jerakia 1.1.2 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/hiera/backend/jerakia_backend.rb +13 -14
- data/lib/jerakia/answer.rb +28 -27
- data/lib/jerakia/cache/entry.rb +2 -6
- data/lib/jerakia/cache/file.rb +53 -23
- data/lib/jerakia/cache.rb +44 -11
- data/lib/jerakia/cli/lookup.rb +124 -0
- data/lib/jerakia/cli/server.rb +50 -0
- data/lib/jerakia/cli/token.rb +64 -0
- data/lib/jerakia/cli.rb +7 -117
- data/lib/jerakia/config.rb +5 -5
- data/lib/jerakia/datasource/dummy.rb +1 -6
- data/lib/jerakia/datasource/file/json.rb +1 -3
- data/lib/jerakia/datasource/file/yaml.rb +1 -3
- data/lib/jerakia/datasource/file.rb +21 -44
- data/lib/jerakia/datasource/http.rb +17 -23
- data/lib/jerakia/datasource.rb +37 -36
- data/lib/jerakia/dsl/lookup.rb +4 -6
- data/lib/jerakia/dsl/policy.rb +11 -12
- data/lib/jerakia/error.rb +0 -5
- data/lib/jerakia/launcher.rb +26 -30
- data/lib/jerakia/log.rb +21 -22
- data/lib/jerakia/lookup/plugin/hiera.rb +3 -4
- data/lib/jerakia/lookup/plugin.rb +5 -6
- data/lib/jerakia/lookup/plugin_config.rb +31 -0
- data/lib/jerakia/lookup/pluginfactory.rb +30 -36
- data/lib/jerakia/lookup.rb +31 -32
- data/lib/jerakia/policy.rb +60 -45
- data/lib/jerakia/request.rb +3 -2
- data/lib/jerakia/response/filter/encryption.rb +7 -12
- data/lib/jerakia/response/filter/strsub.rb +4 -9
- data/lib/jerakia/response/filter.rb +5 -5
- data/lib/jerakia/response.rb +7 -13
- data/lib/jerakia/schema.rb +23 -35
- data/lib/jerakia/scope/metadata.rb +0 -1
- data/lib/jerakia/scope/puppetdb.rb +38 -0
- data/lib/jerakia/scope/server.rb +60 -0
- data/lib/jerakia/scope/yaml.rb +3 -4
- data/lib/jerakia/scope.rb +0 -2
- data/lib/jerakia/server/auth/token.rb +35 -0
- data/lib/jerakia/server/auth.rb +72 -0
- data/lib/jerakia/server/rest.rb +140 -0
- data/lib/jerakia/server.rb +41 -0
- data/lib/jerakia/util.rb +6 -7
- data/lib/jerakia/version.rb +1 -3
- data/lib/jerakia.rb +58 -40
- data/lib/puppet/indirector/data_binding/jerakia.rb +9 -11
- data/lib/puppet/indirector/data_binding/jerakia_rest.rb +11 -13
- metadata +78 -11
data/lib/jerakia/cli.rb
CHANGED
@@ -2,126 +2,16 @@ require 'thor'
|
|
2
2
|
require 'jerakia'
|
3
3
|
require 'json'
|
4
4
|
require 'yaml'
|
5
|
+
require 'jerakia/cli/server'
|
6
|
+
require 'jerakia/cli/token'
|
7
|
+
require 'jerakia/cli/lookup'
|
8
|
+
|
5
9
|
|
6
10
|
class Jerakia
|
7
11
|
class CLI < Thor
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
type: :string,
|
12
|
-
desc: 'Configuration file'
|
13
|
-
option :policy,
|
14
|
-
aliases: :p,
|
15
|
-
type: :string,
|
16
|
-
default: 'default',
|
17
|
-
desc: 'Lookup policy'
|
18
|
-
option :namespace,
|
19
|
-
aliases: :n,
|
20
|
-
type: :string,
|
21
|
-
default: '',
|
22
|
-
desc: 'Lookup namespace'
|
23
|
-
option :type,
|
24
|
-
aliases: :t,
