Commit Graph

2951 Commits

Author SHA1 Message Date
Hossein Shafagh 9bcfcebb3a
Merge branch 'master' into bootswatch-fix 2020-08-04 14:09:33 -07:00
sayali 817a4c3d90 Modified cert description to have cert id being cloned 2020-08-03 19:24:06 -07:00
sayali c3d8501401 Do not inherit replacement info during cert clone 2020-08-03 19:23:24 -07:00
sayali c15a2c62d1 Honor selected algorithm during certificate cloning 2020-08-03 19:22:13 -07:00
Hossein Shafagh 983f9beacb
Merge pull request #3057 from hosseinsh/pinning-to-cross-signed-LE-ICA
Pinning to the Cross-signed LE ICA
2020-08-03 17:50:13 -07:00
Hossein Shafagh cbe06bd4d0
Merge branch 'master' into pinning-to-cross-signed-LE-ICA 2020-08-03 17:50:05 -07:00
Chad S 2a8cf805dd
Merge pull request #3070 from Netflix/testbranch
fixing Dockerfile, Lemur builds now
2020-08-03 17:49:15 -07:00
Hossein Shafagh 084f9a14f4 updating documentation for cross-signed ICA 2020-08-03 16:14:14 -07:00
Hossein Shafagh 2af336f6c2
Merge branch 'master' into pinning-to-cross-signed-LE-ICA 2020-08-03 15:58:59 -07:00
Hossein Shafagh 5c4a167cfd
Merge branch 'master' into testbranch 2020-08-03 15:58:49 -07:00
dependabot-preview[bot] b382d0332e
Merge pull request #3073 from Netflix/dependabot/pip/boto3-1.14.33 2020-08-03 17:46:19 +00:00
dependabot-preview[bot] 117c0bab04
Bump boto3 from 1.14.28 to 1.14.33
Bumps [boto3](https://github.com/boto/boto3) from 1.14.28 to 1.14.33.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.28...1.14.33)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-03 17:38:07 +00:00
dependabot-preview[bot] 41a02610ba
Merge pull request #3072 from Netflix/dependabot/pip/botocore-1.17.33 2020-08-03 17:35:24 +00:00
dependabot-preview[bot] c80a3390e7
Bump botocore from 1.17.28 to 1.17.33
Bumps [botocore](https://github.com/boto/botocore) from 1.17.28 to 1.17.33.
- [Release notes](https://github.com/boto/botocore/releases)
- [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/botocore/compare/1.17.28...1.17.33)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-03 17:27:26 +00:00
dependabot-preview[bot] 88b38f7f0b
Merge pull request #3071 from Netflix/dependabot/pip/pytest-6.0.1 2020-08-03 17:25:05 +00:00
Chad S 229a5fbc9b
Merge branch 'master' into testbranch 2020-08-03 09:47:12 -07:00
dependabot-preview[bot] 57e06cf1db
Bump pytest from 5.4.3 to 6.0.1
Bumps [pytest](https://github.com/pytest-dev/pytest) from 5.4.3 to 6.0.1.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/5.4.3...6.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-08-03 13:36:46 +00:00
csine-nflx e7c684724a fixing Dockerfile, Lemur builds now 2020-07-31 17:54:18 -07:00
Hossein Shafagh 8e1d2b51e0
Merge branch 'master' into pinning-to-cross-signed-LE-ICA 2020-07-27 14:20:00 -07:00
Hossein Shafagh b5e22f5a6b
Merge pull request #3063 from Netflix/dependabot/pip/cryptography-3.0
Bump cryptography from 2.9.2 to 3.0
2020-07-27 14:19:43 -07:00
dependabot-preview[bot] 4752e10472
Bump cryptography from 2.9.2 to 3.0
Bumps [cryptography](https://github.com/pyca/cryptography) from 2.9.2 to 3.0.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/2.9.2...3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-27 18:40:59 +00:00
dependabot-preview[bot] 7ac754a894
Merge pull request #3066 from Netflix/dependabot/pip/boto3-1.14.28 2020-07-27 18:35:15 +00:00
dependabot-preview[bot] 1e90bb2d0b
Bump boto3 from 1.14.23 to 1.14.28
Bumps [boto3](https://github.com/boto/boto3) from 1.14.23 to 1.14.28.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.23...1.14.28)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-27 18:26:11 +00:00
dependabot-preview[bot] 00134a0966
Merge pull request #3068 from Netflix/dependabot/pip/cloudflare-2.8.8 2020-07-27 18:19:51 +00:00
dependabot-preview[bot] 69bfe48cbe
Bump cloudflare from 2.8.6 to 2.8.8
Bumps [cloudflare](https://github.com/cloudflare/python-cloudflare) from 2.8.6 to 2.8.8.
