Infra
/
lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3,611 Commits 4 Branches 45 Tags 7.5 MiB
Commit Graph

1803 Commits

Author SHA1 Message Date
Chad S 14348a1f95
Merge branch 'master' into cname_01 2020-10-29 14:01:14 -07:00
Hossein Shafagh 28c6f8583a
Merge branch 'master' into ses-arn-override 2020-10-29 13:52:51 -07:00
csine-nflx a1f99c29c0 Merge branch 'cname_01' of github.com:Netflix/lemur into cname_01 2020-10-29 13:51:58 -07:00
csine-nflx 2b91077d92 updating variables based on feedback 2020-10-29 13:51:22 -07:00
Jasmine Schladen 28686fcf5d Merge branch 'ses-arn-override' of github.com:jtschladen/lemur into ses-arn-override 2020-10-29 13:48:55 -07:00
Jasmine Schladen 45cc9528d2 Cleaner syntax for default region 2020-10-29 13:48:43 -07:00
Jasmine Schladen 78afc060ae Add subject for SNS messages and correct date format 2020-10-29 13:41:47 -07:00
Hossein Shafagh e967f2c676
Merge branch 'master' into ses-arn-override 2020-10-29 11:11:30 -07:00
Hossein Shafagh 2cea33cb11
Merge branch 'master' into expanding-S3-plugin 2020-10-29 11:09:00 -07:00
Chad S af348b1012
Merge branch 'master' into cname_01 2020-10-28 22:41:23 -07:00
csine-nflx 33a006bbeb fixing delete with optional validation 2020-10-28 22:24:37 -07:00
csine-nflx b47667b73e cname redirection working 2020-10-28 20:51:35 -07:00
Jasmine Schladen 3e492e6310 Add ability to override SES region 2020-10-28 17:09:54 -07:00
charhate bbfc65813d
Merge branch 'master' into ecc_changes 2020-10-28 17:00:45 -07:00
charhate 6adf94d28f
Merge branch 'master' into log_update 2020-10-28 16:52:19 -07:00
Jasmine Schladen 5e696f36bf Add ability to override SourceArnn for SES 2020-10-28 16:34:31 -07:00
Jasmine Schladen acc95a4b66 Fix notification view to actually show associated certs 2020-10-28 16:12:27 -07:00
charhate c25782468b
Merge branch 'master' into log_update 2020-10-28 15:40:16 -07:00
Hossein Shafagh cc69b433ca
Merge branch 'master' into notification-plugin-field-fix 2020-10-28 14:58:58 -07:00
csine-nflx d27f2a53af Merge branch 'master' of github.com:Netflix/lemur into cname_01 2020-10-28 14:03:23 -07:00
charhate 95b647ee1d
Merge branch 'master' into ecc_changes 2020-10-28 13:54:14 -07:00
Hossein Shafagh 84d30b5d50
Merge branch 'master' into issuer-retry 2020-10-28 13:21:10 -07:00
Jasmine Schladen 13e8421c78
Merge branch 'master' into notification-plugin-field-fix 2020-10-28 08:50:46 -07:00
Jasmine Schladen 16ce7970d0
Merge branch 'master' into sns 2020-10-28 08:50:09 -07:00
Hossein Shafagh a9d3b7a676
Merge branch 'master' into issuer-retry 2020-10-28 08:48:29 -07:00
Mathias Petermann 23e1700fad flake8 2020-10-28 13:47:57 +01:00
Jasmine Schladen 794e4d3855 Revert log to debug to be safe 2020-10-27 17:36:01 -07:00
Hossein Shafagh c6a8034890
language 2020-10-27 16:13:05 -07:00
Hossein Shafagh 10aa02fd85 more compact design, thanks to Chad for the feedback 2020-10-27 14:42:51 -07:00
Hossein Shafagh 54c2245115 comments 2020-10-27 12:47:35 -07:00
Hossein Shafagh d59a558d58 adopting ilike and not relying on == 
reducing redundancy
 2020-10-27 12:44:38 -07:00
Emmanuel Garette e9824a6808 change the log level to info if upgrade is successful 2020-10-27 20:38:18 +01:00