|
25
|
-
type: :string,
|
26
|
-
default: 'first',
|
27
|
-
desc: 'Lookup type'
|
28
|
-
option :scope,
|
29
|
-
aliases: :s,
|
30
|
-
type: :string,
|
31
|
-
desc: 'Scope handler',
|
32
|
-
default: "metadata"
|
33
|
-
option :scope_options,
|
34
|
-
type: :hash,
|
35
|
-
desc: "Key/value pairs to be passed to the scope handler"
|
36
|
-
option :merge_type,
|
37
|
-
aliases: :m,
|
38
|
-
type: :string,
|
39
|
-
default: 'array',
|
40
|
-
desc: 'Merge type'
|
41
|
-
option :log_level,
|
42
|
-
aliases: :l,
|
43
|
-
type: :string,
|
44
|
-
desc: 'Log level'
|
45
|
-
option :verbose,
|
46
|
-
aliases: :v,
|
47
|
-
type: :boolean,
|
48
|
-
desc: "Print verbose information"
|
49
|
-
option :debug,
|
50
|
-
aliases: :D,
|
51
|
-
type: :boolean,
|
52
|
-
desc: 'Debug information to console, implies --log-level debug'
|
53
|
-
option :trace,
|
54
|
-
type: :boolean,
|
55
|
-
desc: 'Output stacktrace to stdout'
|
56
|
-
option :metadata,
|
57
|
-
aliases: :d,
|
58
|
-
type: :hash,
|
59
|
-
desc: 'Key/value pairs to be used as metadata for the lookup'
|
60
|
-
option :schema,
|
61
|
-
aliases: :S,
|
62
|
-
type: :boolean,
|
63
|
-
desc: 'Enable/disable schema lookup, default true',
|
64
|
-
default: true
|
65
|
-
option :output,
|
66
|
-
aliases: :o,
|
67
|
-
type: :string,
|
68
|
-
default: 'json',
|
69
|
-
desc: 'Output format, yaml or json'
|
70
|
-
|
71
|
-
|
72
|
-
def lookup(key)
|
73
|
-
# Thor by default now returns a frozen options hash so we
|
74
|
-
# need to dup this here to prevent problems later with
|
75
|
-
# modifying the request object
|
76
|
-
#
|
77
|
-
options_copy = options.dup
|
78
|
-
|
79
|
-
case true
|
80
|
-
when options[:verbose]
|
81
|
-
loglevel = "verbose"
|
82
|
-
logfile = STDOUT
|
83
|
-
when options[:debug]
|
84
|
-
loglevel = "debug"
|
85
|
-
logfile = STDOUT
|
86
|
-
else
|
87
|
-
logfile = nil
|
88
|
-
loglevel = options[:log_level]
|
89
|
-
end
|
90
|
-
|
91
|
-
begin
|
92
|
-
|
93
|
-
jac = Jerakia.new({
|
94
|
-
:config => options[:config],
|
95
|
-
:logfile => logfile,
|
96
|
-
:loglevel => loglevel,
|
97
|
-
:trace => options[:trace],
|
98
|
-
})
|
99
|
-
req = Jerakia::Request.new(
|
100
|
-
:key => key.dup,
|
101
|
-
:namespace => options_copy[:namespace].split(/::/),
|
102
|
-
:policy => options_copy[:policy].to_sym,
|
103
|
-
:lookup_type => options_copy[:type].to_sym,
|
104
|
-
:merge => options_copy[:merge_type].to_sym,
|
105
|
-
:metadata => options_copy[:metadata] || {},
|
106
|
-
:scope => options_copy[:scope].to_sym,
|
107
|
-
:scope_options => options_copy[:scope_options],
|
108
|
-
:use_schema => options_copy[:schema],
|
109
|
-
)
|
110
|
-
|
111
|
-
|
112
|
-
answer = jac.lookup(req)
|
113
|
-
case options[:output]
|
114
|
-
when 'json'
|
115
|
-
puts answer.payload.to_json
|
116
