Class: Puppetserver::Ca::Action::Revoke
- Inherits:
-
Object
- Object
- Puppetserver::Ca::Action::Revoke
- Includes:
- Utils
- Defined in:
- lib/puppetserver/ca/action/revoke.rb
Constant Summary collapse
- CERTNAME_BLACKLIST =
%w{--all --config}
- SUMMARY =
'Revoke certificate(s)'
- BANNER =
<<-BANNER Usage: puppetserver ca revoke [--help] puppetserver ca revoke [--config] --certname NAME[,NAME] Description: Given one or more valid certnames, instructs the CA to revoke them over HTTPS using the local agent's PKI Options: BANNER
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(logger) ⇒ Revoke
constructor
A new instance of Revoke.
- #parse(args) ⇒ Object
- #revoke_certs(certnames, settings) ⇒ Object
- #run(args) ⇒ Object
Constructor Details
#initialize(logger) ⇒ Revoke
Returns a new instance of Revoke.
47 48 49 |
# File 'lib/puppetserver/ca/action/revoke.rb', line 47 def initialize(logger) @logger = logger end |
Class Method Details
.parser(parsed = {}) ⇒ Object
30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 |
# File 'lib/puppetserver/ca/action/revoke.rb', line 30 def self.parser(parsed = {}) parsed['certnames'] = [] OptionParser.new do |o| o. = BANNER o.on('--certname NAME[,NAME]', Array, 'One or more comma separated certnames') do |certs| parsed['certnames'] += certs end o.on('--config CONF', 'Custom path to puppet.conf') do |conf| parsed['config'] = conf end o.on('--help', 'Displays this revoke specific help output') do |help| parsed['help'] = true end end end |
Instance Method Details
#parse(args) ⇒ Object
51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/puppetserver/ca/action/revoke.rb', line 51 def parse(args) results = {} parser = self.class.parser(results) errors = CliParsing.parse_with_errors(parser, args) results['certnames'].each do |certname| if CERTNAME_BLACKLIST.include?(certname) errors << " Cannot manage cert named `#{certname}` from " + "the CLI, if needed use the HTTP API directly" end end if results['certnames'].empty? errors << ' At least one certname is required to revoke' end errors_were_handled = Errors.handle_with_usage(@logger, errors, parser.help) # if there is an exit_code then Cli will return it early, so we only # return an exit_code if there's an error exit_code = errors_were_handled ? 1 : nil return results, exit_code end |
#revoke_certs(certnames, settings) ⇒ Object
101 102 103 104 |
# File 'lib/puppetserver/ca/action/revoke.rb', line 101 def revoke_certs(certnames, settings) ca = Puppetserver::Ca::CertificateAuthority.new(@logger, settings) ca.revoke_certs(certnames) end |
#run(args) ⇒ Object
77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 |
# File 'lib/puppetserver/ca/action/revoke.rb', line 77 def run(args) certnames = args['certnames'] config = args['config'] if config errors = FileSystem.validate_file_paths(config) return 1 if Errors.handle_with_usage(@logger, errors) end puppet = Config::Puppet.parse(config) return 1 if Errors.handle_with_usage(@logger, puppet.errors) result = revoke_certs(certnames, puppet.settings) case result when :success return 0 when :invalid return 24 when :not_found, :error return 1 end end |