Infra/lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,756 Commits 4 Branches 45 Tags
07f1d751c45552fa777f8416d224f009445e29de
Commit Graph

2756 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot-preview[bot]
07f1d751c4 Bump acme from 1.6.0 to 1.7.0 
Bumps [acme](https://github.com/letsencrypt/letsencrypt) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/letsencrypt/letsencrypt/releases)
- [Commits](https://github.com/letsencrypt/letsencrypt/compare/v1.6.0...v1.7.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-08-27 14:15:14 -07:00
sirferl
ab4cda2298 Extended ADCS_TEMPLATE_ Variable 
If there is a config variable ADCS_TEMPLATE_<upper(authority.name)> take the value as Cert template else default to ADCS_TEMPLATE to be compatible with former versions
 2020-08-27 14:15:14 -07:00
sayali
7a9500eee0 Lint error fix 2020-08-27 14:15:14 -07:00
sayali
e79dda3384 doc update DEFAULT_MAX_VALIDITY_DAYS 2020-08-27 14:15:14 -07:00
sayali
5ed109e998 Max end date as per start date + default validity 3 years 2020-08-27 14:15:14 -07:00
sayali
599a6943e2 Updating LEMUR_DEFAULT_ORGANIZATIONAL_UNIT to empty string 2020-08-27 14:15:14 -07:00
sayali
7011a4df8b max date on UI as per max validity configs 2020-08-27 14:15:14 -07:00
sayali
4d7c6844e5 Make Organizational Unit optional 2020-08-27 14:15:14 -07:00
sayali
2645c4a82d mention 397 for digicert plugin 2020-08-27 14:15:14 -07:00
sayali
8d2fffba87 Add new configs to the doc 2020-08-27 14:15:14 -07:00
sayali
3cb386cc0f maximum 1 year validity for digicert 2020-08-27 14:15:14 -07:00
sayali
e06dea106f Modify unit test test_determine_end_date to match new config 2020-08-27 14:15:14 -07:00
dependabot-preview[bot]
747df683a9 Bump sphinx from 3.1.2 to 3.2.0 
Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 3.1.2 to 3.2.0.
- [Release notes](https://github.com/sphinx-doc/sphinx/releases)
- [Changelog](https://github.com/sphinx-doc/sphinx/blob/3.x/CHANGES)
- [Commits](https://github.com/sphinx-doc/sphinx/compare/v3.1.2...v3.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-08-27 14:15:14 -07:00
sayali
8a1563db54 Updating Lemur docs to capture Digicert validity config changes 2020-08-27 14:15:14 -07:00
sayali
d7d483fa9b Renaming PUBLIC_CA to PUBLIC_CA_AUTHORITY_NAMES 2020-08-27 14:15:14 -07:00
sayali
25125f3257 Cert validity should not exceed 397 days for publicly trusted issuers 2020-08-27 14:15:14 -07:00
dependabot-preview[bot]
a7082f7332 Bump cloudflare from 2.8.8 to 2.8.9 
Bumps [cloudflare](https://github.com/cloudflare/python-cloudflare) from 2.8.8 to 2.8.9.
- [Release notes](https://github.com/cloudflare/python-cloudflare/releases)
- [Changelog](https://github.com/cloudflare/python-cloudflare/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cloudflare/python-cloudflare/compare/2.8.8...2.8.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-08-27 14:15:14 -07:00
sayali
404d213e8f Modified cert description to have cert id being cloned 2020-08-27 14:15:14 -07:00
sayali
e75e472a1a Do not inherit replacement info during cert clone 2020-08-27 14:15:14 -07:00
sayali
69b64c63ea Honor selected algorithm during certificate cloning 2020-08-27 14:15:14 -07:00
Hossein Shafagh
d07464f3b1 updating documentation for cross-signed ICA 2020-08-27 14:15:14 -07:00
dependabot-preview[bot]
de0e646cf9 Bump boto3 from 1.14.28 to 1.14.33 
Bumps [boto3](https://github.com/boto/boto3) from 1.14.28 to 1.14.33.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.28...1.14.33)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-08-27 14:15:14 -07:00
dependabot-preview[bot]
5c5e53b8ec Bump botocore from 1.17.28 to 1.17.33 
Bumps [botocore](https://github.com/boto/botocore) from 1.17.28 to 1.17.33.