- [Release notes](https://github.com/cloudflare/python-cloudflare/releases)
- [Changelog](https://github.com/cloudflare/python-cloudflare/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cloudflare/python-cloudflare/compare/2.8.6...2.8.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-27 18:11:16 +00:00
dependabot-preview[bot] f98d53fda0
Merge pull request #3069 from Netflix/dependabot/pip/arrow-0.15.8 2020-07-27 18:05:41 +00:00
dependabot-preview[bot] 99628aface
Bump arrow from 0.15.7 to 0.15.8
Bumps [arrow](https://github.com/arrow-py/arrow) from 0.15.7 to 0.15.8.
- [Release notes](https://github.com/arrow-py/arrow/releases)
- [Changelog](https://github.com/arrow-py/arrow/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/arrow-py/arrow/compare/0.15.7...0.15.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-27 17:58:40 +00:00
dependabot-preview[bot] 918e1699ea
Merge pull request #3065 from Netflix/dependabot/pip/hvac-0.10.5 2020-07-27 17:53:21 +00:00
dependabot-preview[bot] 560894befb
Bump hvac from 0.10.4 to 0.10.5
Bumps [hvac](https://github.com/hvac/hvac) from 0.10.4 to 0.10.5.
- [Release notes](https://github.com/hvac/hvac/releases)
- [Changelog](https://github.com/hvac/hvac/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/hvac/hvac/compare/v0.10.4...v0.10.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-27 17:45:03 +00:00
dependabot-preview[bot] b5b50d34b2
Merge pull request #3067 from Netflix/dependabot/pip/coverage-5.2.1 2020-07-27 17:39:54 +00:00
dependabot-preview[bot] 276229db4a
Bump coverage from 5.2 to 5.2.1
Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.2 to 5.2.1.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.2...coverage-5.2.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-27 17:32:39 +00:00
dependabot-preview[bot] 6000d8bb06
Merge pull request #3064 from Netflix/dependabot/pip/botocore-1.17.28 2020-07-27 17:27:42 +00:00
dependabot-preview[bot] 0607520f93
Bump botocore from 1.17.23 to 1.17.28
Bumps [botocore](https://github.com/boto/botocore) from 1.17.23 to 1.17.28.
