Infra/lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,349 Commits 4 Branches 45 Tags 7.5 MiB
cf3298d1ad
Commit Graph

1238 Commits

Author SHA1 Message Date
Gutttlt
71f43dfcc1
Fixing "'Role' object has no attribute 'set_third_party'" error. 2020-01-21 08:40:54 +01:00
Hossein Shafagh
acf531ece3
Merge branch 'master' into vault-k8s-auth 2020-01-20 15:18:29 -08:00
csine-nflx
3080a9527c adding PowerDNS get_zones functionality and unit tests 2020-01-17 18:29:37 -08:00
Hossein Shafagh
cb7507156c
Merge branch 'master' into vault-k8s-auth 2020-01-17 17:17:53 -08:00
Hossein Shafagh
d6f41b6a99 improving string formatting to avoid dangling white spaces and new lines 2020-01-16 13:45:13 -08:00
Hossein Shafagh
1ed6ae539d # possibility to default to a SIGNING_ALGORITHM for a given profile 2020-01-15 16:19:48 -08:00
jenkins-x-bot
cd7d9aee55 fixed lint error 2020-01-13 23:09:58 +02:00
jenkins-x-bot
8d957f22af changed file handling 2020-01-13 22:46:34 +02:00
jenkins-x-bot
cad56c813e fixed lint error 2020-01-12 01:51:48 +02:00
jenkins-x-bot
409b499217 added kubernetes auth for vault 2020-01-12 01:25:22 +02:00
Hossein Shafagh
348682d5ea
Merge branch 'master' into cfssl-key-fix 2020-01-09 10:44:02 -08:00
jenkins-x-bot
8be8c95b17 handled cfssl-key type error 2020-01-09 15:16:19 +02:00
Hossein Shafagh
1537d591a8 Improved messaging to point out to the Auto Rotate option for certificate issuance and renewal. 2020-01-08 14:42:16 -08:00
Hossein Shafagh
9b9662d470
Merge branch 'master' into master 2020-01-03 13:15:58 -08:00
pmelse
45c1207d07
Merge branch 'master' into master 2019-12-27 13:30:56 -05:00
pmelse
9fb4be1273
remove trailing whitespace 2019-12-27 13:25:03 -05:00
Ilya Labun
189e8b2725 Eliminate subqueries when showing certificates list 2019-12-20 10:37:47 +01:00
Jay Zarfoss
00a0a27826 used fixedName variable to transport db lookup optimization 2019-11-20 09:44:31 -08:00
Jay Zarfoss
113c9dd657 atlas redis plugin typo cleanup and better exception handling 2019-11-06 10:42:59 -08:00
Jay Zarfoss
f803fab413 add plugin to send atlas metric via redis 2019-11-06 10:14:49 -08:00
Hossein Shafagh
0d983bd2b5 missed edge case 2019-10-18 15:39:36 -07:00
Hossein Shafagh
f077b19126
Merge branch 'master' into master 2019-10-18 11:32:21 -07:00
Hossein Shafagh
06f4aed693 keeping track of certs found by hash 2019-10-18 11:21:29 -07:00
Hossein Shafagh
11f9920ff9
Merge branch 'master' into cert-sync-endpoint-find-by-hash 2019-10-18 11:08:51 -07:00
Hossein Shafagh
14e13b512e providing a count for conflicts 2019-10-18 11:03:28 -07:00
Hossein Shafagh
9037f88430 just in case the path varies 2019-10-18 11:02:41 -07:00
Hossein Shafagh
1768aad9e2 capturing no such entity exception. 2019-10-18 10:17:58 -07:00
Hossein Shafagh
8aea257e6a optimizing the call to describe cert to only the few certs with the naming issue 2019-10-18 09:24:49 -07:00
Hossein Shafagh
f075c5af3d in case no cert match via name-search, search via the cert itself (serial number, hash comparison) 2019-10-18 08:48:11 -07:00
Hossein Shafagh
d43e859c34 describing the cert for each endpoint, for better cert search 2019-10-18 08:46:01 -07:00
Hossein Shafagh
10b600424e refactoring searching for cert 2019-10-18 08:45:32 -07:00
Hossein Shafagh
b5ab87877b adding retry to acme setup client, since it can experience timeouts or other types of Connection Errors 2019-10-17 10:16:33 -07:00
pmelse
f0652ca6a9
bug fix for overwriting certificates 2019-10-10 15:49:31 -04:00
Hossein Shafagh
477db836f4 lint 2019-09-23 12:52:17 -07:00
Hossein Shafagh
86f661a8af With NLBs the DNS formatting has changed, which resulted in Lemur not getting the region correctly parsed 2019-09-23 12:36:08 -07:00
Hossein Shafagh
96b2149433 removing unintended commit 2019-09-20 15:22:45 -07:00
Hossein Shafagh
8c9a1df2cf
Merge branch 'master' into up-dependencies-20Sep2019 2019-09-20 15:19:25 -07:00
Hossein Shafagh