Emmanuel Garette 79647e3372 add reference to LOG_UPGRADE_FILE in toplevel comment 2020-10-27 20:38:18 +01:00
Jasmine Schladen 20b8c2fd93 PR feedback 2020-10-27 08:56:43 -07:00
Mathias Petermann ccf87986c0 Add store_account to AcmeDnsIssuer 2020-10-27 12:15:07 +01:00
Mathias Petermann 96fbcdaf70 Fix test_finalize_authorizations, dont reuse cleanup_dns_challenges in finalize_authorizations 2020-10-27 11:27:44 +01:00
Mathias Petermann 103e107668 Fix patches for test_create_certificate 2020-10-27 11:16:29 +01:00
Mathias Petermann 82bf8e2ac6 Remove unnecessary code from dnsChallenge, Fix patches in dns tests 2020-10-27 11:09:30 +01:00
Mathias Petermann 2d98e71977 Replace deprecated assertRaisesRegexp with assertRaisesRegex 2020-10-27 10:44:04 +01:00
Mathias Petermann 30c10b93f8 Fix patches for acme_handler tests 2020-10-27 10:37:30 +01:00
Mathias Petermann 3b20a47603 Fix patches for acme_http tests, apparently isinstance is considered evil in python 2020-10-27 10:37:30 +01:00
Mathias Petermann 4464c5890d Flake8 2020-10-27 10:37:30 +01:00
Mathias Petermann 812e1dee92 Refactor Acme plugin into AcmeChallenge objects, dns01 2020-10-27 10:37:27 +01:00
Mathias Petermann b91cebf245 Refactor Acme plugin into AcmeChallenge objects, http01 2020-10-27 10:36:06 +01:00
Mathias Petermann 6c1be02bfa Remove destination_list from AcmeHttpIssuer 2020-10-27 10:28:34 +01:00
Mathias Petermann ef0fce2661 Set timeout for finalize to 90s 2020-10-27 10:28:34 +01:00
Mathias Petermann 235653b558 Refactor destination selection for acme-http authorities, to load destinations dynamically 2020-10-27 10:28:34 +01:00
Mathias Petermann 81b078604c Implement revoke certificate for ACME 2020-10-27 10:28:34 +01:00
Mathias Petermann 215070b327 Fix create_certificate tests 2020-10-27 10:28:34 +01:00
Mathias Petermann 41ea59d7e3 Remove unneeded polling 2020-10-27 10:28:33 +01:00
Mathias Petermann d24fae0bac Fix permissions on acme token upload, dont append well-known automatically 2020-10-27 10:28:33 +01:00
Mathias Petermann 66cab6abd3 Make http-01 challenge work for SAN certificates 2020-10-27 10:28:33 +01:00
Mathias Petermann e3e5ef7d66 Refactor AcmeHandler, Move DNS stuff into AcmeDnsHandler 2020-10-27 10:28:33 +01:00
Mathias Petermann 76dcfbd528 Add more tests 2020-10-27 10:28:33 +01:00
Mathias Petermann d6719b729c Implement some test for AcmeHttpIssuerPlugin 2020-10-27 10:28:33 +01:00
Mathias Petermann b2de986652 Split tests into handler, and dns specifics 2020-10-27 10:28:30 +01:00
Mathias Petermann b93d271f31 Fix flake8 2020-10-27 10:25:31 +01:00
Mathias Petermann e06bdcf2a3 Implement create_certificate for HTTP-01 challenge 2020-10-27 10:25:31 +01:00
Mathias Petermann 3012995c76 Improve naming, make it possible to create directories recursively with SFTP 2020-10-27 10:25:31 +01:00
Mathias Petermann 348d8477dd Refactor destination plugin, to allow upload of ACME http-challenge tokens 2020-10-27 10:25:31 +01:00
Mathias Petermann d00dd9d295 Initial structure for ACME http challenge 2020-10-27 10:25:31 +01:00
Hossein Shafagh 3b258447db addressing Chad's feedbakc 2020-10-26 19:16:40 -07:00
Hossein Shafagh 1ef6139f9b ignore rotated certs, since there is a new cert that can be used 2020-10-26 18:34:21 -07:00
