Only run certbot updates once every 12 hours

rycus86 · Mar 13, 2018 · 3e5f6be · 3e5f6be
1 parent 76eb4be
commit 3e5f6be
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 5 deletions.
diff --git a/src/ssl_manager/certbot_cf_ssl.py b/src/ssl_manager/certbot_cf_ssl.py
@@ -2,6 +2,8 @@
 import logging
 import subprocess
 
+from datetime import datetime, timedelta
+
 from config import read_configuration
 from ssl_manager import SSLManager
 
@@ -35,8 +37,11 @@ def __init__(self):
             'CERTBOT_STAGING', '/var/secrets/certbot', default='no'
         ).lower() in ('yes', 'true', '1')
 
+        self.last_run = datetime.fromtimestamp(0)
+
     def needs_update(self, subdomain):
-        return True  # we'll use 'certonly' with '--keep'
+        elapsed = datetime.now() - self.last_run
+        return elapsed > timedelta(days=0.5)
 
     def update(self, subdomain):
         try:
@@ -75,6 +80,8 @@ def update(self, subdomain):
 
                 return 'Failed with exit code: %s' % result.returncode
 
+            self.last_run = datetime.now()
+
             if result.stdout:
                 logger.debug(result.stdout)
 

diff --git a/tests/test_certbot_cf_ssl.py b/tests/test_certbot_cf_ssl.py
@@ -2,6 +2,8 @@
 import unittest
 import subprocess
 
+from datetime import datetime, timedelta
+
 from config import Subdomain
 from ssl_manager.certbot_cf_ssl import CertbotCloudflareSSLManager
 
@@ -37,9 +39,6 @@ def tearDown(self):
         del os.environ['CLOUDFLARE_TOKEN']
         del os.environ['CERTBOT_STAGING']
 
-    def test_always_updates(self):
-        self.assertTrue(self.manager.needs_update(Subdomain('test')))
-
     def test_new_certificate(self):
         self.mock_result.stdout = 'Congratulations! It worked!'
         self.mock_result.stderr = 'Obtaining a new certificate'
@@ -78,14 +77,34 @@ def test_not_yet_due_for_renewal(self):
         self.assertEqual(result, 'Not yet due for renewal')
         self.assertIn('-d still-valid.unit.test', ' '.join(self.mock_result.args))
 
-    def test_unkown_result(self):
+    def test_unknown_result(self):
         self.mock_result.stdout = 'Maybe Certbot got updated'
 
         result = self.manager.update(Subdomain('unknown', 'unit.test'))
 
         self.assertEqual(result, 'Unknown')
         self.assertIn('-d unknown.unit.test', ' '.join(self.mock_result.args))
 
+    def test_repeat_scheduling(self):
+        self.mock_result.stdout = 'Maybe Certbot got updated'
+        subdomain = Subdomain('unknown', 'unit.test')
+
+        self.assertTrue(self.manager.needs_update(subdomain))
+        result = self.manager.update(subdomain)
+        self.assertEqual(result, 'Unknown')
+
+        self.assertFalse(self.manager.needs_update(subdomain))
+
+        self.manager.last_run = datetime.now() - timedelta(seconds=6 * 60 * 60)
+
+        self.assertFalse(self.manager.needs_update(subdomain))
+
+        self.manager.last_run = datetime.now() - timedelta(days=0.5, seconds=30)
+
+        self.assertTrue(self.manager.needs_update(subdomain))
+        result = self.manager.update(subdomain)
+        self.assertEqual(result, 'Unknown')
+
     def test_use_staging_servers(self):
         self.manager.use_staging = True