|
-
when 'yaml'
|
117
|
-
puts answer.payload.to_yaml
|
118
|
-
end
|
119
|
-
rescue Jerakia::Error => e
|
120
|
-
STDERR.puts "Error(#{e.class}): #{e.message}"
|
121
|
-
STDERR.puts e.backtrace.join("\n") if options[:trace]
|
122
|
-
exit 1
|
123
|
-
end
|
124
|
-
end
|
12
|
+
include Jerakia::CLI::Server
|
13
|
+
include Jerakia::CLI::Lookup
|
14
|
+
include Jerakia::CLI::Token
|
125
15
|
|
126
16
|
desc 'version', 'Version information'
|
127
17
|
def version
|
data/lib/jerakia/config.rb
CHANGED
@@ -5,11 +5,9 @@ class Jerakia::Config
|
|
5
5
|
attr_reader :server_url
|
6
6
|
|
7
7
|
def self.load_from_file(file = '/etc/jerakia/jerakia.yaml')
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
raise Jerakia::FileParseError, "Could not parse config file #{file}, #{e.message}"
|
12
|
-
end
|
8
|
+
new YAML.load_file(file)
|
9
|
+
rescue Psych::SyntaxError => e
|
10
|
+
raise Jerakia::FileParseError, "Could not parse config file #{file}, #{e.message}"
|
13
11
|
end
|
14
12
|
|
15
13
|
def initialize(config = {})
|
@@ -24,6 +22,8 @@ class Jerakia::Config
|
|
24
22
|
'policydir' => '/etc/jerakia/policy.d',
|
25
23
|
'logfile' => '/var/log/jerakia.log',
|
26
24
|
'loglevel' => 'info',
|
25
|
+
'vardir' => '/var/lib/jerakia',
|
26
|
+
'piddir' => '/var/run',
|
27
27
|
'enable_schema' => true,
|
28
28
|
}
|
29
29
|
end
|
@@ -1,17 +1,12 @@
|
|
1
1
|
class Jerakia::Datasource
|
2
2
|
module Dummy
|
3
|
-
|
4
3
|
def run
|
5
4
|
#
|
6
5
|
# Do the lookup
|
7
6
|
|
8
7
|
Jerakia.log.debug("Searching key #{lookup.request.key} in dummy datasource")
|
9
|
-
option :return,
|
8
|
+
option :return, :type => [String, Hash, Array], :default => 'Returned data'
|
10
9
|
response.submit options[:return]
|
11
|
-
|
12
|
-
|
13
|
-
|
14
10
|
end
|
15
11
|
end
|
16
12
|
end
|
17
|
-
|
@@ -1,70 +1,51 @@
|
|
1
1
|
require 'jerakia/cache/file'
|
2
2
|
|
3
|
-
|
4
3
|
class Jerakia::Datasource
|
5
4
|
module File
|
6
|
-
|
7
5
|
attr_reader :file_format
|
8
|
-
@@cache = Jerakia::Cache::File.new
|
9
6
|
|
10
7
|
def load_format_handler
|
11
8
|
format = options[:format] || :yaml
|
12
|
-
class_name=format.to_s.capitalize
|
13
|
-
require "jerakia/datasource/file/#{format
|
9
|
+
class_name = format.to_s.capitalize
|
10
|
+
require "jerakia/datasource/file/#{format}"
|
14
11
|
@file_format = eval "Jerakia::Datasource::File::#{class_name}"
|
15
12
|
end
|
16
13
|
|
17
|
-
|
18
14
|
def cache
|
19
|
-
|
20
|
-
end
|
21
|
-
|
22
|
-
def import_file(filename)
|
23
|
-
Jerakia.log.debug("import_file() Importing #{filename}")
|
24
|
-
if ::File.exists?(filename)
|
25
|
-
::File.read(filename)
|
26
|
-
else
|
27
|
-
""
|
28
|
-
end
|
15
|
+
Jerakia::Cache::File
|
29
16
|
end
|
30
17
|
|
31
18
|
def get_file_with_cache(diskname)
|
32
19
|
if options[:enable_caching]
