in gcpdiag/runbook/lb/ssl_certificates.py [0:0]
def execute(self):
"""Checks the status of each individual domain associated with the SSL certificate."""
certificate = lb.get_ssl_certificate(self.project_id, self.certificate_name)
failed_not_visible_domains = []
failed_caa_domains = []
failed_rate_limited_domains = []
provisioning_domains = []
for domain, status in certificate.domain_status.items():
if status == 'FAILED_NOT_VISIBLE':
failed_not_visible_domains.append(domain)
if status in ('FAILED_CAA_CHECKING', 'FAILED_CAA_FORBIDDEN'):
failed_caa_domains.append(domain)
if status == 'FAILED_RATE_LIMITED':
failed_rate_limited_domains.append(domain)
if status == 'PROVISIONING':
provisioning_domains.append(domain)
if failed_not_visible_domains:
step = AnalyzeFailedNotVisibleDomains()
step.project_id = self.project_id
step.domains = failed_not_visible_domains
step.certificate_name = self.certificate_name
self.add_child(step)
if failed_caa_domains:
step = AnalyzeFailedCaaCheck()
step.project_id = self.project_id
step.domains = failed_caa_domains
step.certificate_name = self.certificate_name
self.add_child(step)
if failed_rate_limited_domains:
step = AnalyzeRateLimitedDomains()
step.project_id = self.project_id
step.domains = failed_rate_limited_domains
step.certificate_name = self.certificate_name
self.add_child(step)
if provisioning_domains:
step = AnalyzeProvisioningDomains()
step.project_id = self.project_id
step.domains = provisioning_domains
step.certificate_name = self.certificate_name
self.add_child(step)
if failed_not_visible_domains or provisioning_domains:
step = CheckCertificateAttachment()
step.project_id = self.project_id
step.certificate_name = self.certificate_name
self.add_child(step)
if (not failed_not_visible_domains and not failed_caa_domains and
not failed_rate_limited_domains and not provisioning_domains):
op.add_ok(
certificate,
reason=op.prep_msg(op.SUCCESS_REASON, name=self.certificate_name),
)