12 Commits

Author SHA1 Message Date
leigh-mil
c2814416fb Update atst to atat 2020-03-04 11:51:15 -05:00
tomdds
e702c42fa5 Merge branch 'staging' into environment-mgmt-grp-provisioning 2020-02-04 17:05:24 -05:00
dandds
05f6b36ece Update SQL query to find pending portfolios.
The query to find portfolios that are pending provisioning is updated to
check for:

- a period of performance that has started
- a portfolio state machine that has an UNSTARTED or one of the CREATED
  states

I left several TODOs to ensure that the orchestration functions
correctly for portfolio.
2020-02-04 10:16:02 -05:00
dandds
8f94d9e6ec Log any CSP errors that occur when disabling a user.
When one user disables another's environment role in Azure, sometimes an
exception will be raised. Since we catch the exception and display an
error message to the user, we should also log the exception so that the
error is traceable later.
2019-12-13 11:41:18 -05:00
dandds
1b6239893b Maintain static list of CRL URIs and issuers.
The previous solution (ad-hoc stream-parsing the CRLs to obtain their
issuers and nextUpdate) was too cute. It began breaking on CRLs that had
an addition hex 0x30 byte somewhere in their header. I thought that 0x30
was a reserved character only to be used for tags in ASN1 encoded with
DER; turns out that's not true. Rather than write a full-fledged ASN1
stream-parser, the simplest solution is to just maintain the list of
issuers as a constant in the codebase. This is fine because the issuer
for a specific CRL URI should not change. If it does, we've probably got
bigger problems.

This also removes the Flask app's functionality for updating the local
CRL cache. This is being handled out-of-band by a Kubernetes CronJob
and is not a concern of the app's. This means that instances of the
CRLCache do not have to explicitly track expirations for CRLs.
Previously, the in-memory dictionary or CRL issuers and locations
included expirations; now it is flattened to not include that
information.

The CRLCache class has been updated to accept a crl_list kwargs so that
unit tests can provide their own alternative CRL lists, since we now
hard-code the expected CRLs and issuers. The nightly CRL check job has
been updated to check that the hard-coded list of issuers matches what
we get when we actually sync the CRLs.
2019-11-12 05:43:11 -05:00
dandds
0b5acde4c4 Stream-parse CRLs for caching file locations.
AT-AT needs to maintain a key-value CRL cache where each key is the DER
byte-string of the issuer and the value is a dictionary of the CRL file
path and expiration. This way when it checks a client certificate, it
can load the correct CRL by comparing the issuers. This is preferable to
loading all of the CRLs in-memory. However, it still requires that AT-AT
load and parse each CRL when the application boots. Because of the size
of the CRLs and their parsed, in-memory size, this leads to the
application spiking to use nearly 900MB of memory (resting usage is
around 50MB).

This change introduces a small function to ad-hoc parse the CRL and
obtain the information in the CRL we need: the issuer and the
expiration. It does this by reading the CRL byte-by-byte until it
reaches the ASN1 sequence that corresponds to the issuer, and then looks
ahead to find the nextUpdate field (i.e., the expiration date). The
CRLCache class uses this function to build its cache and JSON-serializes
the cache to disk. If another AT-AT application process finds the
serialized version, it will load that copy instead of rebuilding it. It
also entails a change to the function signature for the init method of
CRLCache: now it expects the CRL directory as its second argument,
instead of a list of locations.

The Python script invoked by `script/sync-crls` will rebuild the
location cache each time it's run. This means that when the Kubernetes
CronJob for CRLs runs, it will refresh the cache each time. When a new
application container boots, it will get the refreshed cache.

This also adds a nightly CircleCI job to sync the CRLs and test that the
ad-hoc parsing function returns the same result as a proper parsing
using the Python cryptography library. This provides extra insurance
that the function is returning correct results on real data.
2019-11-04 08:36:03 -05:00
richard-dds
fe5def3a92 Send notification emails on some http errors 2019-05-15 15:01:49 -04:00
richard-dds
9e97df79f5 Mock out app NotificationSender during testing 2019-05-15 14:57:46 -04:00
Montana
86f106f6d1 Test logging events for auditable mixin 2019-04-03 17:07:33 -04:00
dandds
19438ab83e small improvements in existing log statements:
- log exceptions as exception so that stack trace is recorded
- use tags where appropriate for JSON logs
- use different log levels in CRL checker
2019-04-01 16:48:39 -04:00
dandds
dff72422f0 log access attempts in access decorator 2019-03-22 06:31:20 -04:00
Patrick Smith
ba97117a74 Add tests for portfolio funding route
This adds a helper to grab a template's context. Using a helper from the
Flask documentation: http://flask.pocoo.org/docs/1.0/signals/?highlight=template_rendered#subscribing-to-signals
2019-01-15 21:10:59 -05:00