puppet-databinding-jerakiaserver 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/puppet/indirector/data_binding/jerakiaserver.rb +100 -0
- metadata +59 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 01db418ee49d7008862c23f707961a902e3658ef
|
4
|
+
data.tar.gz: 18fcdc271a91cd5bc534986065fdf2e54a39c94c
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: a2b1c2e07d991fae51ee1b90fe56258d1772723c6a376b56928dc242ccc93dfc5ec1da93b620042ece51acce9958f766cac06e2a2b91e022803f70a5c9326df6
|
7
|
+
data.tar.gz: bf28b67a833c0322a321debf701aa0e15b38b86b9451617680153f3f54db54e5f5af2f7e64918f9f0603d33085fdfebb60d4ad6407fbd18b2cf956a6e7498176
|
@@ -0,0 +1,100 @@
|
|
1
|
+
require 'puppet/indirector/code'
|
2
|
+
require 'jerakia/client'
|
3
|
+
require 'json'
|
4
|
+
require 'digest/md5'
|
5
|
+
|
6
|
+
class Puppet::DataBinding::Jerakiaserver < Puppet::Indirector::Code
|
7
|
+
|
8
|
+
desc "Data binding for Jerakia"
|
9
|
+
|
10
|
+
attr_reader :jerakia
|
11
|
+
attr_reader :scope_cache
|
12
|
+
|
13
|
+
|
14
|
+
def initialize(*args)
|
15
|
+
@jerakia=::Jerakia::Client.new
|
16
|
+
@scope_cache = {}
|
17
|
+
super
|
18
|
+
end
|
19
|
+
|
20
|
+
def server_scope(identifier)
|
21
|
+
returndata = jerakia.get_scope_uuid('puppet', identifier)
|
22
|
+
if returndata.is_a?(Hash)
|
23
|
+
return returndata['uuid']
|
24
|
+
else
|
25
|
+
return nil
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
def store_scope(identifier, uuid, scope)
|
30
|
+
@scope_cache[identifier] = {
|
31
|
+
:uuid => uuid,
|
32
|
+
:md5 => Digest::MD5.hexdigest(scope.to_s)
|
33
|
+
}
|
34
|
+
end
|
35
|
+
|
36
|
+
def send_scope(identifier, scope)
|
37
|
+
returndata = jerakia.send_scope('puppet', identifier, scope)
|
38
|
+
store_scope(identifier, returndata['uuid'], scope)
|
39
|
+
end
|
40
|
+
|
41
|
+
def scope_valid?(identifier, scope)
|
42
|
+
uuid = server_scope(identifier)
|
43
|
+
|
44
|
+
# If the server doesn't have a copy, refresh
|
45
|
+
return false unless uuid
|
46
|
+
|
47
|
+
if scope_cache[identifier]
|
48
|
+
# If the UUID is different we need to refresh
|
49
|
+
return false unless scope_cache[identifier][:uuid] == uuid
|
50
|
+
|
51
|
+
# If the MD5 sum of the scope has changed, we are probably in a new
|
52
|
+
# puppet run and need to refresh the scope.
|
53
|
+
return false unless scope_cache[identifier][:md5] == Digest::MD5.hexdigest(scope.to_s)
|
54
|
+
else
|
55
|
+
|
56
|
+
# If the scope is not cached at all then we should refresh
|
57
|
+
return false
|
58
|
+
end
|
59
|
+
return true
|
60
|
+
end
|
61
|
+
|
62
|
+
|
63
|
+
|
64
|
+
|
65
|
+
def find(request)
|
66
|
+
|
67
|
+
# Jerakia doesn't do anything with lookup_options, this behaviour is achieved
|
68
|
+
# using schemas, therefore we always return nil here for the key
|
69
|
+
return nil if request.key == 'lookup_options'
|
70
|
+
|
71
|
+
lookupdata=request.key.split(/::/)
|
72
|
+
key=lookupdata.pop
|
73
|
+
namespace=lookupdata.join('/')
|
74
|
+
metadata = request.options[:variables].to_hash.reject { |k, v| v.is_a?(Puppet::Resource) }
|
75
|
+
|
76
|
+
# If the scope is unchanged assume this is part of the same puppet run and don't resend
|
77
|
+
# otherwise we need to send the scope to Jerakia server ahead of time.
|
78
|
+
#
|
79
|
+
identifier = metadata['trusted']['certname']
|
80
|
+
|
81
|
+
send_scope(identifier, metadata) unless scope_valid?(identifier, metadata)
|
82
|
+
|
83
|
+
lookup_options = {
|
84
|
+
:namespace => namespace,
|
85
|
+
:scope => 'server',
|
86
|
+
:scope_opts => {
|
87
|
+
'identifier' => identifier,
|
88
|
+
'realm' => 'puppet'
|
89
|
+
}
|
90
|
+
}
|
91
|
+
|
92
|
+
lookup = jerakia.lookup(key, lookup_options)
|
93
|
+
if lookup.is_a?(Hash)
|
94
|
+
raise Puppet::DataBinding::LookupError.new("Jerakia data lookup failed", lookup['message']) unless lookup['status'] = 'ok'
|
95
|
+
return lookup['payload']
|
96
|
+
else
|
97
|
+
raise Puppet::DataBinding::LookupError.new("Jerakia data lookup failed", "Unknown reason")
|
98
|
+
end
|
99
|
+
end
|
100
|
+
end
|
metadata
ADDED
@@ -0,0 +1,59 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: puppet-databinding-jerakiaserver
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Craig Dunn
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2017-01-14 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: jerakia-client
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
description: Puppet databinding for Jerakia Server using the Jerakia client libraries
|
28
|
+
email:
|
29
|
+
executables: []
|
30
|
+
extensions: []
|
31
|
+
extra_rdoc_files: []
|
32
|
+
files:
|
33
|
+
- lib/puppet/indirector/data_binding/jerakiaserver.rb
|
34
|
+
homepage: http://jerakia.io
|
35
|
+
licenses:
|
36
|
+
- Apache 2.0
|
37
|
+
metadata: {}
|
38
|
+
post_install_message:
|
39
|
+
rdoc_options: []
|
40
|
+
require_paths:
|
41
|
+
- lib
|
42
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
43
|
+
requirements:
|
44
|
+
- - ">="
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: '0'
|
47
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
48
|
+
requirements:
|
49
|
+
- - ">="
|
50
|
+
- !ruby/object:Gem::Version
|
51
|
+
version: '0'
|
52
|
+
requirements: []
|
53
|
+
rubyforge_project:
|
54
|
+
rubygems_version: 2.5.1
|
55
|
+
signing_key:
|
56
|
+
specification_version: 4
|
57
|
+
summary: Puppet databding for Jerakia Server
|
58
|
+
test_files: []
|
59
|
+
has_rdoc:
|