Commit Graph

750 Commits

Author SHA1 Message Date
kevgliss
b3aa057d58 Upgrade deps. (#517) 2016-11-21 14:29:20 -08:00
kevgliss
dd6d332166 Removing python2 compatibility. (#518) 2016-11-21 14:03:04 -08:00
kevgliss
6eca2eb147 Re-working the way audit logs work.
* Adding more checks.
2016-11-21 11:28:11 -08:00
kevgliss
744e204817 Initial work on #74. (#514)
* Initial work on #74.

* Fixing tests.

* Adding migration script.

* Excluding migrations from coverage report.
2016-11-21 09:19:14 -08:00
kevgliss
d45e7d6b85 [WIP] - 422 elb rotate (#493)
* Initial work on certificate rotation.

* Adding ability to get additional certificate info.

* - Adding endpoint rotation.
- Removes the g requirement from all services to enable easier testing.
2016-11-18 11:27:46 -08:00
kevgliss
6fd47edbe3 Adds the ability to clone existing certificates. (#513) 2016-11-17 16:19:52 -08:00
kevgliss
a616310eb7 Fixing an issue were aws certificates plugins might not have a chain. (#512) 2016-11-17 14:47:10 -08:00
kevgliss
2130029f90 Adding new notification templates. (#511) 2016-11-17 14:16:59 -08:00
kevgliss
d11f254476 Closes: #469 (#510) 2016-11-17 12:16:30 -08:00
kevgliss
d54a11ad11 Ensuring coverage is run. (#509) 2016-11-17 11:11:09 -08:00
kevgliss
a9361fe428 Endpoints should be visible to all. (#508) 2016-11-17 10:45:26 -08:00
kevgliss
5345170a4f Ensuring that the passed in configuration has precedence over the environment config. (#507) 2016-11-17 09:31:37 -08:00
kevgliss
d0ccd85afe Adding coverage. (#506)
* Adding coverage.

* Attempting to adding coverage.

* Adding coveragerc.
2016-11-16 16:44:51 -08:00
Sakti Dwi Cahyono
520404c215 fix string -> byte conversion on python2 (#472) 2016-11-16 16:03:38 -08:00
kevgliss
9ac1756011 removing new 'active' logic for the time being (#505) 2016-11-16 15:56:24 -08:00
kevgliss
851d74da3d Ensuring that private key is in string format before it gets stored (#504)
* Ensuring that private key is in string format before it gets stored

* Fixing failing test.
2016-11-16 15:05:25 -08:00
kevgliss
3f2691c5d4 Minor fixes. (#502) 2016-11-16 13:23:35 -08:00
kevgliss
eaf34b1c8b Disabling the protect active flag (#498) 2016-11-16 09:31:02 -08:00
kevgliss
e9219adfb5 Ensuring model's have a basic __repr__. (#499) 2016-11-16 09:30:54 -08:00
kevgliss
9eddaf66cb adding human readable string (#500) 2016-11-16 09:30:46 -08:00
kevgliss
0a29a3fa2a Adding release notes. (#459) 2016-11-15 16:44:40 -08:00
kevgliss
9bb0787410 Ensuring that duplicates are migrated correctly. (#496)
* Ensuring that duplicates are migrated correctly.

* fixing typo
2016-11-15 16:43:45 -08:00
JohnTheodore
dd14fd202d clean out ADMINS references (#495)
* add variables to the documentation forwq oauth2

* remove old reference to ADMINS to get rid of any confusion
2016-11-15 16:43:28 -08:00
kevgliss
114deba06e Adding the ability to silence notifications on creation. (#490) 2016-11-12 09:29:42 -08:00
kevgliss
0334f1094d fixing documentation typo (#489) 2016-11-11 13:35:24 -08:00
kevgliss
7af68c3cc0 Adding additional metric gathering for failed sync operations. (#488) 2016-11-11 13:28:01 -08:00
kevgliss
953d3a08e7 Adding example request to documentation. (#487) 2016-11-11 12:54:12 -08:00
kevgliss
f141ae78f3 Typo. (#485) 2016-11-10 14:40:59 -08:00
kevgliss
94d619cfa6 Minor errors. (#484) 2016-11-10 14:34:45 -08:00
kevgliss
89470a0ce0 Adding default validity and retry logic. (#483) 2016-11-10 11:23:37 -08:00
kevgliss
e6b291d034 Time (#482)
* adding python 3.5 as a target