a13c45e9cc updating dependencies, and fixing the deprecated arrow.replaces to shift 2019-09-20 13:49:38 -07:00
Hossein Shafagh
972051a61e removing 3 and 4 years from validity range options 2019-09-20 10:16:23 -07:00
Hossein Shafagh
d0e8666267
Merge branch 'master' into better-metrics-endpoints 2019-08-21 10:01:00 -07:00
Hossein Shafagh
db91e48395 adding account number for better logging, since the endpoint is not available in Lemur DB 2019-08-21 09:54:18 -07:00
Javier Ramos
e5e395f0d9
Show number of found items in pager 
This commit does not involve any additional query as the data is already in API calls' responses
 2019-08-20 09:29:58 +02:00
Hossein Shafagh
9b04d901c4 metric for missing certificate from an endpoint 2019-08-15 19:14:08 -07:00
Curtis Castrapel
1c6fee7292 Allow better DNS autodetection for domains that directly match a DNS hosted zone 2019-08-15 10:52:26 -07:00
Hossein Shafagh
296a315a3e
Merge branch 'master' into soft_time_outs 2019-08-13 19:42:22 -07:00
Hossein Shafagh
2de3f287ab standardizing the timeouts to easier monitor any timeouts 2019-08-13 12:21:27 -07:00
Hossein Shafagh
6e17d36d76 typos 2019-08-13 12:16:23 -07:00
Hossein Shafagh
22c60fedad cosmetics 2019-08-13 12:11:04 -07:00
Hossein Shafagh
a3dfc3ef0a consistency 2019-08-13 11:58:58 -07:00
Hossein Shafagh
c29f282560 improved the flow for checking if the task is active 2019-08-13 11:52:56 -07:00
Hossein Shafagh
4d728738ee handling celery tasks without any arguments 2019-08-13 11:42:43 -07:00
Hossein Shafagh
07a9c56fb8 making lint happy 2019-08-13 09:35:57 -07:00
Hossein Shafagh
bf47f87c21 preventing celery duplicate tasks 2019-08-12 13:52:01 -07:00
Hossein Shafagh
5d4413e45c
Merge branch 'master' into ultradnsPlugin 2019-08-09 08:48:24 -07:00
Hossein Shafagh
83159c2417
Merge branch 'master' into multi-profile-digicert-plugin 2019-08-09 07:32:33 -07:00
Hossein Shafagh
da9c91afb4 fixing metric bug 2019-08-08 17:56:22 -07:00
Hossein Shafagh
3b9b94623f cleaning up 2019-08-07 18:06:59 -07:00
Hossein Shafagh
9a02230d63 adding soft time outs for celery 2019-08-07 17:48:06 -07:00
Kush Bavishi
d9aef2da3e Changed dummy nameserver value 2019-08-07 14:38:18 -07:00
Kush Bavishi
a97283f0a4 Fixed indentation 2019-08-07 14:23:09 -07:00
Kush Bavishi
a6bf081bec Remove unused import 2019-08-07 14:08:27 -07:00
Kush Bavishi
43f5c8b34e Fixed indentation 2019-08-07 14:08:06 -07:00
Kush Bavishi
cadf372f7b Removed hardcoded value from function call 2019-08-07 14:02:10 -07:00
Kush Bavishi
b4f4e4dc24 Added extra check for return value to test_create_txt_record 2019-08-07 13:55:02 -07:00
Kush Bavishi
fa7f71d859 Modified paginate response to dummy values 2019-08-07 13:53:10 -07:00
Kush Bavishi
3ff56fc595 Blank line removed 2019-08-07 13:42:11 -07:00
Kush Bavishi
894502644c test_wait_for_dns_change fixed! 2019-08-07 13:39:20 -07:00
Kush Bavishi
37a1b55b08 test_delete_txt_record changed to mock get_zone_name and return the value directly instead of executing the function. 2019-08-07 13:27:21 -07:00
Kush Bavishi
31c2d207a2 test_delete_txt_record fixed. Function call was missing earlier 2019-08-07 13:23:05 -07:00
Kush Bavishi
785c1ca73e test_create_txt_record modified - get_zone_name mocked to return the zone name directly, instead of actually running the function. 2019-08-07 13:20:24 -07:00
Kush Bavishi
f2cbddf9e2 Unit tests for get_zone_name, get_zones 2019-08-07 13:17:16 -07:00
Kush Bavishi
6e84e1fd59 Unit Tests for create_txt_record, delete_txt_record, wait_for_dns_change 2019-08-07 13:04:38 -07:00
Hossein Shafagh
ff1f73f985 fixing the plugin test to include authority 2019-08-07 12:05:36 -07:00
Hossein Shafagh
bbda9b1d6f making sure to handle when no config file provided, though we do a check for that 2019-08-07 12:05:13 -07:00
Hossein Shafagh
e2ea2ca4d1 providing sample config 2019-08-07 11:05:07 -07:00
Hossein Shafagh
b885cdf9d0 adding multi profile name support with DigiCert plug. 
