diff --git a/wile_coyote/bin/coyote b/wile_coyote/bin/coyote
index 78b403b55e2eccdbd4154c5bfd34c54149017748..5add157d83482928e83cec60b64a286c50196bd8 100755
--- a/wile_coyote/bin/coyote
+++ b/wile_coyote/bin/coyote
@@ -75,10 +75,12 @@ def get_certificate_metadata(certificate):
return [san, not_after]
-def run_cbot(start, cbot_dom, prov, action, reuse_key, force, dry, w_card=None, extra_cmds=None):
+def run_cbot(
+ start, cbot_dom, prov, action, reuse_key, force, dry, w_card=None, extra_cmds=None
+):
"""
get certificate from ACME provider
- a few parameters for certbot are defined in /etc/<provider>/cli.ini
+ the parameters are defined in /etc/<provider>/cli.ini and can be overridden by extra_cmds
"""
if action == "renew":
domain_list = "" # renew does not support list of domains
@@ -94,7 +96,7 @@ def run_cbot(start, cbot_dom, prov, action, reuse_key, force, dry, w_card=None,
+ f" -c /etc/{prov}/cli.ini --cert-name {cbot_dom[0]}"
+ f" {domain_list} {dry} {force} {reuse_key} {extra_cmd}"
)
- cbot_cmd = ' '.join(_cbot_cmd.split())
+ cbot_cmd = " ".join(_cbot_cmd.split())
log.handler(f"executing: {cbot_cmd}", LOG_FILE)
@@ -124,7 +126,7 @@ if __name__ == "__main__":
atomic_checks(LOG_FILE, LEADER)
# start logging ASAP
- START_TIME = datetime.datetime.now()
+ NOW = datetime.datetime.now()
CMD_LINE = " ".join(os.sys.argv)
log.handler(80 * "=", LOG_FILE) # since we use flock logs are tidy
log.handler(f"JOB STARTED: {CMD_LINE}", LOG_FILE)
@@ -135,7 +137,7 @@ if __name__ == "__main__":
PROJECT = ARGS["--project"]
ENV = ARGS["--nomad-env"]
FIRST_NAME = DOMAIN[0]
- WILDCARD = ARGS["--wildcard"] # True or None
+ WCARD = ARGS["--wildcard"] # True or None
EXTRA = ARGS["--extra"]
# client array elements are the folders where we upload the certificates
@@ -178,38 +180,25 @@ if __name__ == "__main__":
log.handler(DAYS_LEFT_MSG, LOG_FILE)
if SAN != SORTED_DOMAIN or DAYS_LEFT < DAYS:
- run_cbot(
- START_TIME, DOMAIN, PROVIDER, ACTION, REUSE_KEY, FORCE, DRY, WILDCARD, EXTRA
- )
-
- # if we are here, everything went fine and we can upload the certificates
- WILDCARD_STRING = " Wildcard" if WILDCARD else ""
+ run_cbot(NOW, DOMAIN, PROVIDER, ACTION, REUSE_KEY, FORCE, DRY, WCARD, EXTRA)
+ # if we are here, everything worked out and we can upload the certificates
if ARGS["--tld"]:
log.handler(f"uploading {FIRST_NAME} {PROVIDER} wildcard", LOG_FILE)
wildcard_uploader.uploader(PROVIDER, FIRST_NAME)
else:
+ WCARD_STRING = " Wildcard" if WCARD else ""
+ LOG_MSG = f"uploading {FIRST_NAME} {PROVIDER}{WCARD_STRING}"
for single_unit in UNIT:
if single_unit == "puppet":
for client in CLIENTS:
- log.handler(
- f"uploading {FIRST_NAME} {PROVIDER}{WILDCARD_STRING} for Puppet",
- LOG_FILE,
- )
- uploader.uploader(
- FIRST_NAME, PROVIDER, single_unit, client, WILDCARD
- )
+ log.handler(f"{LOG_MSG} for Puppet", LOG_FILE)
+ uploader.uploader(FIRST_NAME, PROVIDER, single_unit, client, WCARD)
elif single_unit == "nomad":
- log.handler(
- f"uploading {FIRST_NAME} {PROVIDER}{WILDCARD_STRING} for Nomad",
- LOG_FILE,
- )
- nomad_uploader.uploader(PROVIDER, PROJECT, FIRST_NAME, ENV, WILDCARD)
+ log.handler(f"{LOG_MSG} for Nomad", LOG_FILE)
+ nomad_uploader.uploader(PROVIDER, PROJECT, FIRST_NAME, ENV, WCARD)
else:
- log.handler(
- f"uploading {FIRST_NAME} {PROVIDER}{WILDCARD_STRING} for {UNIT}",
- LOG_FILE,
- )
- uploader.uploader(FIRST_NAME, PROVIDER, single_unit, None, WILDCARD)
+ log.handler(f"{LOG_MSG} for {UNIT}", LOG_FILE)
+ uploader.uploader(FIRST_NAME, PROVIDER, single_unit, None, WCARD)
- sys_kit.coyote_exit(LOG_FILE, START_TIME)
+ sys_kit.coyote_exit(LOG_FILE, NOW)