|
33
|
-
|
34
|
-
|
35
|
-
cache.get(diskname)
|
36
|
-
else
|
37
|
-
Jerakia.log.debug("Adding contents of #{diskname} to cache")
|
38
|
-
cache.add(diskname,import_file(diskname))
|
39
|
-
end
|
20
|
+
Jerakia.log.debug("Querying cache for file #{diskname}")
|
21
|
+
cache.retrieve(diskname)
|
40
22
|
else
|
41
|
-
|
23
|
+
::File.read(diskname) if ::File.exists?(diskname)
|
42
24
|
end
|
43
25
|
end
|
44
26
|
|
45
|
-
def list_fragments(prefix,extension)
|
46
|
-
if ::File.directory?("#{prefix}.d")
|
47
|
-
Dir["#{prefix}.d/*.#{extension}"]
|
48
|
-
end
|
27
|
+
def list_fragments(prefix, extension)
|
28
|
+
Dir["#{prefix}.d/*.#{extension}"] if ::File.directory?("#{prefix}.d")
|
49
29
|
end
|
50
30
|
|
51
31
|
def read_from_file(fname)
|
52
32
|
fpath = []
|
53
33
|
fpath << options[:docroot] unless fname[0] == '/'
|
54
|
-
fpath << [
|
34
|
+
fpath << [fname, lookup.request.namespace]
|
55
35
|
|
56
36
|
extension = options[:extension] || @file_format::EXTENSION
|
57
|
-
diskname_prefix =
|
37
|
+
diskname_prefix = ::File.join(fpath.flatten).gsub(/\/$/, '').to_s
|
58
38
|
diskname = "#{diskname_prefix}.#{extension}"
|
59
|
-
|
60
|
-
files = [
|
39
|
+
|
40
|
+
files = [diskname]
|
61
41
|
files << list_fragments(diskname_prefix, extension)
|
62
|
-
|
63
|
-
raw_data=
|
42
|
+
|
43
|
+
raw_data = ''
|
64
44
|
|
65
45
|
files.flatten.compact.each do |f|
|
66
46
|
Jerakia.log.debug("read_from_file() #{f}")
|
67
|
-
|
47
|
+
file_contents = get_file_with_cache(f)
|
48
|
+
raw_data << file_contents if file_contents
|
68
49
|
end
|
69
50
|
|
70
51
|
begin
|
@@ -72,34 +53,30 @@ class Jerakia::Datasource
|
|
72
53
|
rescue Jerakia::FileParseError => e
|
73
54
|
raise Jerakia::FileParseError, "While parsing #{diskname}: #{e.message}"
|
74
55
|
end
|
75
|
-
|
76
56
|
end
|
77
57
|
|
78
|
-
|
79
58
|
def run
|
80
59
|
#
|
81
60
|
# Do the lookup
|
82
61
|
|
83
62
|
Jerakia.log.debug("Searching key #{lookup.request.key} from file format #{options[:format]} (#{whoami})")
|
84
|
-
option :searchpath,
|
85
|
-
option :format,
|
86
|
-
option :docroot,
|
87
|
-
option :extension,
|
63
|
+
option :searchpath, :type => Array, :mandatory => true
|
64
|
+
option :format, :type => Symbol, :default => :yaml
|
65
|
+
option :docroot, :type => String, :default => '/etc/jerakia/data'
|
66
|
+
option :extension, :type => String
|
88
67
|
|
89
68
|
load_format_handler
|
90
69
|
|
91
70
|
options[:searchpath].flatten.each do |path|
|
92
71
|
Jerakia.log.debug("Attempting to load data from #{path}")
|
93
72
|
return unless response.want?
|
94
|
-
data=read_from_file(path)
|
73
|
+
data = read_from_file(path)
|
95
74
|
Jerakia.log.debug("Datasource provided #{data} looking for key #{lookup.request.key}")
|
96
75
|
unless data[lookup.request.key].nil?