* adding env flag

* Aligning on arrow dates.
2016-11-09 10:56:22 -08:00
kevgliss
b0eef03c73 adding python 3.5 as a target (#481)
* adding python 3.5 as a target

* adding env flag
2016-11-08 15:22:50 -08:00
kevgliss
25a6c722b6 Adding digicert documentation. (#480) 2016-11-08 14:56:05 -08:00
kevgliss
67a5993926 fixing type in ciphers (#479) 2016-11-08 12:23:21 -08:00
kevgliss
aa979e31fd Digicert plugin (#478)
* Initial work on digicert plugin.

* Adding certificate pickup, to digicert plugin.

* Removing and rotating test api key.
2016-11-07 14:40:00 -08:00
kevgliss
b74df2b3e4 Minor changes for python3. (#477) 2016-11-07 14:33:07 -08:00
kevgliss
4afedaf537 Fixes (#476)
* Ensures that Vault can accept bytes and strings.

* Make restricted domains optional.

* Fixing notify flag.
2016-11-04 09:16:41 -07:00
Neil Schelly
2b79474060 Trying this to fix defaulting org to Netflix (#475) 2016-11-02 09:12:47 -07:00
kevgliss
a6360ebfe5 Adding pending certificate metric. (#473) 2016-11-01 14:24:45 -07:00
kevgliss
d99681904e Fixing test to take python3 into account. (#460)
* Fixing test to take python3 into account.
2016-10-31 17:02:08 -07:00
kevgliss
1ac1a44e83 San alt name (#468) 2016-10-31 11:00:15 -07:00
Neil Schelly
f990f92977 Fixing typo in documentation for LEMUR_DEFAULT_ORGANIZATIONAL_UNIT spelling (#467) 2016-10-27 20:26:28 -07:00
cviecco
490d5b6e6c python2.x .base64url_decode has a single parameter and incoming data is utf-8.. need to convert so string (#463) 2016-10-26 00:50:00 -07:00
Terin Stock
4b7fc8551c fix(web): send JSON for all errors (#464)
Configure werkzeug to output JSON error messages for the benefit of
downstream clients. This also allows for metrics collection in all cases
where werkzeug is outputting an exception.
2016-10-26 00:46:43 -07:00
Charles Hendrie
cd9c112218 Implement a CFSSL issuer plugin (#452)
* Implement CFSSL issuer plugin

Implement a Lemur plugin for generating certificates from the open
source certificate authority CFSSL
(https://github.com/cloudflare/cfssl). The plugin interacts with CFSSL
through the CFSSL REST API. The CFSSL configuration is defined in the
lemur.conf.py property file using property names prefixed with "CFSSL_".

* Update documentation to include CFSSL plugin
2016-10-22 00:52:18 -07:00
kevgliss
a8f44944b1 Closes #415 2016-10-17 23:23:14 -07:00
kevgliss
d31c9b19ce Closes #412. Allows 'name' be a valid attribute to specify a role. (#457) 2016-10-16 03:56:13 -07:00
kevgliss
fb178866f4 Fixes an issue with the source tests failing. (#456) 2016-10-16 03:55:37 -07:00
kevgliss
f921b67fff Removing the ability to use spaces in custom names. (#455) 2016-10-15 04:56:25 -07:00
kevgliss
c367e4f73f Prevents the silencing of notifications that are actively deployed. (#454)
* Renaming 'active' to 'notify' as this is clearer and more aligned to what this value is actually controlling. 'active' is now a property that depends on whether any endpoints were found to be using the certificate. Also added logic for issue #405 disallowing for a certificates' notifications to be silenced when it is actively deployed on an endpoint.

* Adding migration script to alter 'active' column.
2016-10-15 00:12:11 -07:00