def get(self, endpoint_id): """ .. http:get:: /endpoints/1 One endpoint **Example request**: .. sourcecode:: http GET /endpoints/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript **Example response**: .. sourcecode:: http HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript :reqheader Authorization: OAuth token to authenticate :statuscode 200: no error :statuscode 403: unauthenticated """ return service.get(endpoint_id)
def rotate_endpoint_remove_cert(self, endpoint_id, certificate_id): function = f"{__name__}.{sys._getframe().f_code.co_name}" logger = logging.getLogger(function) if self.request.retries > 0: logger.warning( f"Retrying rotate_endpoint_remove_cert task as it failed before (retry {self.request.retries} of {self.max_retries})" ) endpoint = endpoint_service.get(endpoint_id) certificate = certificate_service.get(certificate_id) if not endpoint: # note: this can happen if this is scheduled twice logger.warning( "Could not detach cert because endpoint does not exist - maybe this task was scheduled twice." ) return if not certificate: logger.warning( "Could not detach cert because certificate does not exist - maybe this task was scheduled twice." ) return with red.lock(endpoint.name.rsplit("/", 1)[0], blocking_timeout=10): endpoint.source.plugin.remove_certificate(endpoint, certificate.name) # sync source if not is_task_scheduled(sync_source, (endpoint.source.label, )): sync_source.delay(endpoint.source.label)
def rotate_endpoint(self, endpoint_id, **kwargs): function = f"{__name__}.{sys._getframe().f_code.co_name}" logger = logging.getLogger(function) endpoint = endpoint_service.get(endpoint_id) if not endpoint: logger.info(f"Skipping rotation,due to {endpoint_id} did not exist") return old_certificate_id = endpoint.certificate.id remove_cert_args = (endpoint_id, old_certificate_id) delay_before_removal = current_app.config.get( "CELERY_ROTATE_ENDPOINT_DELAY_BEFORE_DETACH", 60) if is_task_scheduled(rotate_endpoint_remove_cert.name, remove_cert_args): # the remove task has already been scheduled so we skip this turn logger.info( f"{rotate_endpoint_remove_cert.name}{str(remove_cert_args)} already scheduled." ) return new_cert = endpoint.certificate.replaced[0] new_cert_name = new_cert.name if self.request.retries > 0: extra_message = f"retry {self.request.retries} of {self.max_retries}" else: extra_message = None logger.info(f"Attaching {new_cert_name} to {endpoint.name}") # update with redis lock # will raise redis.exceptions.LockError Unable to acquire lock within the time specified with red.lock(endpoint.name.rsplit("/", 1)[0], blocking_timeout=10): endpoint.source.plugin.update_endpoint(endpoint, new_cert_name) # send notification taking notifications from both new and old certificate send_notifications( list(set(endpoint.certificate.notifications + new_cert.notifications)), "rotation", extra_message, endpoint=endpoint, ) # schedule a task to remove the old certificate logger.info( f"Scheduling {rotate_endpoint_remove_cert.name}{str(remove_cert_args)} to execute in {delay_before_removal} seconds." ) rotate_endpoint_remove_cert.apply_async(remove_cert_args, countdown=delay_before_removal) # sync source if not is_task_scheduled(sync_source, (endpoint.source.label, )): sync_source.delay(endpoint.source.label)