Hossein Shafagh 6a1b4b4857 ignore expired certs 2020-10-26 18:33:33 -07:00
Hossein Shafagh 709a9808aa better structure of the query and and removing ilike 2020-10-26 18:32:53 -07:00
sayali 392725ff30 Add description check in reissue unit test 2020-10-26 15:33:20 -07:00
csine-nflx 749aa772ba First change to get CNAME redirection working 2020-10-26 11:57:33 -07:00
Jasmine Schladen 3f765b51ef Fix sources and destinations, and allow actually updating the notification type 2020-10-26 11:27:40 -07:00
Hossein Shafagh 6723e3c80d now fixing the month to minute bug 2020-10-26 11:27:40 -07:00
Hossein Shafagh 3290d6634b fixing testing 2020-10-26 11:27:40 -07:00
Hossein Shafagh fa62023b2d fixing the time bug, sub-second to second, and month to minute! 2020-10-26 11:27:40 -07:00
Emmanuel Garette d7478a5c5c use an alternative logger for the upgrade 2020-10-25 19:24:17 +01:00
Hossein Shafagh f6554a9a1e typo, fixing abstract class complaints 2020-10-23 18:03:55 -07:00
Hossein Shafagh 0e02abbb37 Entrust just looks into CSR for RSA/EC key type 2020-10-23 18:03:27 -07:00
Hossein Shafagh 9957120a7f adding missing import 2020-10-23 18:03:07 -07:00
Hossein Shafagh 7e573d6d51 fixing typo 2020-10-23 18:02:54 -07:00
Hossein Shafagh 6891077501 readability 2020-10-23 18:02:35 -07:00
Hossein Shafagh 75bc3a5b20 refactoring and adding retry 2020-10-23 18:02:05 -07:00
Hossein Shafagh d233490c8a simple retry 2020-10-23 18:01:14 -07:00
Hossein Shafagh 2c1e7b19a2 10x 10s delay might be too long for the load balancer request 2020-10-23 17:59:58 -07:00
sayali 2c22d42a57 Modify description during reissue 
Include the certificate ID being reissued and mention that this is created by Lemur as part of reissue
 2020-10-23 17:07:14 -07:00
Hossein Shafagh 3d83db6f8f
Merge branch 'master' into expanding-S3-plugin 2020-10-23 14:13:30 -07:00
Hossein Shafagh 30915d30be
Merge branch 'master' into log_update 2020-10-23 14:13:17 -07:00
Hossein Shafagh 01bd357b1c
Merge branch 'master' into sns 2020-10-23 11:38:35 -07:00
Hossein Shafagh 1495fb3595 now fixing the month to minute bug 2020-10-23 10:18:24 -07:00
Hossein Shafagh bc6fb02fc2 fixing testing 2020-10-23 10:16:38 -07:00
Hossein Shafagh e01863097b fixing the time bug, sub-second to second, and month to minute! 2020-10-23 10:16:23 -07:00
Jasmine Schladen a5cea4fb9a Skip revoked certs when looking for certs to notify 2020-10-23 09:42:03 -07:00
Jasmine Schladen 233f9768e8 Fix error handling 2020-10-23 09:35:46 -07:00
Jasmine Schladen 98962ae5f5
Merge branch 'master' into sns 2020-10-23 08:50:26 -07:00
Hossein Shafagh 41ac43013d
Merge branch 'master' into notification-plugin-field-fix 2020-10-23 08:43:29 -07:00
Hossein Shafagh 2b274f723a
Merge branch 'master' into improved-logging 2020-10-23 07:59:30 -07:00
Jasmine Schladen 71df6b8560 Fix plugin field on notification edit 2020-10-22 18:15:26 -07:00
Hossein Shafagh 8610af8b83
more precise language 2020-10-22 17:54:46 -07:00
Hossein Shafagh 820106e333
Merge branch 'master' into expanding-S3-plugin 2020-10-22 17:35:20 -07:00
Hossein Shafagh 9ce0010bf1 handle_respone can also handle the no data response 2020-10-22 17:33:39 -07:00
Hossein Shafagh cf87e178c8 making lint happy 2020-10-22 17:33:02 -07:00
