fix: Change status to pending when all SAN certs are taken up, disable root-domain ssl-cert provisioning for now
Change-Id: Ia12cacb9e0880d667eac891f6006b3c565e6166b
This commit is contained in:
parent
c0b370cd2e
commit
0db8c637c3
|
@ -18,6 +18,8 @@ import json
|
||||||
from poppy.distributed_task.taskflow.flow import create_ssl_certificate
|
from poppy.distributed_task.taskflow.flow import create_ssl_certificate
|
||||||
from poppy.distributed_task.taskflow.flow import delete_ssl_certificate
|
from poppy.distributed_task.taskflow.flow import delete_ssl_certificate
|
||||||
from poppy.manager import base
|
from poppy.manager import base
|
||||||
|
from poppy.model.helpers import domain
|
||||||
|
from poppy.transport.validators import helpers as validators
|
||||||
|
|
||||||
|
|
||||||
class DefaultSSLCertificateController(base.SSLCertificateController):
|
class DefaultSSLCertificateController(base.SSLCertificateController):
|
||||||
|
@ -31,6 +33,15 @@ class DefaultSSLCertificateController(base.SSLCertificateController):
|
||||||
self.flavor_controller = self._driver.storage.flavors_controller
|
self.flavor_controller = self._driver.storage.flavors_controller
|
||||||
|
|
||||||
def create_ssl_certificate(self, project_id, cert_obj):
|
def create_ssl_certificate(self, project_id, cert_obj):
|
||||||
|
|
||||||
|
if (not validators.is_valid_domain_name(cert_obj.domain_name)) or \
|
||||||
|
(validators.is_root_domain(
|
||||||
|
domain.Domain(cert_obj.domain_name).to_dict())):
|
||||||
|
# here created a http domain object but it does not matter http or
|
||||||
|
# https
|
||||||
|
raise ValueError('%s must be a valid non-root domain' %
|
||||||
|
cert_obj.domain_name)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
flavor = self.flavor_controller.get(cert_obj.flavor_id)
|
flavor = self.flavor_controller.get(cert_obj.flavor_id)
|
||||||
# raise a lookup error if the flavor is not found
|
# raise a lookup error if the flavor is not found
|
||||||
|
|
|
@ -551,10 +551,12 @@ class ServiceController(base.ServiceBase):
|
||||||
self.mod_san_queue.enqueue_mod_san_request(
|
self.mod_san_queue.enqueue_mod_san_request(
|
||||||
json.dumps(cert_obj.to_dict()))
|
json.dumps(cert_obj.to_dict()))
|
||||||
return self.responder.ssl_certificate_provisioned(None, {
|
return self.responder.ssl_certificate_provisioned(None, {
|
||||||
'status': 'failed',
|
'status': 'create_in_progress',
|
||||||
'san cert': None,
|
'san cert': None,
|
||||||
'action': 'No available san cert for %s right now,'
|
'action': 'No available san cert for %s right now,'
|
||||||
' or no san cert info available.'
|
' or no san cert info available. Support:'
|
||||||
|
'Please write down the domain and keep an'
|
||||||
|
' eye on next availabe freed-up SAN certs.'
|
||||||
' More provisioning might be needed' %
|
' More provisioning might be needed' %
|
||||||
(cert_obj.domain_name)
|
(cert_obj.domain_name)
|
||||||
})
|
})
|
||||||
|
|
|
@ -2,9 +2,5 @@
|
||||||
"create_san_test_1": {
|
"create_san_test_1": {
|
||||||
"cert_type": "san",
|
"cert_type": "san",
|
||||||
"domain_name": "www.abc.com"
|
"domain_name": "www.abc.com"
|
||||||
},
|
|
||||||
"root_domain": {
|
|
||||||
"cert_type": "san",
|
|
||||||
"domain_name": "abc.com"
|
|
||||||
}
|
}
|
||||||
}
|
}
|
|
@ -34,5 +34,9 @@
|
||||||
"empty_cert": {
|
"empty_cert": {
|
||||||
"cert_type": "",
|
"cert_type": "",
|
||||||
"domain_name": "meowmeow.com"
|
"domain_name": "meowmeow.com"
|
||||||
|
},
|
||||||
|
"root_domain": {
|
||||||
|
"cert_type": "san",
|
||||||
|
"domain_name": "abc.com"
|
||||||
}
|
}
|
||||||
}
|
}
|
|
@ -24,5 +24,10 @@
|
||||||
"cert_type": "san",
|
"cert_type": "san",
|
||||||
"domain_name": "www.abc.com",
|
"domain_name": "www.abc.com",
|
||||||
"flavor_id": "mock"
|
"flavor_id": "mock"
|
||||||
|
},
|
||||||
|
"with_root_domain": {
|
||||||
|
"cert_type": "san",
|
||||||
|
"domain_name": "abc.com",
|
||||||
|
"flavor_id": "mock"
|
||||||
}
|
}
|
||||||
}
|
}
|
Loading…
Reference in New Issue