def queue_all_deprovision_tasks_for_operation(operation_id: int, correlation_id: str): if correlation_id is None: raise RuntimeError("correlation_id must be set") if operation_id is None: raise RuntimeError("operation_id must be set") task_pipeline = (route53.remove_ALIAS_records.s( operation_id, correlation_id=correlation_id).then( route53.remove_TXT_records, operation_id, correlation_id=correlation_id).then( cloudfront.disable_distribution, operation_id, correlation_id=correlation_id).then( cloudfront.wait_for_distribution_disabled, operation_id, correlation_id=correlation_id, ).then( cloudfront.delete_distribution, operation_id=operation_id, correlation_id=correlation_id, ).then(iam.delete_server_certificate, operation_id, correlation_id=correlation_id).then( finalize.deprovision, operation_id, correlation_id=correlation_id)) huey.enqueue(task_pipeline)
def queue_all_migration_deprovision_tasks_for_operation( operation_id: int, correlation_id: str ): if correlation_id is None: raise RuntimeError("correlation_id must be set") if operation_id is None: raise RuntimeError("operation_id must be set") correlation = {"correlation_id": correlation_id} task_pipeline = update_operations.deprovision.s(operation_id, **correlation) huey.enqueue(task_pipeline)
def queue_all_cdn_renewal_tasks_for_operation(operation_id, **kwargs): correlation = {"correlation_id": "Renewal"} task_pipeline = ( letsencrypt.generate_private_key.s(operation_id, **correlation) .then(letsencrypt.initiate_challenges, operation_id, **correlation) .then(route53.create_TXT_records, operation_id, **correlation) .then(route53.wait_for_changes, operation_id, **correlation) .then(letsencrypt.answer_challenges, operation_id, **correlation) .then(letsencrypt.retrieve_certificate, operation_id, **correlation) .then(iam.upload_server_certificate, operation_id, **correlation) .then(cloudfront.update_certificate, operation_id, **correlation) .then(iam.delete_previous_server_certificate, operation_id, **correlation) .then(update_operations.provision, operation_id, **correlation) ) huey.enqueue(task_pipeline)
def queue_all_provision_tasks_for_operation(operation_id: int, correlation_id: str): if correlation_id is None: raise RuntimeError("correlation_id must be set") if operation_id is None: raise RuntimeError("operation_id must be set") task_pipeline = (letsencrypt.create_user.s( operation_id, correlation_id=correlation_id).then( letsencrypt.generate_private_key, operation_id, correlation_id=correlation_id, ).then(letsencrypt.initiate_challenges, operation_id, correlation_id=correlation_id).then( route53.create_TXT_records, operation_id, correlation_id=correlation_id).then( route53.wait_for_changes, operation_id, correlation_id=correlation_id).then( letsencrypt.answer_challenges, operation_id, correlation_id=correlation_id).then( letsencrypt.retrieve_certificate, operation_id, correlation_id=correlation_id, ).then( iam.upload_server_certificate, operation_id, correlation_id=correlation_id).then( cloudfront.create_distribution, operation_id, correlation_id=correlation_id).then( cloudfront.wait_for_distribution, operation_id, correlation_id=correlation_id, ).then( route53.create_ALIAS_records, operation_id, correlation_id=correlation_id).then( route53.wait_for_changes, operation_id, correlation_id=correlation_id).then( finalize.provision, operation_id, correlation_id=correlation_id)) huey.enqueue(task_pipeline)
def queue_all_alb_deprovision_tasks_for_operation( operation_id: int, correlation_id: str ): if correlation_id is None: raise RuntimeError("correlation_id must be set") if operation_id is None: raise RuntimeError("operation_id must be set") correlation = {"correlation_id": correlation_id} task_pipeline = ( update_operations.cancel_pending_provisioning.s(operation_id, **correlation) .then(route53.remove_ALIAS_records, operation_id, **correlation) .then(route53.remove_TXT_records, operation_id, **correlation) .then(alb.remove_certificate_from_alb, operation_id, **correlation) .then(iam.delete_server_certificate, operation_id, **correlation) .then(update_operations.deprovision, operation_id, **correlation) ) huey.enqueue(task_pipeline)
def cdn_instance_needing_renewal(clean_db, tasks): """ create a cdn service instance that needs renewal. This includes walking it through the first few ACME steps to create a user so we can reuse that user. """ renew_service_instance = CDNServiceInstanceFactory.create( id="4321", domain_names=["example.com", "foo.com"], domain_internal="fake1234.cloudfront.net", route53_alias_hosted_zone="Z2FDTNDATAQYW2", cloudfront_distribution_id="FakeDistributionId", cloudfront_origin_hostname="origin_hostname", ) current_cert = CertificateFactory.create( id=1001, service_instance=renew_service_instance, expires_at=datetime.now() + timedelta(days=29), iam_server_certificate_id="certificate_id", iam_server_certificate_name="certificate_name", iam_server_certificate_arn="certificate_arn", private_key_pem="SOMEPRIVATEKEY", ) renew_service_instance.current_certificate = current_cert db.session.add(renew_service_instance) db.session.add(current_cert) db.session.commit() db.session.expunge_all() # create an operation, since that's what our task pipelines know to look for operation = OperationFactory.create( service_instance=renew_service_instance) db.session.refresh(operation) db.session.commit() huey.enqueue(create_user.s(operation.id)) tasks.run_queued_tasks_and_enqueue_dependents() huey.enqueue(generate_private_key.s(operation.id)) tasks.run_queued_tasks_and_enqueue_dependents() # delete the operation to simplify checks on operations later db.session.delete(operation) db.session.commit() return renew_service_instance
