def test_send_expiration_notification(certificate, notification, notification_plugin): from lemur.notifications.messaging import send_expiration_notifications notification.options = [{'name': 'interval', 'value': 10}, {'name': 'unit', 'value': 'days'}] certificate.notifications.append(notification) delta = certificate.not_after - timedelta(days=10) with freeze_time(delta.datetime): sent = send_expiration_notifications() assert sent == 1 certificate.notify = False sent = send_expiration_notifications() assert sent == 0
def test_send_expiration_notification_slack_disabled(): from lemur.notifications.messaging import send_expiration_notifications prepare_test() # though email is not disabled, we don't send the owner/security notifications via email if # the main notification's plugin is disabled assert send_expiration_notifications([], ['slack-notification']) == (0, 0)
def test_send_expiration_notification(): from lemur.notifications.messaging import send_expiration_notifications verify_sender_email( ) # emails are sent to owner and security; SNS only used for configured notification topic_arn, sqs_client, queue_url = create_and_subscribe_to_topic() notification = NotificationFactory(plugin_name="aws-sns") notification.options = get_options() now = arrow.utcnow() in_ten_days = now + timedelta( days=10, hours=1) # a bit more than 10 days since we'll check in the future certificate = CertificateFactory() certificate.not_after = in_ten_days certificate.notifications.append(notification) assert send_expiration_notifications([], []) == (3, 0 ) # owner, SNS, and security received_messages = sqs_client.receive_message( QueueUrl=queue_url)["Messages"] assert len(received_messages) == 1 expected_message = format_message( certificate_notification_output_schema.dump(certificate).data, "expiration", notification.options) actual_message = json.loads(received_messages[0]["Body"])["Message"] assert actual_message == expected_message
def expirations(exclude): """ Runs Lemur's notification engine, that looks for expired certificates and sends notifications out to those that have subscribed to them. Every certificate receives notifications by default. When expiration notifications are handled outside of Lemur we exclude their names (or matching) from expiration notifications. It performs simple subset matching and is case insensitive. :return: """ status = FAILURE_METRIC_STATUS try: print("Starting to notify subscribers about expiring certificates!") success, failed = send_expiration_notifications(exclude) print( "Finished notifying subscribers about expiring certificates! Sent: {success} Failed: {failed}".format( success=success, failed=failed ) ) status = SUCCESS_METRIC_STATUS except Exception as e: sentry.captureException() metrics.send('expiration_notification_job', 'counter', 1, metric_tags={'status': status})
def expirations(exclude, disabled_notification_plugins): """ Runs Lemur's notification engine, that looks for expiring certificates and sends notifications out to those that have subscribed to them. Every certificate receives notifications by default. When expiration notifications are handled outside of Lemur we exclude their names (or matching) from expiration notifications. It performs simple subset matching and is case insensitive. :return: """ status = FAILURE_METRIC_STATUS try: print("Starting to notify subscribers about expiring certificates!") success, failed = send_expiration_notifications( exclude, disabled_notification_plugins) print( f"Finished notifying subscribers about expiring certificates! Sent: {success} Failed: {failed}" ) status = SUCCESS_METRIC_STATUS except Exception as e: sentry.captureException() metrics.send("expiration_notification_job", "counter", 1, metric_tags={"status": status})
def test_send_expiration_notification_with_no_notifications( certificate, notification, notification_plugin): from lemur.notifications.messaging import send_expiration_notifications delta = certificate.not_after - timedelta(days=10) with freeze_time(delta.datetime): assert send_expiration_notifications([], []) == (0, 0)
def test_send_expiration_notification(certificate, notification, notification_plugin): from lemur.notifications.messaging import send_expiration_notifications certificate.notifications.append(notification) certificate.notifications[0].options = [{'name': 'interval', 'value': 10}, {'name': 'unit', 'value': 'days'}] delta = certificate.not_after - timedelta(days=10) with freeze_time(delta.datetime): assert send_expiration_notifications([]) == (2, 0)
def test_send_expiration_notification_both_disabled(): from lemur.notifications.messaging import send_expiration_notifications topic_arn, sqs_client, queue_url = create_and_subscribe_to_topic() prepare_test() assert send_expiration_notifications([], ['aws-sns', 'email-notification']) == (0, 0) received_messages = sqs_client.receive_message(QueueUrl=queue_url) assert "Messages" not in received_messages