Hossein Shafagh 97f80b79dc adjusting digicert test to support seconds 2020-10-22 17:23:33 -07:00
Hossein Shafagh 9acd974b74 fixing the test to support seconds 2020-10-22 17:20:47 -07:00
Hossein Shafagh ae1e9d120b consistent messaging 2020-10-22 17:13:58 -07:00
Hossein Shafagh 2e7652962c refactoring of the error handling 2020-10-22 17:11:02 -07:00
Hossein Shafagh 1c96ea9ab1 better messaging of exceptions 2020-10-22 17:10:32 -07:00
Hossein Shafagh 02c040865d more meaningful message 2020-10-22 16:05:29 -07:00
Hossein Shafagh 8fa90a2ce5 digicert expects also seconds, though not yet honoring it 2020-10-22 16:01:09 -07:00
Hossein Shafagh c60645bec4 improved logging for all responses 2020-10-22 16:00:26 -07:00
Hossein Shafagh c2fe2b5e03 improved logging for all responses 2020-10-22 15:59:59 -07:00
Hossein Shafagh 03d1af16e7 better logging for exceptions around all plugins 2020-10-22 15:59:38 -07:00
Hossein Shafagh 2b876f22a5
Merge branch 'master' into log_update 2020-10-22 12:00:51 -07:00
Hossein Shafagh 2e7e3a82fa
Update cli.py 
logging in exception
 2020-10-22 11:57:54 -07:00
Hossein Shafagh c40ecd12cb improved naming 2020-10-22 10:58:16 -07:00
Hossein Shafagh 2cc03088cd creating a celery task 2020-10-21 19:53:08 -07:00
Hossein Shafagh a4dba0cb35 creating a cli to handle entrust deactivation 2020-10-21 19:52:51 -07:00
Hossein Shafagh 906b3b2337 better handling of status code 2020-10-21 19:52:25 -07:00
Hossein Shafagh 92eec5cc9c revocation should only check for not expired and not revoked certs 2020-10-21 18:52:55 -07:00
Hossein Shafagh adf8f37718
Merge branch 'master' into log_update 2020-10-21 16:03:46 -07:00
sayali 43483cb1c7 Check if present - Organization, State, Country 2020-10-21 15:44:53 -07:00
sayali 757e190b60 Check if OU and L is present in subject 
fixing index out of range
 2020-10-21 12:11:41 -07:00
Emmanuel Garette 9374adaa46 do not create db_upgrade.log during migrations 2020-10-21 11:17:54 +02:00
sayali 4997165235 Removing ECC 192 and 521 from UI 
not CAB supported. Keeping 521 for authority
 2020-10-20 17:59:50 -07:00
sayali 01dddd2a55 iterate over subject details 2020-10-20 17:17:28 -07:00
sayali 788703ce12 Fix cert reissue when L/OU is not set 
get_certificate_primitives complains with None L/OU
 2020-10-20 16:44:17 -07:00
Jasmine Schladen 1fc9cd2ff8
Merge branch 'master' into sns 2020-10-20 12:13:51 -07:00
Jasmine Schladen 4f552cb636 Code cleanup 2020-10-20 12:02:36 -07:00
Jasmine Schladen d6075ebc11 Merge 2020-10-20 11:48:54 -07:00
sayali 855baadfee Show only few supported ECC algorithms on UI 2020-10-19 17:42:52 -07:00
Jasmine Schladen 669a4273c2 Merge branch 'master' of github.com:jtschladen/lemur into sns 2020-10-19 16:29:33 -07:00
Jasmine Schladen b5f0fc5a19 Fix syntax error 2020-10-19 15:21:34 -07:00
Jasmine Schladen ecd4d6ebe3 Change string formatting pattern 2020-10-19 15:12:48 -07:00
Hossein Shafagh af3afe36e1
Merge branch 'master' into expanding-S3-plugin 2020-10-19 14:23:01 -07:00
Jasmine Schladen e90b08b363 Correct typo and enable Slack notification test 2020-10-16 17:08:44 -07:00
Jasmine Schladen 6a1889787d Correct log attributes 2020-10-16 16:30:21 -07:00
Jasmine Schladen 2c92fc6eb9 Merge branch 'notification-fixes' of github.com:jtschladen/lemur into notification-fixes 2020-10-16 16:22:28 -07:00