|
97
76
|
Jerakia.log.debug("Found data #{data[lookup.request.key]}")
|
98
77
|
response.submit data[lookup.request.key]
|
99
78
|
end
|
100
79
|
end
|
101
|
-
|
102
80
|
end
|
103
81
|
end
|
104
82
|
end
|
105
|
-
|
@@ -1,34 +1,30 @@
|
|
1
1
|
require 'lookup_http'
|
2
2
|
|
3
|
-
|
4
3
|
class Jerakia::Datasource
|
5
4
|
module Http
|
6
|
-
|
7
5
|
def run
|
8
6
|
#
|
9
7
|
# Do the lookup
|
10
8
|
|
11
9
|
Jerakia.log.debug("Searching key #{lookup.request.key} using the http datasource (#{whoami})")
|
12
10
|
|
13
|
-
|
14
|
-
option :
|
15
|
-
option :
|
16
|
-
option :
|
17
|
-
option :
|
18
|
-
option :
|
19
|
-
option :
|
20
|
-
option :http_read_timeout, { :type => Integer }
|
11
|
+
option :host, :type => String, :mandatory => true
|
12
|
+
option :port, :type => Integer, :default => 80
|
13
|
+
option :output, :type => String, :default => 'json'
|
14
|
+
option :failure, :type => String, :default => 'graceful'
|
15
|
+
option :ignore_404, :default => true
|
16
|
+
option :headers, :type => Hash
|
17
|
+
option :http_read_timeout, :type => Integer
|
21
18
|
option :use_ssl
|
22
|
-
option :ssl_ca_cert,
|
23
|
-
option :ssl_cert,
|
24
|
-
option :ssl_key,
|
19
|
+
option :ssl_ca_cert, :type => String
|
20
|
+
option :ssl_cert, :type => String
|
21
|
+
option :ssl_key, :type => String
|
25
22
|
option :ssl_verify
|
26
23
|
option :use_auth
|
27
|
-
option :auth_user,
|
28
|
-
option :auth_pass,
|
29
|
-
option :http_connect_timeout,
|
30
|
-
option :paths,
|
31
|
-
|
24
|
+
option :auth_user, :type => String
|
25
|
+
option :auth_pass, :type => String
|
26
|
+
option :http_connect_timeout, :type => Integer
|
27
|
+
option :paths, :type => Array, :mandatory => true
|
32
28
|
|
33
29
|
lookup_supported_params = [
|
34
30
|
:host,
|
@@ -46,7 +42,7 @@ class Jerakia::Datasource
|
|
46
42
|
:ssl_verify,
|
47
43
|
:use_auth,
|
48
44
|
:auth_user,
|
49
|
-
:auth_pass
|
45
|
+
:auth_pass
|
50
46
|
]
|
51
47
|
lookup_params = options.select { |p| lookup_supported_params.include?(p) }
|
52
48
|
http_lookup = LookupHttp.new(lookup_params)
|
@@ -55,7 +51,7 @@ class Jerakia::Datasource
|
|
55
51
|
Jerakia.log.debug("Attempting to load data from #{path}")
|
56
52
|
return unless response.want?
|
57
53
|
|
58
|
-
data=http_lookup.get_parsed(path)
|
54
|
+
data = http_lookup.get_parsed(path)
|
59
55
|
Jerakia.log.debug("Datasource provided #{data} (#{data.class}) looking for key #{lookup.request.key}")
|
60
56
|
|
61
57
|
if data.is_a?(Hash)
|
@@ -64,14 +60,12 @@ class Jerakia::Datasource
|
|
64
60
|
response.submit data[lookup.request.key]
|
65
61
|
end
|
66
62
|
else
|
67
|
-
unless options[:output] == 'plain'
|
63
|
+
unless options[:output] == 'plain' || options[:failure] == 'graceful'
|
68
64
|
raise Jerakia::Error, "HTTP request did not return a hash for #{lookup.request.key} #{whoami}"
|
69
65
|
end
|
70
66
|
response.submit data
|
71
67
|
end
|
72
|
-
|
73
68
|
end
|
74
69
|
end
|
75
70
|
end
|
76
71
|
end
|
77
|
-
|
data/lib/jerakia/datasource.rb
CHANGED
@@ -1,48 +1,49 @@
|
|
1
|
+
# rubocop:disable Lint/Eval
|
2
|
+
#
|