def expirations(): """ Runs Lemur's notification engine, that looks for expired certificates and sends notifications out to those that have subscribed to them. :return: """ print("Starting to notify subscribers about expiring certificates!") count = send_expiration_notifications() print( "Finished notifying subscribers about expiring certificates! Sent {count} notifications!" .format(count=count))
def expirations(): """ Runs Lemur's notification engine, that looks for expired certificates and sends notifications out to those that have subscribed to them. :return: """ print("Starting to notify subscribers about expiring certificates!") success, failed = send_expiration_notifications() print( "Finished notifying subscribers about expiring certificates! Sent: {success} Failed: {failed}" .format(success=success, failed=failed))
def test_send_expiration_notification_sns_disabled(): from lemur.notifications.messaging import send_expiration_notifications topic_arn, sqs_client, queue_url = create_and_subscribe_to_topic() prepare_test() # though email is not disabled, we don't send the owner/security notifications via email if # the main notification's plugin is disabled assert send_expiration_notifications([], ['aws-sns']) == (0, 0) received_messages = sqs_client.receive_message(QueueUrl=queue_url) assert "Messages" not in received_messages
def test_send_expiration_notification_email_disabled(): from lemur.notifications.messaging import send_expiration_notifications topic_arn, sqs_client, queue_url = create_and_subscribe_to_topic() notification, certificate = prepare_test() assert send_expiration_notifications([], ['email-notification']) == (1, 0) # SNS only received_messages = sqs_client.receive_message(QueueUrl=queue_url)["Messages"] assert len(received_messages) == 1 expected_message = format_message(certificate_notification_output_schema.dump(certificate).data, "expiration", notification.options) actual_message = json.loads(received_messages[0]["Body"])["Message"] assert actual_message == expected_message
def test_send_expiration_notification(certificate, notification, notification_plugin): from lemur.notifications.messaging import send_expiration_notifications verify_sender_email() certificate.notifications.append(notification) certificate.notifications[0].options = [ {"name": "interval", "value": 10}, {"name": "unit", "value": "days"}, ] delta = certificate.not_after - timedelta(days=10) with freeze_time(delta.datetime): # this will only send owner and security emails (no additional recipients), # but it executes 3 successful send attempts assert send_expiration_notifications([]) == (3, 0)
def test_send_expiration_notification(): from lemur.notifications.messaging import send_expiration_notifications verify_sender_email() # emails are sent to owner and security; Slack only used for configured notification notification = NotificationFactory(plugin_name="slack-notification") notification.options = get_options() now = arrow.utcnow() in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future certificate = CertificateFactory() certificate.not_after = in_ten_days certificate.notifications.append(notification) assert send_expiration_notifications([]) == (3, 0) # owner, Slack, and security
def test_send_expiration_notification(certificate, notification, notification_plugin): from lemur.notifications.messaging import send_expiration_notifications certificate.notifications.append(notification) certificate.notifications[0].options = [{ 'name': 'interval', 'value': 10 }, { 'name': 'unit', 'value': 'days' }] delta = certificate.not_after - timedelta(days=10) with freeze_time(delta.datetime): assert send_expiration_notifications() == (2, 0)
def test_send_expiration_notification(): from lemur.notifications.messaging import send_expiration_notifications notification = NotificationFactory(plugin_name="slack-notification") notification.options = get_options() now = arrow.utcnow() in_ten_days = now + timedelta( days=10, hours=1) # a bit more than 10 days since we'll check in the future certificate = CertificateFactory() certificate.not_after = in_ten_days certificate.notifications.append(notification) assert send_expiration_notifications([]) == (2, 0)
def test_send_expiration_notification_no_security_team(): from lemur.notifications.messaging import send_expiration_notifications from lemur.tests.factories import CertificateFactory from lemur.tests.factories import NotificationFactory now = arrow.utcnow() in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future certificate = CertificateFactory(name="TEST1") notification = NotificationFactory(plugin_name="email-notification") certificate.not_after = in_ten_days certificate.notifications.append(notification) certificate.notifications[0].options = get_options() verify_sender_email() assert send_expiration_notifications([], [], True) == (3, 0) # owner (1) and recipients (2)