def queue_all_cdn_update_tasks_for_operation(operation_id, correlation_id): correlation = {"correlation_id": correlation_id} task_pipeline = ( letsencrypt.generate_private_key.s(operation_id, **correlation) .then(letsencrypt.initiate_challenges, operation_id, **correlation) .then(route53.create_TXT_records, operation_id, **correlation) .then(route53.wait_for_changes, operation_id, **correlation) .then(letsencrypt.answer_challenges, operation_id, **correlation) .then(letsencrypt.retrieve_certificate, operation_id, **correlation) .then(iam.upload_server_certificate, operation_id, **correlation) .then(cloudfront.update_distribution, operation_id, **correlation) .then(cloudfront.wait_for_distribution, operation_id, **correlation) .then(route53.create_ALIAS_records, operation_id, **correlation) .then(route53.wait_for_changes, operation_id, **correlation) .then(iam.delete_previous_server_certificate, operation_id, **correlation) .then(update_operations.update_complete, operation_id, **correlation) ) huey.enqueue(task_pipeline)
def queue_all_alb_update_tasks_for_operation(operation_id, correlation_id): correlation = {"correlation_id": correlation_id} task_pipeline = ( letsencrypt.generate_private_key.s(operation_id, **correlation) .then(letsencrypt.initiate_challenges, operation_id, **correlation) .then(route53.create_TXT_records, operation_id, **correlation) .then(route53.wait_for_changes, operation_id, **correlation) .then(letsencrypt.answer_challenges, operation_id, **correlation) .then(letsencrypt.retrieve_certificate, operation_id, **correlation) .then(iam.upload_server_certificate, operation_id, **correlation) .then(alb.select_alb, operation_id, **correlation) .then(alb.add_certificate_to_alb, operation_id, **correlation) .then(route53.create_ALIAS_records, operation_id, **correlation) .then(route53.wait_for_changes, operation_id, **correlation) .then(alb.remove_certificate_from_previous_alb, operation_id, **correlation) .then(iam.delete_previous_server_certificate, operation_id, **correlation) .then(update_operations.provision, operation_id, **correlation) ) huey.enqueue(task_pipeline)
def queue_all_alb_provision_tasks_for_operation(operation_id: int, correlation_id: str): if correlation_id is None: raise RuntimeError("correlation_id must be set") if operation_id is None: raise RuntimeError("operation_id must be set") correlation = {"correlation_id": correlation_id} task_pipeline = ( letsencrypt.create_user.s(operation_id, **correlation) .then(letsencrypt.generate_private_key, operation_id, **correlation) .then(letsencrypt.initiate_challenges, operation_id, **correlation) .then(route53.create_TXT_records, operation_id, **correlation) .then(route53.wait_for_changes, operation_id, **correlation) .then(letsencrypt.answer_challenges, operation_id, **correlation) .then(letsencrypt.retrieve_certificate, operation_id, **correlation) .then(iam.upload_server_certificate, operation_id, **correlation) .then(alb.select_alb, operation_id, **correlation) .then(alb.add_certificate_to_alb, operation_id, **correlation) .then(route53.create_ALIAS_records, operation_id, **correlation) .then(route53.wait_for_changes, operation_id, **correlation) .then(update_operations.provision, operation_id, **correlation) ) huey.enqueue(task_pipeline)
def queue_all_cdn_broker_migration_tasks_for_operation(operation_id, correlation_id): correlation = {"correlation_id": correlation_id} task_pipeline = ( cloudfront.remove_s3_bucket_from_cdn_broker_instance.s( operation_id, **correlation ) .then(cloudfront.add_logging_to_bucket, operation_id, **correlation) .then(letsencrypt.create_user, operation_id, **correlation) .then(letsencrypt.generate_private_key, operation_id, **correlation) .then(letsencrypt.initiate_challenges, operation_id, **correlation) .then(route53.create_ALIAS_records, operation_id, **correlation) .then(route53.wait_for_changes, operation_id, **correlation) .then(route53.create_TXT_records, operation_id, **correlation) .then(route53.wait_for_changes, operation_id, **correlation) .then(letsencrypt.answer_challenges, operation_id, **correlation) .then(letsencrypt.retrieve_certificate, operation_id, **correlation) .then(iam.upload_server_certificate, operation_id, **correlation) .then(cloudfront.update_certificate, operation_id, **correlation) .then(iam.delete_previous_server_certificate, operation_id, **correlation) .then(update_operations.provision, operation_id, **correlation) ) huey.enqueue(task_pipeline)
def queue_all_domain_broker_migration_tasks_for_operation(operation_id, correlation_id): correlation = {"correlation_id": correlation_id} task_pipeline = ( letsencrypt.create_user.s(operation_id, **correlation) .then(letsencrypt.generate_private_key, operation_id, **correlation) .then(letsencrypt.initiate_challenges, operation_id, **correlation) # create alias records here is probably not necessary, but belt + suspenders .then(route53.create_ALIAS_records, operation_id, **correlation) .then(route53.wait_for_changes, operation_id, **correlation) .then(route53.create_TXT_records, operation_id, **correlation) .then(route53.wait_for_changes, operation_id, **correlation) .then(letsencrypt.answer_challenges, operation_id, **correlation) .then(letsencrypt.retrieve_certificate, operation_id, **correlation) .then(iam.upload_server_certificate, operation_id, **correlation) .then(alb.select_alb, operation_id, **correlation) .then(alb.add_certificate_to_alb, operation_id, **correlation) .then(route53.create_ALIAS_records, operation_id, **correlation) .then(route53.wait_for_changes, operation_id, **correlation) .then(alb.remove_certificate_from_previous_alb, operation_id, **correlation) .then(iam.delete_previous_server_certificate, operation_id, **correlation) .then(update_operations.provision, operation_id, **correlation) ) huey.enqueue(task_pipeline)