Class: Conjur::Bootstrap::Command::Pubkeys

Inherits:

Base

• Object
• Struct
• Base
• Conjur::Bootstrap::Command::Pubkeys

Defined in:

lib/conjur/bootstrap.rb

Instance Attribute Summary

Attributes inherited from Base

#api, #listener

Instance Method Summary

• #key_managers ⇒ Object
• #perform ⇒ Object
• #pubkeys_host ⇒ Object
• #pubkeys_layer ⇒ Object
• #pubkeys_service ⇒ Object

Methods inherited from Base

#auditors, #echo, #find_or_create_record, #find_or_create_resource, #permit, #security_admin, #store_api_key

Instance Method Details

#key_managers ⇒ Object

# File 'lib/conjur/bootstrap.rb', line 114

def key_managers
  api.group("pubkeys-1.0/key-managers")
end

#perform ⇒ Object

# File 'lib/conjur/bootstrap.rb', line 85

def perform
  find_or_create_record key_managers, security_admin

  find_or_create_record pubkeys_layer, security_admin
  find_or_create_record pubkeys_host, security_admin do |record, options|
    api.create_host(id: record.id, ownerid: security_admin.roleid)
  end
  pubkeys_layer.add_host pubkeys_host unless pubkeys_layer.hosts.map(&:roleid).member?(pubkeys_host.roleid)
  
  find_or_create_resource pubkeys_service, security_admin

  permit pubkeys_service, 'update', key_managers

  # also permit security_admin to update public keys
  permit pubkeys_service, 'update', security_admin
end

#pubkeys_host ⇒ Object

# File 'lib/conjur/bootstrap.rb', line 106

def pubkeys_host
  api.host("conjur/pubkeys")
end

#pubkeys_layer ⇒ Object

# File 'lib/conjur/bootstrap.rb', line 102

def pubkeys_layer
  api.layer("pubkeys-1.0/public-keys")
end

#pubkeys_service ⇒ Object

# File 'lib/conjur/bootstrap.rb', line 110

def pubkeys_service
  api.resource("service:pubkeys-1.0/public-keys")
end