Jasmine Schladen 072b337f37 Restructure log messages 2020-10-16 16:21:43 -07:00
Jasmine Schladen fe5d75c7f8
Merge branch 'master' into notification-fixes 2020-10-16 15:20:42 -07:00
Jasmine Schladen 60bb0037f0 Miscellaneous notification fixes and tests 2020-10-16 15:13:12 -07:00
Hossein Shafagh dbdfa9eab8
Merge branch 'master' into expanding-S3-plugin 2020-10-16 11:35:38 -07:00
Jasmine Schladen a04cce6044 Initial implementation 2020-10-16 10:40:11 -07:00
Hossein Shafagh 503530e935 the test requires region param for sts 2020-10-16 10:32:10 -07:00
Hossein Shafagh 11ce540246 formatting 2020-10-16 10:31:19 -07:00
Hossein Shafagh 9c04a888d8 adjusting the S3 test 2020-10-16 09:52:04 -07:00
Hossein Shafagh 17e528b5dd adding testing for acme_upload method 2020-10-16 09:50:35 -07:00
Hossein Shafagh d705e3ae3b expanding the S3 destination plugin to support the acme token upload inteface 2020-10-16 09:49:56 -07:00
Hossein Shafagh 7d8eb1c61e improving test 2020-10-16 09:49:26 -07:00
Hossein Shafagh 6aad37e1f9 cleaning up code 2020-10-16 09:49:00 -07:00
Hossein Shafagh d73db59d23 revsering removing region 2020-10-16 09:48:47 -07:00
Hossein Shafagh ab91d58a03
Merge branch 'master' into cab_compliant 2020-10-16 08:33:04 -07:00
Mathias Petermann 55658c5f23 Add double % for escaped SQLALCHEMY_DATABASE_URI 2020-10-16 10:43:52 +02:00
Hossein Shafagh bfe89e131e adding delete and put interfaces for the S3 plugin 2020-10-15 18:13:50 -07:00
sayali 9dc476f393 Use cab_compliant option instead of authority name list 2020-10-15 10:44:46 -07:00
sayali f38380d156 Check if option is present 2020-10-14 17:38:32 -07:00
sayali 4d5e712e85 Remove option reset from test 2020-10-14 15:40:23 -07:00
sayali ee1d07000a Test subject details in reissue with cab_compliant option 2020-10-14 14:49:53 -07:00
sayali 90839b4d4b Unit test for cab_compliant = true 2020-10-14 14:49:53 -07:00
sayali 62d099b500 Unit tests to check cab_compliant option 2020-10-14 12:41:56 -07:00
Hossein Shafagh 409e12a9d6
Update models.py 
lint
 2020-10-14 10:03:44 -07:00
Hossein Shafagh 894e35b4e2
Update schemas.py 
minor language
 2020-10-14 09:48:40 -07:00
Hossein Shafagh 97cf54433b
Update models.py 
language
 2020-10-14 09:45:13 -07:00
sayali 82dd663942 Moving default key_type to getDefaults 2020-10-13 19:40:32 -07:00
sayali 28381737dc Removed OU from digicert plugin 2020-10-13 19:40:15 -07:00
sayali b677e6e325 Copy subject details for non-CAB-compliant authorities 2020-10-13 19:40:01 -07:00
Hossein Shafagh 5db1d31668
Merge branch 'master' into removing-outdated-language 2020-10-12 10:22:53 -07:00
Mathias Petermann 817fc3f0fe
Merge branch 'master' into feature/store-acme-account-details 2020-10-11 14:37:31 +02:00
Hossein Shafagh 4c7b429001
Merge branch 'master' into ui_changes 2020-10-09 18:05:33 -07:00
Hossein Shafagh 770339f94c cleaning up outdated phrases 2020-10-09 18:04:16 -07:00
sayali fb4df8865b Formatting changes and typo 2020-10-09 17:58:03 -07:00
Hossein Shafagh 0fc050e17b
Merge branch 'master' into dymanic-digicert-ICAs 2020-10-09 17:53:54 -07:00
Hossein Shafagh 475833e8e1
Merge branch 'master' into ui_changes 2020-10-09 17:53:43 -07:00