1
3
|
require 'jerakia/cache'
|
2
|
-
class Jerakia
|
4
|
+
class Jerakia
|
5
|
+
class Datasource
|
6
|
+
require 'jerakia/response'
|
3
7
|
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
+
attr_reader :response
|
9
|
+
attr_reader :options
|
10
|
+
attr_reader :lookup
|
11
|
+
attr_reader :name
|
8
12
|
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
13
|
+
def initialize(name, lookup, opts)
|
14
|
+
@response = Jerakia::Response.new(lookup)
|
15
|
+
@options = opts
|
16
|
+
@lookup = lookup
|
17
|
+
@name = name
|
18
|
+
begin
|
19
|
+
require "jerakia/datasource/#{name}"
|
20
|
+
eval "extend Jerakia::Datasource::#{name.capitalize}"
|
21
|
+
rescue LoadError => e
|
22
|
+
raise Jerakia::Error, "Cannot load datasource #{name} in lookup #{lookup.name}, #{e.message}"
|
23
|
+
end
|
19
24
|
end
|
20
|
-
end
|
21
25
|
|
26
|
+
## used for verbose logging
|
27
|
+
def whoami
|
28
|
+
"datasource=#{@name} lookup=#{@lookup.name}"
|
29
|
+
end
|
22
30
|
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
31
|
+
def option(opt, data = {})
|
32
|
+
if @options[opt].nil? && data.key?(:default)
|
33
|
+
@options[opt] = data[:default]
|
34
|
+
end
|
27
35
|
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
if data[:type]
|
38
|
-
if Array(data[:type]).select { |t| @options[opt].is_a?(t) }.empty?
|
39
|
-
raise Jerakia::PolicyError,
|
40
|
-
"#{opt} is a #{@options[opt].class} but must be a #{data[:type].to_s} for datasource #{@name} in lookup #{lookup.name}"
|
36
|
+
Jerakia.log.debug("[#{whoami}]: options[#{opt}] to #{options[opt]} [#{options[opt].class}]")
|
37
|
+
if @options[opt].nil?
|
38
|
+
raise Jerakia::PolicyError, "#{opt} option must be supplied for datasource #{@name} in lookup #{lookup.name}" if data[:mandatory]
|
39
|
+
else
|
40
|
+
if data[:type]
|
41
|
+
if Array(data[:type]).select { |t| @options[opt].is_a?(t) }.empty?
|
42
|
+
raise Jerakia::PolicyError,
|
43
|
+
"#{opt} is a #{@options[opt].class} but must be a #{data[:type]} for datasource #{@name} in lookup #{lookup.name}"
|
44
|
+
end
|
41
45
|
end
|
42
46
|
end
|
43
47
|
end
|
44
48
|
end
|
45
|
-
|
46
|
-
|
47
49
|
end
|
48
|
-
|
data/lib/jerakia/dsl/lookup.rb
CHANGED
@@ -1,14 +1,13 @@
|
|
1
1
|
class Jerakia
|
2
2
|
module Dsl
|
3
3
|
class Lookup
|
4
|
-
|
5
4
|
attr_reader :policy
|
6
5
|
attr_reader :request
|
7
6
|
attr_accessor :lookup
|
8
7
|
|
9
|
-
def initialize(name, policy, opts={})
|
8
|
+
def initialize(name, policy, opts = {})
|
10
9
|
@policy = policy
|
11
|
-
@request =
|
10
|
+
@request = policy.clone_request
|
12
11
|
scope = policy.scope
|
13
12
|
@lookup = Jerakia::Lookup.new(name, opts, @request, scope)
|
14
13
|
end
|
@@ -21,9 +20,9 @@ class Jerakia
|
|
21
20
|
|
22
21
|
# define the data source for the lookup
|
23
22
|
# @api: public
|
24
|
-
def datasource(name, opts={})
|
23
|
+
def datasource(name, opts = {})
|
25
24
|
datasource = Jerakia::Datasource.new(name, lookup, opts)
|
26
|
-
lookup.datasource=
|
25
|
+
lookup.datasource = datasource
|
27
26
|
end
|
28
27
|
|
29
28
|
# give access to the lookup scope object
|
