Class: Puppet::SSL::CertificateAuthority::AutosignCommand Private

Inherits:
Object
  • Object
show all
Defined in:
lib/puppet/ssl/certificate_authority/autosign_command.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

This class wraps a given command and invokes it with a CSR name and body to determine if the given CSR should be autosigned

Defined Under Namespace

Classes: CheckFailure

Instance Method Summary collapse

Constructor Details

#initialize(path) ⇒ AutosignCommand

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns a new instance of AutosignCommand.



12
13
14
# File 'lib/puppet/ssl/certificate_authority/autosign_command.rb', line 12

def initialize(path)
  @path = path
end

Instance Method Details

#allowed?(csr) ⇒ true, false

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Run the autosign command with the given CSR name as an argument and the CSR body on stdin.

Parameters:

  • csr (String)

    The CSR name to check for autosigning

Returns:

  • (true, false)

    If the CSR should be autosigned



21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# File 'lib/puppet/ssl/certificate_authority/autosign_command.rb', line 21

def allowed?(csr)
  name = csr.name
  cmd = [@path, name]

  output = Puppet::FileSystem::Uniquefile.open_tmp('puppet-csr') do |csr_file|
    csr_file.write(csr.to_s)
    csr_file.flush

    execute_options = {:stdinfile => csr_file.path, :combine => true, :failonfail => false}
    Puppet::Util::Execution.execute(cmd, execute_options)
  end

  output.chomp!

  Puppet.debug "Autosign command '#{@path}' exit status: #{output.exitstatus}"
  Puppet.debug "Autosign command '#{@path}' output: #{output}"

  case output.exitstatus
  when 0
    true
  else
    false
  end
end