- [Release notes](https://github.com/boto/botocore/releases)
- [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/botocore/compare/1.17.28...1.17.33)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-08-27 14:15:14 -07:00
dependabot-preview[bot]
85f18afa81 Bump pytest from 5.4.3 to 6.0.1 
Bumps [pytest](https://github.com/pytest-dev/pytest) from 5.4.3 to 6.0.1.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/5.4.3...6.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-08-27 14:15:14 -07:00
csine-nflx
bc8eda2a6b fixing Dockerfile, Lemur builds now 2020-08-27 14:15:14 -07:00
Hossein Shafagh
f4bcd1cf30 lack of an empty config file was resulting into this error 
```
Traceback (most recent call last):
  File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/tests/test_acme.py", line 159, in test_request_certificate
    self.acme.request_certificate(mock_acme, [], mock_order)
  File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/plugin.py", line 211, in request_certificate
    current_app.config.get("IDENTRUST_CROSS_SIGNED_LE_ICA_EXPIRATION_DATE", "17/03/21"), '%d/%m/%y'):
TypeError: strptime() argument 1 must be str, not MagicMock
```
 2020-08-27 14:15:14 -07:00
Hossein Shafagh
5a6e4e5b43 Let's Encrypt has been using a cross-signed intermediate CA by DST Root CA X3, which is included in any older devices' TrustStore. 
https://letsencrypt.org/certificates/

Let's Encrypt is transitioning to use the intermediate CA issued by their own root (ISRG X1) starting from September 29th 2020. This is in preparation of concluding the initial bootstrapping of their CA, by having it cross-signed by an older CA.
https://letsencrypt.org/2019/04/15/transitioning-to-isrg-root.html

This PR allows Lemur to pin to the cross-signed ICA (same public/private key pair as the ICA signed by ISRG X1). This will prolong support for incompatible systems.
 2020-08-27 14:15:14 -07:00
Hossein Shafagh
c169ad291e adding the correct signing algorithm, and a missing key Type 2020-08-27 13:29:56 -07:00
Hossein Shafagh
b5e22f5a6b Merge pull request #3063 from Netflix/dependabot/pip/cryptography-3.0 
Bump cryptography from 2.9.2 to 3.0
 2020-07-27 14:19:43 -07:00
dependabot-preview[bot]
4752e10472 Bump cryptography from 2.9.2 to 3.0 
Bumps [cryptography](https://github.com/pyca/cryptography) from 2.9.2 to 3.0.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/2.9.2...3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-07-27 18:40:59 +00:00
dependabot-preview[bot]
7ac754a894 Merge pull request #3066 from Netflix/dependabot/pip/boto3-1.14.28 2020-07-27 18:35:15 +00:00
dependabot-preview[bot]
1e90bb2d0b Bump boto3 from 1.14.23 to 1.14.28 
Bumps [boto3](https://github.com/boto/boto3) from 1.14.23 to 1.14.28.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.23...1.14.28)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-07-27 18:26:11 +00:00
dependabot-preview[bot]
00134a0966 Merge pull request #3068 from Netflix/dependabot/pip/cloudflare-2.8.8 2020-07-27 18:19:51 +00:00
dependabot-preview[bot]
69bfe48cbe Bump cloudflare from 2.8.6 to 2.8.8 
Bumps [cloudflare](https://github.com/cloudflare/python-cloudflare) from 2.8.6 to 2.8.8.