@@ -61,7 +60,6 @@ class Jerakia
|
|
61
60
|
def plugin
|
62
61
|
lookup.plugin
|
63
62
|
end
|
64
|
-
|
65
63
|
end
|
66
64
|
end
|
67
65
|
end
|
data/lib/jerakia/dsl/policy.rb
CHANGED
@@ -1,7 +1,8 @@
|
|
1
|
+
require 'jerakia/cache/file'
|
2
|
+
|
1
3
|
class Jerakia
|
2
4
|
module Dsl
|
3
5
|
class Policy
|
4
|
-
|
5
6
|
def self.evaluate_file(filename, request)
|
6
7
|
policy = new(request)
|
7
8
|
policy.evaluate_file(filename)
|
@@ -18,27 +19,26 @@ class Jerakia
|
|
18
19
|
attr_reader :instance
|
19
20
|
|
20
21
|
def initialize(req)
|
21
|
-
@request=req
|
22
|
+
@request = req
|
22
23
|
end
|
23
24
|
|
24
25
|
def evaluate_file(filename)
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
raise Jerakia::PolicyError, "Could not load policy file, #{
|
26
|
+
policydata = Jerakia::Cache::File.retrieve(filename)
|
27
|
+
|
28
|
+
unless policydata
|
29
|
+
raise Jerakia::PolicyError, "Could not load policy file, #{filename}"
|
29
30
|
end
|
31
|
+
|
30
32
|
instance_eval policydata
|
31
33
|
end
|
32
34
|
|
33
|
-
def policy(name, opts={}, &block)
|
35
|
+
def policy(name, opts = {}, &block)
|
34
36
|
@instance = Jerakia::Policy.new(name, opts, request)
|
35
|
-
Jerakia::Dsl::Policyblock.evaluate(instance
|
37
|
+
Jerakia::Dsl::Policyblock.evaluate(instance, &block)
|
36
38
|
end
|
37
|
-
|
38
39
|
end
|
39
40
|
|
40
41
|
class Policyblock
|
41
|
-
|
42
42
|
attr_accessor :policy
|
43
43
|
|
44
44
|
def initialize(policy)
|
@@ -50,10 +50,9 @@ class Jerakia
|
|
50
50
|
policyblock.instance_eval &block
|
51
51
|
end
|
52
52
|
|
53
|
-
def lookup(name, opts={}, &block)
|
53
|
+
def lookup(name, opts = {}, &block)
|
54
54
|
Jerakia::Dsl::Lookup.evaluate(name, policy, opts, &block)
|
55
55
|
end
|
56
56
|
end
|
57
57
|
end
|
58
|
-
|
59
58
|
end
|
data/lib/jerakia/error.rb
CHANGED
data/lib/jerakia/launcher.rb
CHANGED
@@ -1,35 +1,31 @@
|
|
1
|
-
# Here we take a request object and read in the policy file
|
2
|
-
# which is evalulated in this instance
|
3
|
-
#
|
4
1
|
require 'jerakia/dsl/policy'
|
5
2
|
require 'jerakia/dsl/lookup'
|
6
3
|
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
4
|
+
# Here we take a request object and read in the policy file
|
5
|
+
# which is evalulated in this instance
|
6
|
+
#
|
7
|
+
class Jerakia
|
8
|
+
class Launcher
|
9
|
+
attr_reader :request
|
10
|
+
attr_reader :answer
|
11
|
+
|
12
|
+
def initialize(req)
|
13
|
+
@request = req
|
14
|
+
end
|
15
|
+
|
16
|
+
def evaluate(&block)
|
17
|
+
policy = Jerakia::Dsl::Policy.evaluate(request, &block)
|
18
|
+
policy.execute
|
19
|
+
@answer = policy.answer
|
20
|
+
end
|
21
|
+
|
22
|
+
def invoke_from_file
|
23
|
+
policy_name = request.policy.to_s
|
24
|
+
Jerakia.log.debug "Invoked lookup for #{request.key} using policy #{policy_name}"
|
25
|
+
filename = File.join(Jerakia.config.policydir, "#{policy_name}.rb")
|
26
|
+
policy = Jerakia::Dsl::Policy.evaluate_file(filename, request)
|
27
|
+
policy.execute
|
28
|
+
@answer = policy.answer
|
29
|
+
end
|
30
30
|
end
|
31
|
-
|
32
31
|
end
|
33
|
-
|
34
|
-
|
35
|
-
|