diff --git a/wile_coyote/bin/coyote b/wile_coyote/bin/coyote index 78b403b55e2eccdbd4154c5bfd34c54149017748..5add157d83482928e83cec60b64a286c50196bd8 100755 --- a/wile_coyote/bin/coyote +++ b/wile_coyote/bin/coyote @@ -75,10 +75,12 @@ def get_certificate_metadata(certificate): return [san, not_after] -def run_cbot(start, cbot_dom, prov, action, reuse_key, force, dry, w_card=None, extra_cmds=None): +def run_cbot( + start, cbot_dom, prov, action, reuse_key, force, dry, w_card=None, extra_cmds=None +): """ get certificate from ACME provider - a few parameters for certbot are defined in /etc/<provider>/cli.ini + the parameters are defined in /etc/<provider>/cli.ini and can be overridden by extra_cmds """ if action == "renew": domain_list = "" # renew does not support list of domains @@ -94,7 +96,7 @@ def run_cbot(start, cbot_dom, prov, action, reuse_key, force, dry, w_card=None, + f" -c /etc/{prov}/cli.ini --cert-name {cbot_dom[0]}" + f" {domain_list} {dry} {force} {reuse_key} {extra_cmd}" ) - cbot_cmd = ' '.join(_cbot_cmd.split()) + cbot_cmd = " ".join(_cbot_cmd.split()) log.handler(f"executing: {cbot_cmd}", LOG_FILE) @@ -124,7 +126,7 @@ if __name__ == "__main__": atomic_checks(LOG_FILE, LEADER) # start logging ASAP - START_TIME = datetime.datetime.now() + NOW = datetime.datetime.now() CMD_LINE = " ".join(os.sys.argv) log.handler(80 * "=", LOG_FILE) # since we use flock logs are tidy log.handler(f"JOB STARTED: {CMD_LINE}", LOG_FILE) @@ -135,7 +137,7 @@ if __name__ == "__main__": PROJECT = ARGS["--project"] ENV = ARGS["--nomad-env"] FIRST_NAME = DOMAIN[0] - WILDCARD = ARGS["--wildcard"] # True or None + WCARD = ARGS["--wildcard"] # True or None EXTRA = ARGS["--extra"] # client array elements are the folders where we upload the certificates @@ -178,38 +180,25 @@ if __name__ == "__main__": log.handler(DAYS_LEFT_MSG, LOG_FILE) if SAN != SORTED_DOMAIN or DAYS_LEFT < DAYS: - run_cbot( - START_TIME, DOMAIN, PROVIDER, ACTION, REUSE_KEY, FORCE, DRY, WILDCARD, EXTRA - ) - - # if we are here, everything went fine and we can upload the certificates - WILDCARD_STRING = " Wildcard" if WILDCARD else "" + run_cbot(NOW, DOMAIN, PROVIDER, ACTION, REUSE_KEY, FORCE, DRY, WCARD, EXTRA) + # if we are here, everything worked out and we can upload the certificates if ARGS["--tld"]: log.handler(f"uploading {FIRST_NAME} {PROVIDER} wildcard", LOG_FILE) wildcard_uploader.uploader(PROVIDER, FIRST_NAME) else: + WCARD_STRING = " Wildcard" if WCARD else "" + LOG_MSG = f"uploading {FIRST_NAME} {PROVIDER}{WCARD_STRING}" for single_unit in UNIT: if single_unit == "puppet": for client in CLIENTS: - log.handler( - f"uploading {FIRST_NAME} {PROVIDER}{WILDCARD_STRING} for Puppet", - LOG_FILE, - ) - uploader.uploader( - FIRST_NAME, PROVIDER, single_unit, client, WILDCARD - ) + log.handler(f"{LOG_MSG} for Puppet", LOG_FILE) + uploader.uploader(FIRST_NAME, PROVIDER, single_unit, client, WCARD) elif single_unit == "nomad": - log.handler( - f"uploading {FIRST_NAME} {PROVIDER}{WILDCARD_STRING} for Nomad", - LOG_FILE, - ) - nomad_uploader.uploader(PROVIDER, PROJECT, FIRST_NAME, ENV, WILDCARD) + log.handler(f"{LOG_MSG} for Nomad", LOG_FILE) + nomad_uploader.uploader(PROVIDER, PROJECT, FIRST_NAME, ENV, WCARD) else: - log.handler( - f"uploading {FIRST_NAME} {PROVIDER}{WILDCARD_STRING} for {UNIT}", - LOG_FILE, - ) - uploader.uploader(FIRST_NAME, PROVIDER, single_unit, None, WILDCARD) + log.handler(f"{LOG_MSG} for {UNIT}", LOG_FILE) + uploader.uploader(FIRST_NAME, PROVIDER, single_unit, None, WCARD) - sys_kit.coyote_exit(LOG_FILE, START_TIME) + sys_kit.coyote_exit(LOG_FILE, NOW)