def test_format_nonexpiration(certificate, endpoint):
data = [certificate_notification_output_schema.dump(certificate).data]
for certificate in data:
expected_message = {
"notification_type":
"not-expiration",
"certificate_name":
certificate["name"],
"expires":
arrow.get(
certificate["validityEnd"]).format("YYYY-MM-DDTHH:mm:ss"),
"issuer":
certificate["issuer"],
"id":
certificate["id"],
"endpoints_detected":
0,
"owner":
certificate["owner"],
"details":
"https://lemur.example.com/#/certificates/{name}".format(
name=certificate["name"])
}
# We don't currently support any SNS notifications besides expiration;
# when we do, this test will probably need to be refactored.
# For now, this is a placeholder proving empty options works as long as it's not "expiration" type
assert expected_message == json.loads(
format_message(certificate, "not-expiration", None))
def test_format_expiration(certificate, endpoint):
data = [certificate_notification_output_schema.dump(certificate).data]
options = get_options()
for certificate in data:
expected_message = {
"notification_type":
"expiration",
"certificate_name":
certificate["name"],
"expires":
arrow.get(
certificate["validityEnd"]).format("YYYY-MM-DDTHH:mm:ss"),
"issuer":
certificate["issuer"],
"id":
certificate["id"],
"endpoints_detected":
0,
"owner":
certificate["owner"],
"details":
"https://lemur.example.com/#/certificates/{name}".format(
name=certificate["name"]),
"notification_interval_days":
10 # 10 days specified in options
}
assert expected_message == json.loads(
format_message(certificate, "expiration", options))
def test_send_expiration_notification():
from lemur.notifications.messaging import send_expiration_notifications
verify_sender_email(
) # emails are sent to owner and security; SNS only used for configured notification
topic_arn, sqs_client, queue_url = create_and_subscribe_to_topic()
notification = NotificationFactory(plugin_name="aws-sns")
notification.options = get_options()
now = arrow.utcnow()
in_ten_days = now + timedelta(
days=10,
hours=1) # a bit more than 10 days since we'll check in the future
certificate = CertificateFactory()
certificate.not_after = in_ten_days
certificate.notifications.append(notification)
assert send_expiration_notifications([],
[]) == (3, 0
) # owner, SNS, and security
received_messages = sqs_client.receive_message(
QueueUrl=queue_url)["Messages"]
assert len(received_messages) == 1
expected_message = format_message(
certificate_notification_output_schema.dump(certificate).data,
"expiration", notification.options)
actual_message = json.loads(received_messages[0]["Body"])["Message"]
assert actual_message == expected_message
def test_send_expiration_notification_email_disabled():
from lemur.notifications.messaging import send_expiration_notifications
topic_arn, sqs_client, queue_url = create_and_subscribe_to_topic()
notification, certificate = prepare_test()
assert send_expiration_notifications([], ['email-notification']) == (1, 0) # SNS only
received_messages = sqs_client.receive_message(QueueUrl=queue_url)["Messages"]
assert len(received_messages) == 1
expected_message = format_message(certificate_notification_output_schema.dump(certificate).data, "expiration",
notification.options)
actual_message = json.loads(received_messages[0]["Body"])["Message"]
assert actual_message == expected_message
def test_publish(certificate, endpoint):
data = [certificate_notification_output_schema.dump(certificate).data]
topic_arn, sqs_client, queue_url = create_and_subscribe_to_topic()
message_ids = publish(topic_arn, data, "expiration", get_options(), region_name="us-east-1")
assert len(message_ids) == len(data)
received_messages = sqs_client.receive_message(QueueUrl=queue_url)["Messages"]
for certificate in data:
expected_message_id = message_ids[certificate["name"]]
actual_message = next(
(m for m in received_messages if json.loads(m["Body"])["MessageId"] == expected_message_id), None)
actual_json = json.loads(actual_message["Body"])
assert actual_json["Message"] == format_message(certificate, "expiration", get_options())
assert actual_json["Subject"] == "Lemur: Expiration Notification"
