Class: Puppetserver::Ca::Action::Sign
- Inherits:
-
Object
- Object
- Puppetserver::Ca::Action::Sign
- Includes:
- Utils
- Defined in:
- lib/puppetserver/ca/action/sign.rb
Constant Summary collapse
- SUMMARY =
'Sign certificate request(s)'
- BANNER =
<<-BANNER Usage: puppetserver ca sign [--help] puppetserver ca sign [--config] --certname NAME[,NAME] puppetserver ca sign --all Description: Given a comma-separated list of valid certnames, instructs the CA to sign each cert. Options: BANNER
Class Method Summary collapse
Instance Method Summary collapse
- #check_flag_usage(results) ⇒ Object
- #get_all_pending_certs(ca) ⇒ Object
-
#initialize(logger) ⇒ Sign
constructor
A new instance of Sign.
- #parse(args) ⇒ Object
- #run(input) ⇒ Object
- #select_pending_certs(get_result) ⇒ Object
Constructor Details
#initialize(logger) ⇒ Sign
Returns a new instance of Sign.
48 49 50 |
# File 'lib/puppetserver/ca/action/sign.rb', line 48 def initialize(logger) @logger = logger end |
Class Method Details
.parser(parsed = {}) ⇒ Object
30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 |
# File 'lib/puppetserver/ca/action/sign.rb', line 30 def self.parser(parsed = {}) OptionParser.new do |opts| opts. = BANNER opts.on('--certname NAME[,NAME]', Array, 'the name(s) of the cert(s) to be signed') do |cert| parsed['certname'] = cert end opts.on('--config CONF', 'Custom path to Puppet\'s config file') do |conf| parsed['config'] = conf end opts.on('--help', 'Display this command specific help output') do |help| parsed['help'] = true end opts.on('--all', 'Operate on all certnames') do |a| parsed['all'] = true end end end |
Instance Method Details
#check_flag_usage(results) ⇒ Object
95 96 97 98 99 100 101 102 103 104 |
# File 'lib/puppetserver/ca/action/sign.rb', line 95 def check_flag_usage(results) if results['certname'] && results['all'] '--all and --certname cannot be used together' elsif !results['certname'] && !results['all'] 'No arguments given' elsif results['certname'] && results['certname'].include?('--all') 'Cannot use --all with --certname. If you actually have a certificate request ' + 'for a certifcate named --all, you need to use the HTTP API.' end end |
#get_all_pending_certs(ca) ⇒ Object
77 78 79 80 81 |
# File 'lib/puppetserver/ca/action/sign.rb', line 77 def get_all_pending_certs(ca) if result = ca.get_certificate_statuses select_pending_certs(result.body) end end |
#parse(args) ⇒ Object
106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 |
# File 'lib/puppetserver/ca/action/sign.rb', line 106 def parse(args) results = {} parser = self.class.parser(results) errors = CliParsing.parse_with_errors(parser, args) if err = check_flag_usage(results) errors << err end errors_were_handled = CliParsing.handle_errors(@logger, errors, parser.help) exit_code = errors_were_handled ? 1 : nil return results, exit_code end |
#run(input) ⇒ Object
52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/puppetserver/ca/action/sign.rb', line 52 def run(input) config = input['config'] if config errors = FileSystem.validate_file_paths(config) return 1 if CliParsing.handle_errors(@logger, errors) end puppet = Config::Puppet.parse(config) return 1 if CliParsing.handle_errors(@logger, puppet.errors) ca = Puppetserver::Ca::CertificateAuthority.new(@logger, puppet.settings) if input['all'] requested_certnames = get_all_pending_certs(ca) return 1 if requested_certnames.nil? return 24 if requested_certnames.empty? else requested_certnames = input['certname'] end success = ca.sign_certs(requested_certnames) return success ? 0 : 1 end |
#select_pending_certs(get_result) ⇒ Object
83 84 85 86 87 88 89 90 91 92 93 |
# File 'lib/puppetserver/ca/action/sign.rb', line 83 def select_pending_certs(get_result) requested_certnames = JSON.parse(get_result).select{|e| e["state"] == "requested"}.map{|e| e["name"]} if requested_certnames.empty? @logger.err 'Error:' @logger.err " No waiting certificate requests to sign" return requested_certnames end return requested_certnames end |