M1 Client tool certificate housekeeping

[davidjwbbc]

Enhancement

The current version of the m1-session tool does not implement 3 proposed interfaces:

• m1-session check-certificates-renewal [-h] - automatic certificate renewal for all provisioning sessions with certificates near to expiry.
• m1-session renew-certificates [-h] (-p <provisioning-session-id>|<ingest-URL> [<entry-point-path>]) - forced certificate renewal for a provisioning session.
• m1-session del-certificate [-h] -p <provisioning-session-id> -c <certificate-id> - Remove a specific certificate/key pair from the provisioning session (if not in use).

These commands should be backed up by similar M1Session methods:

• M1Session.automaticCertificateRenewal()
  • This would check existing provisioning sessions for a ContentHostingConfiguration that uses certificates and check if those certificates are nearing expiry.
  • Any certificates close to expiry would be regenerated as new certificates, the ContentHostingConfiguration using a renewed certificate updated and the old expiring certificates and keys removed from the provisioning session.
• M1Session.renewCertificates(provisioning_session_id, force=False)
  • This would renew any certificates used in the ContentHostingConfiguration that are close to expiry if force is False or would force renewal of all certificates present in the ContentHostingConfiguration for the provisioning session if force is True.
• M1Session.certificateDelete(provisioning_session_id, certificate_id)
  • Issue the M1 DELETE command for the certificate, update the local provisioning session cache and return the result.

This issue is here to track the inclusion of these commands in a v1.2.x or later release.

Related issues

#20