lemur Package
lemur
Package
constants
Module
- class lemur.constants.CRLReason(value)
Bases:
IntEnum
An enumeration.
- aACompromise = 10
- affiliationChanged = 3
- cACompromise = 2
- certificateHold = 6
- cessationOfOperation = 5
- keyCompromise = 1
- privilegeWithdrawn = 9
- removeFromCRL = 8
- superseded = 4
- unspecified = 0
database
Module
- lemur.database.add(model)
Helper to add a model to the current session.
- Parameters:
model –
- Returns:
- lemur.database.clone(model)
Clones the given model and removes it’s primary key :param model: :return:
- lemur.database.commit()
Helper to commit the current session.
- lemur.database.create(model)
Helper that attempts to create a new instance of an object.
- Parameters:
model –
- Returns:
- raise IntegrityError:
- lemur.database.create_query(model, kwargs)
Returns a SQLAlchemy query object for specified model. Model filtered by the kwargs passed.
- Parameters:
model –
kwargs –
- Returns:
- lemur.database.delete(model)
Helper that attempts to delete a model.
- Parameters:
model –
- lemur.database.filter(query, model, terms)
Helper that searched for ‘like’ strings in column values.
- Parameters:
query –
model –
terms –
- Returns:
- lemur.database.filter_none(kwargs)
Remove all None values from a given dict. SQLAlchemy does not like to have values that are None passed to it.
- Parameters:
kwargs – Dict to filter
- Returns:
Dict without any ‘None’ values
- lemur.database.find_all(query, model, kwargs)
Returns a query object that ensures that all kwargs are present.
- Parameters:
query –
model –
kwargs –
- Returns:
- lemur.database.find_any(query, model, kwargs)
Returns a query object that allows any kwarg to be present.
- Parameters:
query –
model –
kwargs –
- Returns:
- lemur.database.get(model, value, field='id')
Returns one object filtered by the field and value.
- Parameters:
model –
value –
field –
- Returns:
- lemur.database.get_all(model, value, field='id')
Returns query object with the fields and value filtered.
- Parameters:
model –
value –
field –
- Returns:
- lemur.database.get_count(q)
Count the number of rows in a table. More efficient than count(*) :param q: :return:
- lemur.database.get_model_column(model, field)
- lemur.database.rollback()
Helper to rollback the current session.
- lemur.database.session_query(model)
Returns a SQLAlchemy query object for the specified model.
If model has a
query
attribute already, that object will be returned. Otherwise a query will be created and returned based on session.- Parameters:
model – sqlalchemy model
- Returns:
query object for model
- lemur.database.sort(query, model, field, direction)
Returns objects of the specified model in the field and direction given
- Parameters:
query –
model –
field –
direction –
- lemur.database.sort_and_page(query, model, args)
Helper that allows us to combine sorting and paging. Note that paging is not safe unless combined with sorting.
- Parameters:
query – search query
model – model to use for resulting items
args – arguments to query with, including sorting and paging parameters
- Returns:
the items given the count and page specified
- lemur.database.update(model)
Helper that attempts to update a model.
- Parameters:
model –
- Returns:
- lemur.database.update_list(model, model_attr, item_model, items)
Helper that correctly updates a models items depending on what has changed
- Parameters:
model_attr –
item_model –
items –
model –
- Returns:
exceptions
Module
- exception lemur.exceptions.AttrNotFound(field)
Bases:
LemurException
- exception lemur.exceptions.DuplicateError(key)
Bases:
LemurException
- exception lemur.exceptions.InvalidAuthority
Bases:
Exception
- exception lemur.exceptions.InvalidConfiguration
Bases:
Exception
- exception lemur.exceptions.InvalidDistribution(field)
Bases:
LemurException
- exception lemur.exceptions.InvalidListener(*args, **kwargs)
Bases:
LemurException
- exception lemur.exceptions.LemurException(*args, **kwargs)
Bases:
Exception
- exception lemur.exceptions.UnknownProvider
Bases:
Exception
extensions
Module
- class lemur.extensions.SQLAlchemy(app=None, use_native_unicode=True, session_options=None, metadata=None, query_class=<class 'flask_sqlalchemy.BaseQuery'>, model_class=<class 'flask_sqlalchemy.model.Model'>, engine_options=None)
Bases:
SQLAlchemy
- apply_pool_defaults(app, options)
Set default engine options. We enable pool_pre_ping to be the default value.
factory
Module
- lemur.factory.configure_app(app, config=None)
Different ways of configuration
- Parameters:
app –
config –
- Returns:
- lemur.factory.configure_blueprints(app, blueprints)
We prefix our APIs with their given version so that we can support multiple concurrent API versions.