Hossein Shafagh 198e20ce4f
Merge branch 'master' into dymanic-digicert-ICAs 2020-10-09 17:49:33 -07:00
Hossein Shafagh d4819440af
Merge branch 'master' into entrust-plugin 2020-10-09 17:47:01 -07:00
sayali d52e0d4e09 Certificate edit: update role and notification with owner change 2020-10-09 16:55:30 -07:00
Hossein Shafagh 42e9b8b627 removing the intermediary from being optional 2020-10-09 15:40:25 -07:00
sirferl e67fc09bc8 Merge branch 'entrust-plugin' of github.com:sirferl/lemur into entrust-plugin 2020-10-09 12:11:41 +02:00
sirferl 5a968ffe63 Lint errors 2020-10-09 12:05:57 +02:00
sirferl cc02a0adb0
Merge branch 'master' into entrust-plugin 2020-10-09 11:56:47 +02:00
sirferl d43e240a2a dded ELIF at determine_end_date, becuase of error. 2020-10-09 11:41:44 +02:00
sirferl a6a4f458e0 added Tests and removed problems in test-setup 2020-10-09 11:35:04 +02:00
sayali d5ce38bf71 lint error fix - remove whitespace 2020-10-08 12:50:30 -07:00
sayali 8928e04385 Fix disable notify 2020-10-08 11:38:52 -07:00
Hossein Shafagh 1a270cd315 switching from static DigiCert ICAs to dynamic ones to support: 
https://knowledge.digicert.com/alerts/DigiCert-ICA-Update.html
 2020-10-07 20:06:20 -07:00
Hossein Shafagh 4f696abb5d adding util method to convert PKCS7 to pem 2020-10-07 20:03:46 -07:00
sayali b7d0e62844 Make location optional 
Remove form validation and default value in input schema
 2020-10-07 13:31:23 -07:00
Mathias Petermann 57534d86cd Disable account saving by default 2020-10-07 12:28:22 +02:00
Mathias Petermann 8353396940 Improve tests 2020-10-07 12:28:22 +02:00
Mathias Petermann 9abd3e97e7 Add test loading acme account from authority 2020-10-07 12:28:22 +02:00
Mathias Petermann bf66de0bfd Add Test for saving the accound details 2020-10-07 12:28:22 +02:00
Mathias Petermann e0708410d0 Add store_account value to options in test_setup_acme_client_success 2020-10-07 12:28:22 +02:00
Mathias Petermann 7e6fb740b3 Fix flake8/linting errors 2020-10-07 12:28:22 +02:00
Mathias Petermann eed628dbab Implement storage of acme account 2020-10-07 12:28:22 +02:00
Mathias Petermann 898b5da661 Add store_account option to acme plugin 2020-10-07 12:28:22 +02:00
Mathias Petermann e64e2a41d5 Add update_options to authorities service 2020-10-07 12:28:22 +02:00
sayali c72661a87f Removing hardcoded name 2020-10-06 18:50:37 -07:00
sayali 6b96aefa21 Authority create: Email added to subject DN for cloudCA 2020-10-06 18:35:28 -07:00
sayali ea513f465f Remove bit length check from last query 2020-09-29 16:33:10 -07:00
sayali b9100dbf29 Merge branch 'master' of github.com:Netflix/lemur into key_type_column 2020-09-29 10:25:54 -07:00
Mathias Petermann d7fc84f6e9 Fix dns-providers type missing from schema 2020-09-29 14:36:31 +02:00
sayali aaff0f7581 Fixing UT for key_type on upload schema 2020-09-28 19:03:21 -07:00
sayali 7a226241db Add key_type to CertificateUploadInputSchema 
Parse cert body to determine algo
 2020-09-28 18:13:00 -07:00
Hossein Shafagh 96eada297f
lint 2020-09-28 14:40:56 -07:00
Hossein Shafagh 0fa136e7a4
Merge branch 'master' into remove-test-secrets 2020-09-25 17:19:39 -07:00
Hossein Shafagh 8f1c966079
Merge branch 'master' into remove-test-secrets 2020-09-25 12:48:28 -07:00