint, new_cert)
endpoint.certificate = new_cert endpoint.certificate = new_cert
database.update(endpoint)
except Exception as e: except Exception as e:
metrics.send('rotate_failure', 'counter', 1, metric_tags={'endpoint': endpoint.name}) metrics.send('rotate_failure', 'counter', 1, metric_tags={'endpoint': endpoint.name})
current_app.logger.exception(e) current_app.logger.exception(e)

View File

@ -21,7 +21,7 @@ def retry_throttled(exception):
:return: :return:
""" """
if isinstance(exception, botocore.exceptions.ClientError): if isinstance(exception, botocore.exceptions.ClientError):
if 'Throttling' in exception.message: if exception.response['Error']['Code'] == 'LoadBalancerNotFound':
return True return True
return False return False
@ -104,6 +104,7 @@ def describe_load_balancer_types(policies, **kwargs):
@sts_client('elb') @sts_client('elb')
@retry(retry_on_exception=retry_throttled, stop_max_attempt_number=7, wait_exponential_multiplier=1000)
def attach_certificate(name, port, certificate_id, **kwargs): def attach_certificate(name, port, certificate_id, **kwargs):
""" """
Attaches a certificate to a listener, throws exception Attaches a certificate to a listener, throws exception
@ -113,4 +114,10 @@ def attach_certificate(name, port, certificate_id, **kwargs):
:param port: :param port:
:param certificate_id: :param certificate_id:
""" """
return kwargs['client'].set_load_balancer_listener_ssl_certificate(LoadBalancerName=name, LoadBalancerPort=port, SSLCertificateId=certificate_id) try:
return kwargs['client'].set_load_balancer_listener_ssl_certificate(LoadBalancerName=name, LoadBalancerPort=port, SSLCertificateId=certificate_id)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'LoadBalancerNotFound':
current_app.logger.warning("Loadbalancer does not exist.")
else:
raise e