def test_send_expiration_notification_disabled(): from lemur.notifications.messaging import send_expiration_notifications from lemur.tests.factories import CertificateFactory from lemur.tests.factories import NotificationFactory now = arrow.utcnow() in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future certificate = CertificateFactory() notification = NotificationFactory(plugin_name="email-notification") certificate.not_after = in_ten_days certificate.notifications.append(notification) certificate.notifications[0].options = get_options() verify_sender_email() assert send_expiration_notifications([], ['email-notification']) == (0, 0)
def expirations(exclude): """ Runs Lemur's notification engine, that looks for expired certificates and sends notifications out to those that have subscribed to them. Every certificate receives notifications by default. When expiration notifications are handled outside of Lemur we exclude their names (or matching) from expiration notifications. It performs simple subset matching and is case insensitive. :return: """ print("Starting to notify subscribers about expiring certificates!") success, failed = send_expiration_notifications(exclude) print( "Finished notifying subscribers about expiring certificates! Sent: {success} Failed: {failed}" .format(success=success, failed=failed))
def test_send_expiration_notification(): from lemur.notifications.messaging import send_expiration_notifications from lemur.tests.factories import CertificateFactory from lemur.tests.factories import NotificationFactory now = arrow.utcnow() in_ten_days = now + timedelta(days=10, hours=1) # a bit more than 10 days since we'll check in the future certificate = CertificateFactory() notification = NotificationFactory(plugin_name="email-notification") certificate.not_after = in_ten_days certificate.notifications.append(notification) certificate.notifications[0].options = get_options() verify_sender_email() # exclude "TEST1" certs so we don't pick up certs from the last test tests assert send_expiration_notifications(["TEST1"], []) == (4, 0) # owner (1), recipients (2), and security (1)
def test_send_expiration_notification(certificate, notification, notification_plugin): from lemur.notifications.messaging import send_expiration_notifications certificate.notifications.append(notification) certificate.notifications[0].options = [ { "name": "interval", "value": 10 }, { "name": "unit", "value": "days" }, ] delta = certificate.not_after - timedelta(days=10) with freeze_time(delta.datetime): assert send_expiration_notifications([]) == (2, 0)
def expirations(exclude): """ Runs Lemur's notification engine, that looks for expired certificates and sends notifications out to those that have subscribed to them. Every certificate receives notifications by default. When expiration notifications are handled outside of Lemur we exclude their names (or matching) from expiration notifications. It performs simple subset matching and is case insensitive. :return: """ print("Starting to notify subscribers about expiring certificates!") success, failed = send_expiration_notifications(exclude) print( "Finished notifying subscribers about expiring certificates! Sent: {success} Failed: {failed}".format( success=success, failed=failed ) )
def test_send_expiration_notification_email_disabled(certificate, notification, notification_plugin): from lemur.notifications.messaging import send_expiration_notifications verify_sender_email() certificate.notifications.append(notification) certificate.notifications[0].options = [ { "name": "interval", "value": 10 }, { "name": "unit", "value": "days" }, ] delta = certificate.not_after - timedelta(days=10) with freeze_time(delta.datetime): # no notifications sent since the "test-notification" plugin is disabled assert send_expiration_notifications([], ['test-notification']) == (0, 0)
def test_send_expiration_notification(): from lemur.notifications.messaging import send_expiration_notifications prepare_test() assert send_expiration_notifications([], []) == (3, 0) # owner, Slack, and security
def test_send_expiration_notification_with_no_notifications(certificate, notification, notification_plugin): from lemur.notifications.messaging import send_expiration_notifications delta = certificate.not_after - timedelta(days=10) with freeze_time(delta.datetime): assert send_expiration_notifications([]) == (0, 0)
def test_send_expiration_notification_both_disabled(): from lemur.notifications.messaging import send_expiration_notifications prepare_test() assert send_expiration_notifications([], ['slack-notification', 'email-notification']) == (0, 0)
def test_send_expiration_notification_email_disabled(): from lemur.notifications.messaging import send_expiration_notifications prepare_test() assert send_expiration_notifications([], ['email-notification']) == (1, 0) # Slack only