- Parameters:
app –
blueprints –
- lemur.factory.configure_database(app)
- lemur.factory.configure_extensions(app)
Attaches and configures any needed flask extensions to our app.
- Parameters:
app –
- lemur.factory.configure_logging(app)
Sets up application wide logging.
- Parameters:
app –
- lemur.factory.create_app(app_name=None, blueprints=None, config=None)
Lemur application factory
- Parameters:
config –
app_name –
blueprints –
- Returns:
- lemur.factory.from_file(file_path, silent=False)
Updates the values in the config from a Python file. This function behaves as if the file was imported as module with the
- Parameters:
file_path –
silent –
- lemur.factory.install_plugins(app)
Installs new issuers that are not currently bundled with Lemur.
- Parameters:
app –
- Returns:
manage
Module
- class lemur.manage.CreateRole(func=None)
Bases:
Command
This command allows for the creation of a new role within Lemur
- option_list = (<flask_script.commands.Option object>, <flask_script.commands.Option object>, <flask_script.commands.Option object>)
- run(name, users, description)
Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.
- class lemur.manage.CreateUser(func=None)
Bases:
Command
This command allows for the creation of a new user within Lemur.
- option_list = (<flask_script.commands.Option object>, <flask_script.commands.Option object>, <flask_script.commands.Option object>, <flask_script.commands.Option object>, <flask_script.commands.Option object>)
- run(username, email, active, roles, password)
Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.
- class lemur.manage.InitializeApp(func=None)
Bases:
Command
This command will bootstrap our database with any destinations as specified by our config.
Additionally a Lemur user will be created as a default user and be used when certificates are discovered by Lemur.
- option_list = (<flask_script.commands.Option object>,)
- run(password)
Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.
- class lemur.manage.LemurServer(func=None)
Bases:
Command
This is the main Lemur server, it runs the flask app with gunicorn and uses any configuration options passed to it.
You can pass all standard gunicorn flags to this command as if you were running gunicorn itself.
For example:
lemur start -w 4 -b 127.0.0.0:8002
Will start gunicorn with 4 workers bound to 127.0.0.0:8002
- description = 'Run the app within Gunicorn'
- get_options()
By default, returns self.option_list. Override if you need to do instance-specific configuration.
- run(*args, **kwargs)
Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.
- class lemur.manage.ResetPassword(func=None)
Bases:
Command
This command allows you to reset a user’s password.
- option_list = (<flask_script.commands.Option object>,)
- run(username)
Runs a command. This must be implemented by the subclass. Should take arguments as configured by the Command options.
- lemur.manage.create()
- lemur.manage.create_config(config_path=None)
Creates a new configuration file if one does not already exist
- lemur.manage.drop_all()
- lemur.manage.generate_settings()
This command is run when
default_path
doesn’t exist, orinit
is run and returns a string representing the default data to put into their settings file.
- lemur.manage.lock(path=None)
Encrypts a given path. This directory can be used to store secrets needed for normal Lemur operation. This is especially useful for storing secrets needed for communication with third parties (e.g. external certificate authorities).
Lemur does not assume anything about the contents of the directory and will attempt to encrypt all files contained within. Currently this has only been tested against plain text files.
Path defaults ~/.lemur/keys
- Param:
path
- lemur.manage.main()
- lemur.manage.make_shell_context()
Creates a python REPL with several default imports in the context of the current_app
- Returns:
- lemur.manage.publish_verisign_units()
Simple function that queries verisign for API units and posts the mertics to Atlas API for other teams to consume. :return:
- lemur.manage.unlock(path=None)
Decrypts all of the files in a given directory with provided password. This is most commonly used during the startup sequence of Lemur allowing it to go from source code to something that can communicate with external services.
Path defaults ~/.lemur/keys
- Param:
path
models
Module
Subpackages
- auth Package
- authorities Package
- certificates Package
- common Package
- destinations Package
- domains Package
- notifications Package
- plugins Package
- roles Package
- users Package
- sources Package
- logs Package
- reporting Package
- tests Package
- deployment Package
- endpoints Package
- defaults Package
- lemur_acme package
- lemur_atlas package
- lemur_cryptography package
- lemur_digicert package
- lemur_jks package
- lemur_kubernetes package
- lemur_openssl package
- lemur_slack package