Class: ACE::PuppetUtil

Inherits:
Object
  • Object
show all
Defined in:
lib/ace/puppet_util.rb

Class Method Summary collapse

Class Method Details

.init_global_settings(ca_cert_path, ca_crls_path, private_key_path, client_cert_path, cachedir, uri) ⇒ Object 



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
# File 'lib/ace/puppet_util.rb', line 7

def self.init_global_settings(ca_cert_path, ca_crls_path, private_key_path, client_cert_path, cachedir, uri)
  Puppet::Util::Log.destinations.clear
  Puppet::Util::Log.newdestination(:console)
  Puppet.settings[:log_level] = 'notice'
  Puppet.settings[:trace] = true
  Puppet.settings[:catalog_terminus] = :certless
  Puppet.settings[:node_terminus] = :memory
  Puppet.settings[:catalog_cache_terminus] = :json
  Puppet.settings[:facts_terminus] = :network_device
  # the following settings are just to make base_context
  # happy, these will not be the final values,
  # as per request settings will be set later on
  # to satisfy multi-environments
  Puppet.settings[:vardir] = cachedir
  Puppet.settings[:confdir] = File.join(cachedir, 'conf')
  Puppet.settings[:rundir] = File.join(cachedir, 'run')
  Puppet.settings[:logdir] = File.join(cachedir, 'log')
  Puppet.settings[:codedir] = File.join(cachedir, 'code')
  Puppet.settings[:plugindest] = File.join(cachedir, 'plugins')
  Puppet.push_context(Puppet.base_context(Puppet.settings), "Puppet Initialization")
  # ssl_context will be a persistent context
  cert_provider = Puppet::X509::CertProvider.new(
    capath: ca_cert_path,
    crlpath: ca_crls_path
  )
  ssl_context = Puppet::SSL::SSLProvider.new.create_context(
    cacerts: cert_provider.load_cacerts(required: true),
    crls: cert_provider.load_crls(required: true),
    private_key: OpenSSL::PKey::RSA.new(File.read(private_key_path, encoding: 'utf-8')),
    client_cert: OpenSSL::X509::Certificate.new(File.read(client_cert_path, encoding: 'utf-8'))
  )
  Puppet.push_context({
                        ssl_context: ssl_context,
                        server: uri.host,
                        serverport: uri.port
                      }, "PuppetServer connection information to be used")
  Puppet.settings.use :main, :agent, :ssl
  Puppet::Transaction::Report.indirection.terminus_class = :rest
end

.isolated_puppet_settings(certname, environment) ⇒ Object 



47
48
49
50
51
52
53
54
55
 
# File 'lib/ace/puppet_util.rb', line 47

def self.isolated_puppet_settings(certname, environment)
  Puppet.settings[:certname] = certname
  Puppet.settings[:environment] = environment
  env = Puppet::Node::Environment.remote(environment)
  Puppet.push_context({
                        configured_environment: environment,
                        loaders: Puppet::Pops::Loaders.new(env)
                      }, "Isolated settings to be used")
end