- [Release notes](https://github.com/boto/botocore/releases)
- [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/botocore/compare/1.17.23...1.17.28)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-27 13:40:35 +00:00
Hossein Shafagh 3c1d6998fb
Merge branch 'master' into pinning-to-cross-signed-LE-ICA 2020-07-24 10:25:11 -07:00
Hossein Shafagh 456c994d25
Merge pull request #3062 from charhate/bootswatch-fix
Hardcoding bootswatch version to 3.4.1+1
2020-07-24 10:16:34 -07:00
Hossein Shafagh 4c3a6112b8
Merge branch 'master' into bootswatch-fix 2020-07-23 17:12:23 -07:00
sayali f6faa856fe Hardcoding bootswatch version to 3.4.1+1
Fixing error : Potentially unhandled rejection [2] variable @path is undefined in file bower_components/bootswatch/sandstone/bootswatch.less line no. 10
2020-07-23 15:40:55 -07:00
Hossein Shafagh 91c0432cc2
Merge pull request #2982 from thousandeyes/fix-cryptography-intermediate-ca
Fix intermediate CA creation on cryptography plugin
2020-07-23 14:31:34 -07:00
Raul Benencia 0fd83d13ae Fix intermediate CA creation on cryptography plugin 2020-07-23 13:58:32 -07:00
Hossein Shafagh 4fa0374097
Merge branch 'master' into pinning-to-cross-signed-LE-ICA 2020-07-20 11:18:50 -07:00
dependabot-preview[bot] a3ae76fac1
Merge pull request #3060 from Netflix/dependabot/pip/boto3-1.14.23 2020-07-20 17:39:43 +00:00
dependabot-preview[bot] 1da7564374
Bump boto3 from 1.14.20 to 1.14.23
Bumps [boto3](https://github.com/boto/boto3) from 1.14.20 to 1.14.23.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.20...1.14.23)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-20 17:33:37 +00:00
dependabot-preview[bot] e7a0002f1b
Merge pull request #3059 from Netflix/dependabot/pip/botocore-1.17.23 2020-07-20 17:31:04 +00:00
dependabot-preview[bot] 0d19986fb1
Bump botocore from 1.17.20 to 1.17.23
Bumps [botocore](https://github.com/boto/botocore) from 1.17.20 to 1.17.23.
- [Release notes](https://github.com/boto/botocore/releases)
- [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/botocore/compare/1.17.20...1.17.23)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-20 17:25:32 +00:00
dependabot-preview[bot] c0869e0c71
Merge pull request #3061 from Netflix/dependabot/pip/flask-sqlalchemy-2.4.4 2020-07-20 17:23:11 +00:00
dependabot-preview[bot] 863bdc045b
Bump flask-sqlalchemy from 2.4.3 to 2.4.4
Bumps [flask-sqlalchemy](https://github.com/pallets/flask-sqlalchemy) from 2.4.3 to 2.4.4.
- [Release notes](https://github.com/pallets/flask-sqlalchemy/releases)
- [Changelog](https://github.com/pallets/flask-sqlalchemy/blob/master/CHANGES.rst)
- [Commits](https://github.com/pallets/flask-sqlalchemy/compare/2.4.3...2.4.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-20 17:15:36 +00:00
dependabot-preview[bot] 8cc57a884e
Merge pull request #3058 from Netflix/dependabot/pip/cloudflare-2.8.6 2020-07-20 17:13:19 +00:00
dependabot-preview[bot] f7fce73e1e
Bump cloudflare from 2.8.3 to 2.8.6
Bumps [cloudflare](https://github.com/cloudflare/python-cloudflare) from 2.8.3 to 2.8.6.
- [Release notes](https://github.com/cloudflare/python-cloudflare/releases)
- [Changelog](https://github.com/cloudflare/python-cloudflare/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cloudflare/python-cloudflare/compare/2.8.3...2.8.6)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-20 13:36:39 +00:00
Hossein Shafagh 2317967802 lack of an empty config file was resulting into this error
```
Traceback (most recent call last):
  File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/tests/test_acme.py", line 159, in test_request_certificate
    self.acme.request_certificate(mock_acme, [], mock_order)
  File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/plugin.py", line 211, in request_certificate
    current_app.config.get("IDENTRUST_CROSS_SIGNED_LE_ICA_EXPIRATION_DATE", "17/03/21"), '%d/%m/%y'):
TypeError: strptime() argument 1 must be str, not MagicMock
```
2020-07-15 17:04:49 -07:00
Hossein Shafagh d5ae45a0d0 Let's Encrypt has been using a cross-signed intermediate CA by DST Root CA X3, which is included in any older devices' TrustStore.
https://letsencrypt.org/certificates/

Let's Encrypt is transitioning to use the intermediate CA issued by their own root (ISRG X1) starting from September 29th 2020. This is in preparation of concluding the initial bootstrapping of their CA, by having it cross-signed by an older CA.
https://letsencrypt.org/2019/04/15/transitioning-to-isrg-root.html

This PR allows Lemur to pin to the cross-signed ICA (same public/private key pair as the ICA signed by ISRG X1). This will prolong support for incompatible systems.
2020-07-14 17:35:13 -07:00