Commit Graph

3688 Commits

Author SHA1 Message Date
Hossein Shafagh 28e26a1baf to prevent duplicate emails, we might better remove owner and security email address from the notification recipient 2019-06-05 17:57:11 -07:00
Hossein Shafagh 3a512d5bda
Merge pull request #2804 from kush-bavishi/CommonNameAutoAdditionAsDNS
Common name auto addition as domain name
2019-06-05 15:29:35 -07:00
Hossein Shafagh 24f5ce7170
Merge branch 'master' into CommonNameAutoAdditionAsDNS 2019-06-04 13:59:57 -07:00
Curtis f991317301
Merge pull request #2805 from castrapel/docker_37
Upgrade docker to 3.7
2019-06-04 08:32:20 -07:00
Curtis Castrapel aeb32f4853 Upgrade docker to 3.7 2019-06-04 08:21:52 -07:00
Kush Bavishi 45231c2423 Added code to automatically add the common name as a DNS name while creating a certificate. 2019-05-31 14:08:28 -07:00
Kush Bavishi 28b216273d Upgrading Gulp. If this is not necessary, we can remove it later. 2019-05-31 14:07:26 -07:00
Curtis ce9b06e4c6
Merge pull request #2802 from castrapel/downgrade_kombu_0530
Downgrade Kombu
2019-05-30 13:37:26 -07:00
Curtis Castrapel e300cf6e1b Downgrade Kombu 2019-05-30 13:34:44 -07:00
Curtis 7eb9c80fb2
Merge pull request #2798 from castrapel/domains_enhancements
Enhance domains query and sensitive domain checking code
2019-05-30 10:31:24 -07:00
Hossein Shafagh 7e31498a4b
Merge pull request #2799 from hosseinsh/update-reqs-30052019
Update reqs 30052019
2019-05-30 10:29:56 -07:00
Hossein Shafagh b89dd36771 updating requirements 2019-05-30 10:21:53 -07:00
Curtis Castrapel 8b821d0023 Enhance domains query and sensitive domain checking code; Allow creation of opt-out roles via config 2019-05-30 10:21:44 -07:00
Hossein Shafagh 071c083eae hiding expired certs after 6 months from the main page 2019-05-30 10:21:03 -07:00
Hossein Shafagh b4d9ab9f0c Merge branch 'master' of github.com:Netflix/lemur into improving-cert-lookup-time 2019-05-30 08:55:49 -07:00
Hossein Shafagh 13d46ae42e indexing the not after field in the cert table 2019-05-30 08:55:30 -07:00
Curtis 8bc23f6deb
Merge pull request #2797 from castrapel/get_or_increase_name_simplify
Make get_or_increase_name queries less demanding
2019-05-29 12:50:06 -07:00
Curtis 6e4306b3bb
Merge pull request #2795 from ardichoke/fix_vault_api_v2_append
Fix Certificate Appending With v2 Vault API
2019-05-29 12:49:36 -07:00
Curtis Castrapel 5e389f3f48 Add certificate1 to test DB 2019-05-29 12:38:17 -07:00
Curtis Castrapel f81adb1371 Make get_or_increase_name queries less demanding 2019-05-29 12:20:05 -07:00
Curtis 9da428c7fd
Merge pull request #2796 from castrapel/read_replica_support
Read replica support
2019-05-28 12:56:22 -07:00
Curtis Castrapel fd35a26955 Support read replicas 2019-05-28 12:45:39 -07:00
Curtis Castrapel 5059cb731a Support read replicas in Lemur for improved performance 2019-05-28 12:38:33 -07:00
Ryan DeShone 09c7076e79 Handle double data field in API v2 2019-05-22 17:12:10 -04:00
Curtis de65d363fc
Merge pull request #2794 from castrapel/max_retry_iam
Set Max Retries + Add metrics to IAM handler
2019-05-21 13:08:47 -07:00
Curtis Castrapel 1423ac0d98 More metrics 2019-05-21 12:55:33 -07:00
Curtis Castrapel 34c7e5230b Set a limit on number of retries 2019-05-21 12:52:41 -07:00
Curtis 3c6799d736
Merge pull request #2793 from castrapel/json_logging
Add support for JSON logging
2019-05-17 08:57:09 -07:00
Curtis Castrapel 4fac726cf4 Add support for JSON logging 2019-05-17 08:48:26 -07:00
Curtis 37e5857406
Merge pull request #2792 from castrapel/black-052019
Black lint all the things
2019-05-16 08:25:12 -07:00
Curtis Castrapel 0320c04be2 nosec comment 2019-05-16 08:14:46 -07:00
Curtis Castrapel c5ec5fa41f Add bandit to test and pre-commit 2019-05-16 08:13:42 -07:00
Curtis Castrapel 68fd1556b2 Black lint all the things 2019-05-16 07:57:02 -07:00
Curtis 3680d523d4
Merge pull request #2791 from castrapel/digicert_expose_error
Expose exact response from digicert as error
2019-05-15 13:43:44 -07:00
Curtis Castrapel e3c5490d25 Expose exact response from digicert as error 2019-05-15 13:36:40 -07:00
Curtis 8c73851708
Merge pull request #2790 from castrapel/resolved_cert
Set resolved cert ID before resolving cert
2019-05-15 11:57:03 -07:00
Curtis Castrapel 26d10e8b98 change ordering in more places 2019-05-15 11:47:53 -07:00
Curtis Castrapel 7e92edc70a Set resolved cert ID before resolving cert; Ignore sentry exceptions when no records on deletion 2019-05-15 11:43:59 -07:00
Hossein Shafagh ed39e30824
Merge pull request #2788 from hosseinsh/fast-valid-cert-lookup
adding a new API for faster certificate lookup
2019-05-15 10:25:50 -07:00
Curtis 6eb3836abc
Merge branch 'master' into fast-valid-cert-lookup 2019-05-15 10:20:17 -07:00
Curtis 302219325b
Merge pull request #2789 from castrapel/celery-timeouts-LE-validation
Add soft timeouts to celery jobs; Check for PEM in LE order
2019-05-14 14:09:02 -07:00
Curtis Castrapel 5d8f71c3e4 nt 2019-05-14 13:02:24 -07:00
Curtis Castrapel 565142f985 Add soft timeouts to celery jobs; Check for PEM in LE order 2019-05-14 12:52:30 -07:00
Hossein Shafagh f452a7ce68 adding a new API for faster certificate lookup.
The new API api/1/certificates/valid returns only non-expired (not_after >= today) certs which have auto-rotate enabled:

cn is a required parameter:

http://localhost:8000/api/1/certificates/valid?filter=cn;example.com
cn can also be a database string wildcard ('%'):

http://localhost:8000/api/1/certificates/valid?filter=cn;%
owner is the additional parameter, and must be the email address of the owner:

http://localhost:8000/api/1/certificates/valid?filter=cn;example.com&owner=hossein@example.com
given owner  and a database string wildcard ('%') one can retrieve all certs for that owner, which are still valid, and have auto-rotate enabled:

http://localhost:8000/api/1/certificates/valid?filter=cn;%&owner=hossein@example.com
2019-05-11 18:06:51 -07:00
Curtis 0f2773c986
Merge pull request #2787 from castrapel/search_by_name
Allow searching for certificates by name via API
2019-05-09 15:08:34 -07:00
Curtis Castrapel 3f10b43254 Ignore bandit error 2019-05-09 15:00:09 -07:00
Curtis Castrapel ed18df22db remove permalink change 2019-05-09 14:54:44 -07:00
Curtis Castrapel e33a103ca1 Allow searching for certificates by name via API 2019-05-09 14:36:56 -07:00
Curtis 02554b427a
Merge pull request #2784 from castrapel/add_metrics_reissue_rotate
Gather more metrics on certificate reissue/rotate jobs
2019-05-08 07:57:51 -07:00
Curtis c9c782684d
Merge branch 'master' into add_metrics_reissue_rotate 2019-05-08 07:48:44 -07:00