Module: Hyperkit::Client::Certificates

Included in:

Hyperkit::Client

Defined in:

lib/hyperkit/client/certificates.rb

Overview

Methods for the certificates API

See Also:

• Hyperkit::Client
• https://github.com/lxc/lxd/blob/master/specs/rest-api.md

Instance Method Summary

• #certificate(fingerprint) ⇒ Sawyer::Resource

  Retrieve a trusted certificate from the server.

• #certificates ⇒ Array<String>

  List of trusted certificates on the server.

• #create_certificate(cert, options = {}) ⇒ Sawyer::Resource

  Add a new trusted certificate to the server.

• #delete_certificate(fingerprint) ⇒ Sawyer::Resource

  Delete a trusted certificate from the server.

Instance Method Details

#certificate(fingerprint) ⇒ Sawyer::Resource

Retrieve a trusted certificate from the server

Examples:

Retrieve a certificate

Hyperkit.certificate("c782c0f3530a04a5b2b78fc5292b7500aef1299370288b5eeb0450a6613a2c82") #=> {
  :certificate => "-----BEGIN CERTIFICATE-----\nMIIEW...ceyg04=\n-----END CERTIFICATE-----\n",
  :fingerprint => "c782c0f3530a04a5b2b78fc5292b7500aef1299370288b5eeb0450a6613a2c82",
  :type => "client"
}

Retrieve a certificate by specifying a prefix of its fingerprint

Hyperkit.certificate("c7") #=> {
  :certificate => "-----BEGIN CERTIFICATE-----\nMIIEW...ceyg04=\n-----END CERTIFICATE-----\n",
  :fingerprint => "c782c0f3530a04a5b2b78fc5292b7500aef1299370288b5eeb0450a6613a2c82",
  :type => "client"
}

Parameters:

• fingerprint (String) —

  Fingerprint of the certificate to retrieve. Can be a prefix, as long as it is unambigous

Returns:

• (Sawyer::Resource) —

  Certificate information

# File 'lib/hyperkit/client/certificates.rb', line 65

def certificate(fingerprint)
  get(certificate_path(fingerprint)).metadata
end

#certificates ⇒ Array<String>

List of trusted certificates on the server

Examples:

Get list of containers

Hyperkit.certificates #=> [
  "c782c0f3530a04a5b2b78fc5292b7500aef1299370288b5eeb0450a6613a2c82",
  "b7720e1eb839056158cf65d182865491a0403f766983b95f5098d05911bbff89"
]

Returns:

• (Array<String>) —

  An array of certificate fingerprints

# File 'lib/hyperkit/client/certificates.rb', line 23

def certificates
  response = get(certificates_path)
  response.metadata.map { |path| path.split('/').last }
end

#create_certificate(cert, options = {}) ⇒ Sawyer::Resource

Add a new trusted certificate to the server

Examples:

Add trusted certificate

Hyperkit.create_certificate(File.read("/tmp/cert.pem"))

Add trusted certificate via untrusted client connection

Hyperkit.create_certificate(File.read("/tmp/cert.pem"), password: "server-trust-password")

Parameters:

• cert (String) —

  Certificate contents in PEM format

• options (Hash) (defaults to: {}) —

  Additional data to be passed

Options Hash (options):

• :name (String) —

  Optional name for the certificate. If not specified, the host in the TLS header for the request is used.

• :password (String) —

  The trust password for that server. Only required if untrusted.

Returns:

• (Sawyer::Resource)

# File 'lib/hyperkit/client/certificates.rb', line 41

def create_certificate(cert, options={})
  options = options.slice(:name, :password)
  options = options.merge(type: "client", certificate: Base64.strict_encode64(OpenSSL::X509::Certificate.new(cert).to_der))
  post(certificates_path, options).metadata
end

#delete_certificate(fingerprint) ⇒ Sawyer::Resource

Delete a trusted certificate from the server

Examples:

Delete a certificate

Hyperkit.delete_certificate("c782c0f3530a04a5b2b78fc5292b7500aef1299370288b5eeb0450a6613a2c82")

Delete a certificate by specifying a prefix of its fingerprint

Hyperkit.delete_certificate("c7")

Parameters:

• fingerprint (String) —

  Fingerprint of the certificate to retrieve. Can be a prefix, as long as it is unambigous

Returns:

• (Sawyer::Resource)

# File 'lib/hyperkit/client/certificates.rb', line 79

def delete_certificate(fingerprint)
  delete(certificate_path(fingerprint)).metadata
end