This requires that the configs are a dict, with multiple entries, where the key is the name of the Authority used to issue certs with.

DIGICERT_CIS_PROFILE_NAMES = {"sha2-rsa-ecc-root": "ssl_plus"}
DIGICERT_CIS_ROOTS = {"root": "ROOT"}
DIGICERT_CIS_INTERMEDIATES = {"inter": "INTERMEDIATE_CA_CERT"}

Hence, in DB one need to add
1) the corresponding authority table, with digicert-cis-issuer. Note the names here are used to mapping in the above config
2) the corresponding intermediary in the certificate table , with root_aurhority_id set to the id of the new authority_id
 2019-08-07 10:24:38 -07:00
Kush Bavishi
a7c2b970b0 Unit testing Part 1 2019-08-05 14:00:22 -07:00
Hossein Shafagh
ad6c38960a
Merge branch 'master' into ultradnsPlugin 2019-07-31 16:05:36 -07:00
Kush Bavishi
2903799b85 Changed string formatting from "{}".format() to f"{}" for consistency 2019-07-31 14:19:49 -07:00
Hossein Shafagh
e8e4f826ea updating logging format 2019-07-31 13:09:31 -07:00
Kush Bavishi
5a401b2d87 Added the Zone class and Record class to ultradns.py and removed the respective files 2019-07-31 12:04:42 -07:00
Kush Bavishi
fe075dc9f5 Changed function comments to doc strings. 2019-07-31 12:00:31 -07:00
Kush Bavishi
503df999fa Updated metrics.send to send function named, followed by status, separated by a period 2019-07-31 11:32:04 -07:00
Kush Bavishi
11cd095131 Reduced the number of calls to get_public_authoritative_nameserver by using a variable 2019-07-31 11:12:28 -07:00
Kush Bavishi
3ba7fdbd49 Updated logger to log a dictionary instead of a string 2019-07-31 11:11:39 -07:00
Hossein Shafagh
0f591e9a3d
Merge branch 'master' into moving-cronjobs-to-celery-v2 2019-07-30 14:13:59 -07:00
Hossein Shafagh
6bf920e66c
Merge branch 'master' into ultradnsPlugin 2019-07-30 14:13:45 -07:00
Hossein Shafagh
7810095796
Merge branch 'master' into better-error-handling-dyn 2019-07-30 13:27:43 -07:00
Kush Bavishi
44bc562e8b
Update ultradns.py 
Minor logging changes in wait_for_dns_change
 2019-07-30 13:08:16 -07:00
Kush Bavishi
3d48b422b5 Removed TODO 2019-07-30 11:39:35 -07:00
Hossein Shafagh
a89cbe9332 moving all cron jobs to become celery jobs 2019-07-30 09:57:15 -07:00
Kush Bavishi
3ad791e1ec Dynamically obtain the authoritative nameserver for the domain 2019-07-29 18:01:28 -07:00
Kush Bavishi
e993194b4f Check ultraDNS authoritative server first. Upon success, check Googles DNS server. 2019-07-29 14:59:28 -07:00
Hossein Shafagh
adabe18c90 metric tags, to be able to track which domains where failing during the LetsEncrypt domain validation 2019-07-25 18:56:28 -07:00
Hossein Shafagh
429e6a967c better error handling for redis 2019-07-25 18:49:19 -07:00
Kush Bavishi
252410c6e9 Updated TTL from 300 to 5 2019-07-22 16:00:20 -07:00
Kush Bavishi
51f3b7dde0 Added the Record class for UltraDNS 2019-07-22 14:23:40 -07:00
Kush Bavishi
0b52aa8c59 Added Zone class to handle ultradns zones 2019-07-22 11:47:48 -07:00
Hossein Shafagh
36ebba6491 source is not dict 2019-07-18 15:16:01 -07:00
Kush Bavishi
e37a7c775e Initial commit for the UltraDNS plugin to support Lets Encrypt 2019-07-18 14:29:54 -07:00