- [Release notes](https://github.com/cloudflare/python-cloudflare/releases)
- [Changelog](https://github.com/cloudflare/python-cloudflare/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cloudflare/python-cloudflare/compare/2.8.6...2.8.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-07-27 18:11:16 +00:00
dependabot-preview[bot]
f98d53fda0 Merge pull request #3069 from Netflix/dependabot/pip/arrow-0.15.8 2020-07-27 18:05:41 +00:00
dependabot-preview[bot]
99628aface Bump arrow from 0.15.7 to 0.15.8 
Bumps [arrow](https://github.com/arrow-py/arrow) from 0.15.7 to 0.15.8.
- [Release notes](https://github.com/arrow-py/arrow/releases)
- [Changelog](https://github.com/arrow-py/arrow/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/arrow-py/arrow/compare/0.15.7...0.15.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-07-27 17:58:40 +00:00
dependabot-preview[bot]
918e1699ea Merge pull request #3065 from Netflix/dependabot/pip/hvac-0.10.5 2020-07-27 17:53:21 +00:00
dependabot-preview[bot]
560894befb Bump hvac from 0.10.4 to 0.10.5 
Bumps [hvac](https://github.com/hvac/hvac) from 0.10.4 to 0.10.5.
- [Release notes](https://github.com/hvac/hvac/releases)
- [Changelog](https://github.com/hvac/hvac/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/hvac/hvac/compare/v0.10.4...v0.10.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-07-27 17:45:03 +00:00
dependabot-preview[bot]
b5b50d34b2 Merge pull request #3067 from Netflix/dependabot/pip/coverage-5.2.1 2020-07-27 17:39:54 +00:00
dependabot-preview[bot]
276229db4a Bump coverage from 5.2 to 5.2.1 
Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.2 to 5.2.1.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.2...coverage-5.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-07-27 17:32:39 +00:00
dependabot-preview[bot]
6000d8bb06 Merge pull request #3064 from Netflix/dependabot/pip/botocore-1.17.28 2020-07-27 17:27:42 +00:00
dependabot-preview[bot]
0607520f93 Bump botocore from 1.17.23 to 1.17.28 
Bumps [botocore](https://github.com/boto/botocore) from 1.17.23 to 1.17.28.
- [Release notes](https://github.com/boto/botocore/releases)
- [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/botocore/compare/1.17.23...1.17.28)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-07-27 13:40:35 +00:00
Hossein Shafagh
456c994d25 Merge pull request #3062 from charhate/bootswatch-fix 
Hardcoding bootswatch version to 3.4.1+1
 2020-07-24 10:16:34 -07:00
Hossein Shafagh
4c3a6112b8 Merge branch 'master' into bootswatch-fix 2020-07-23 17:12:23 -07:00
sayali
f6faa856fe Hardcoding bootswatch version to 3.4.1+1 
Fixing error : Potentially unhandled rejection [2] variable @path is undefined in file bower_components/bootswatch/sandstone/bootswatch.less line no. 10
 2020-07-23 15:40:55 -07:00
Hossein Shafagh
91c0432cc2 Merge pull request #2982 from thousandeyes/fix-cryptography-intermediate-ca 
Fix intermediate CA creation on cryptography plugin
 2020-07-23 14:31:34 -07:00
Raul Benencia
0fd83d13ae Fix intermediate CA creation on cryptography plugin 2020-07-23 13:58:32 -07:00
dependabot-preview[bot]
a3ae76fac1 Merge pull request #3060 from Netflix/dependabot/pip/boto3-1.14.23 2020-07-20 17:39:43 +00:00
dependabot-preview[bot]
1da7564374 Bump boto3 from 1.14.20 to 1.14.23 
Bumps [boto3](https://github.com/boto/boto3) from 1.14.20 to 1.14.23.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.20...1.14.23)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
 2020-07-20 17:33:37 +00:00
dependabot-preview[bot]
e7a0002f1b Merge pull request #3059 from Netflix/dependabot/pip/botocore-1.17.23 2020-07-20 17:31:04 +00:00