Commit Graph

1282 Commits

Author SHA1 Message Date
Hossein Shafagh 843ffad60e removing testing comments 2020-05-07 17:10:50 -07:00
Hossein Shafagh 1b6907a404 Certificate rotation region by region
example scheudule:
CELERYBEAT_SCHEDULE = {
    'certificate_rotate': {
        'task': 'lemur.common.celery.certificate_rotate',
        'options': {
            'expires': 180
        },
        'schedule': crontab(minute="*"),
        'kwargs': {'region': 'us-east-1'}
    }
}
2020-05-07 16:28:01 -07:00
Curtis Castrapel 7e97d885df Address comments 2020-04-28 13:16:27 -07:00
Curtis Castrapel 863af7a3e5 Making CLI command ; Running black 2020-04-28 12:16:46 -07:00
Curtis Castrapel 273c3e2793 Celery task to enable autorotate for all certificates attached to endpoints without it enabled 2020-04-28 11:52:43 -07:00
Hossein Shafagh 8d0007b9c0 fixing the private DNS zone issue.
Private hosted zones will never be visible to third-parties like LetsEncrypt, and Lemur should not consider them as authoritative zones.
This fix, make sure  they are not added to the  dns_provider table.
2020-04-24 15:48:06 -07:00
csine-nflx cee81bd693 updated requirements, fixed unittests, pytest, and distinguidedName ordering 2020-04-09 18:17:05 -07:00
Curtis 213b13d3c9
Merge branch 'master' into enhanced_error_loggin 2020-04-08 14:56:51 -04:00
Curtis 2c8dc24fda
Merge branch 'master' into enhanced_error_loggin 2020-04-08 14:51:06 -04:00
Curtis Castrapel 1360d846fd Improve error logging for a couple of use cases 2020-04-08 11:50:42 -07:00
Hossein Shafagh 3b3cec6f8b
Merge branch 'master' into oauth2 2020-04-08 10:12:04 -07:00
Hossein Shafagh eaeec5d757
Merge branch 'master' into imporved-metrics-sources 2020-04-08 09:23:27 -07:00
Curtis Castrapel 11b15e7e23 Clean up docstrings 2020-04-08 08:41:48 -07:00
Curtis Castrapel eb138fc960 Add default celery metrics and logging using celery signals 2020-04-08 08:38:40 -07:00
Hossein Shafagh 45c98a21b3
Merge branch 'master' into imporved-metrics-sources 2020-04-06 16:02:25 -07:00
csine-nflx 46e0d1953b Merge branch 'master' of github.com:Netflix/lemur into powerdnsplugin_02 2020-04-05 21:47:24 -07:00
csine-nflx f82ec24dfa updating _get_txt_records return values and docstrings 2020-04-05 21:46:33 -07:00
David Stipp 5c2a2f8ff2 OAUTH2 fixes
* Use OAUTH2 variable instead of PING while using OAUTH
* Some IDPs require a POST instead of a GET to user data
2020-04-04 11:32:23 -04:00
Hossein Shafagh 5add647148 # emitting the count of certificates on the source 2020-04-03 16:51:24 -07:00
Curtis efb7a33d3e
Merge branch 'master' into castrapel-patch-3 2020-04-01 14:03:17 -04:00
Curtis b4025e6820
Merge branch 'master' into castrapel-patch-3 2020-04-01 13:55:14 -04:00
Curtis 9a939e8281
Merge branch 'master' into castrapel-patch-2 2020-04-01 13:54:39 -04:00
Curtis d825616ea6
No need to retry 25 times on DeleteConflict errors 2020-04-01 10:53:17 -07:00
Curtis e25f97fce7
Bump time limit for clean_source Celery job
For larger accounts, I've hit SoftTimeLimit exceptions before completion of this celery job. Bumping up the time limit on this job.
2020-04-01 10:50:24 -07:00
Curtis 67d24caef5
Remove equivalent destinations when cleaning certificates
Remove equivalent destinations when cleaning certificates. This will prevent Lemur from attempting to re-upload a certificate after it has been cleaned.
2020-04-01 10:31:12 -07:00
csine-nflx 6f3ba23fa0 updating sinlge line of comments 2020-03-30 13:34:24 -07:00
csine-nflx 9d9bf9d7ba Merge branch 'powerdnsplugin_02' of github.com:Netflix/lemur into powerdnsplugin_02 2020-03-30 09:02:56 -07:00
csine-nflx d6cc8a8a9a fixing whitespace 2020-03-30 09:01:28 -07:00
Hossein Shafagh 66183e6bdd
Merge branch 'master' into powerdnsplugin_02 2020-03-27 10:45:15 -07:00
Chad S 2b7e60399c
Merge branch 'master' into powerdnsplugin_02 2020-03-27 10:27:33 -07:00
csine-nflx 0e314d0028 adding documentation and final cleanup 2020-03-27 10:18:38 -07:00
csine-nflx 0149f8b0d3 add support for wildcard and naked domains to PowerDNS module 2020-03-26 22:15:10 -07:00
Hossein Shafagh 2a2499a929 simplifying code 2020-03-26 20:45:00 -07:00
Hossein Shafagh 5206997468 expired is now called for new certs, where the not_after field might be in datetime format, and not comparable to utc 2020-03-26 19:01:07 -07:00
Hossein Shafagh 697215f8bc better handling of destination plugin errors, and also checking cert expiration before upload 2020-03-21 20:05:35 -07:00
Hossein Shafagh 1d4da0e3d8 another polish 2020-03-17 16:59:09 -07:00
Hossein Shafagh ecca003ab4 improving the documentation and method naming 2020-03-17 16:55:36 -07:00
csine-nflx 9de89ec96a
Merge branch 'master' into new_clean_cert_cli 2020-03-17 13:38:32 -07:00
csine-nflx 07dc31bed7 cleaning up whitespace changes 2020-03-16 11:41:05 -07:00
csine-nflx 1a19e250bb updating and cleaning up tests 2020-03-16 11:24:17 -07:00
Hossein Shafagh 34d23503de fixing the data bug 2020-03-14 20:41:03 -07:00
Hossein Shafagh b28b4f9a28 adding to new cli commands for cleaning certificates from source:
a) either about to expire in X days and not attached to an endpoint
a) or issued since X days but still not attached to an endpoint
2020-03-14 20:19:26 -07:00
Hossein Shafagh c96695c966 refactor 2020-03-14 20:18:07 -07:00
Hossein Shafagh 593c35776c adding new methods for getting pending clean 2020-03-14 20:17:05 -07:00
csine-nflx 921d52b360 fixing get_dns_challenge() logic so duplicate domains (such as wildcard and not wildcard) do not match the wrong authorziations 2020-03-13 00:03:31 -07:00
csine-nflx e1e7efc96e
Merge branch 'master' into powerdnsplugin_01 2020-03-05 15:25:40 -08:00
csine-nflx 771e72187a updates based on feedback 2020-03-05 15:24:56 -08:00
csine-nflx 5dfb6acb17 adding support for ACME_POWERDNS_VERIFY option to support CA Bundles and disabling Server validation 2020-03-05 14:59:21 -08:00
csine-nflx c0004e506e removing 2 year option from Lemur certificate request form 2020-03-04 14:50:44 -08:00
csine-nflx 1e81d47793 Merge branch 'renewal_validity_01' of github.com:Netflix/lemur into renewal_validity_01 2020-03-03 17:28:58 -08:00