puppet-databinding-jerakiaserver 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/lib/puppet/indirector/data_binding/jerakiaserver.rb +100 -0
- metadata +59 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 01db418ee49d7008862c23f707961a902e3658ef
|
4
|
+
data.tar.gz: 18fcdc271a91cd5bc534986065fdf2e54a39c94c
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: a2b1c2e07d991fae51ee1b90fe56258d1772723c6a376b56928dc242ccc93dfc5ec1da93b620042ece51acce9958f766cac06e2a2b91e022803f70a5c9326df6
|
7
|
+
data.tar.gz: bf28b67a833c0322a321debf701aa0e15b38b86b9451617680153f3f54db54e5f5af2f7e64918f9f0603d33085fdfebb60d4ad6407fbd18b2cf956a6e7498176
|
@@ -0,0 +1,100 @@
|
|
1
|
+
require 'puppet/indirector/code'
|
2
|
+
require 'jerakia/client'
|
3
|
+
require 'json'
|
4
|
+
require 'digest/md5'
|
5
|
+
|
6
|
+
class Puppet::DataBinding::Jerakiaserver < Puppet::Indirector::Code
|
7
|
+
|
8
|
+
desc "Data binding for Jerakia"
|
9
|
+
|
10
|
+
attr_reader :jerakia
|
11
|
+
attr_reader :scope_cache
|
12
|
+
|
13
|
+
|
14
|
+
def initialize(*args)
|
15
|
+
@jerakia=::Jerakia::Client.new
|
16
|
+
@scope_cache = {}
|
17
|
+
super
|
18
|
+
end
|
19
|
+
|
20
|
+
def server_scope(identifier)
|
21
|
+
returndata = jerakia.get_scope_uuid('puppet', identifier)
|
22
|
+
if returndata.is_a?(Hash)
|
23
|
+
return returndata['uuid']
|
24
|
+
else
|
25
|
+
return nil
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
def store_scope(identifier, uuid, scope)
|
30
|
+
@scope_cache[identifier] = {
|
31
|
+
:uuid => uuid,
|
32
|
+
:md5 => Digest::MD5.hexdigest(scope.to_s)
|
33
|
+
}
|
34
|
+
end
|
35
|
+
|
36
|
+
def send_scope(identifier, scope)
|
37
|
+
returndata = jerakia.send_scope('puppet', identifier, scope)
|
38
|
+
store_scope(identifier, returndata['uuid'], scope)
|
39
|
+
end
|
40
|
+
|
41
|
+
def scope_valid?(identifier, scope)
|
42
|
+
uuid = server_scope(identifier)
|
43
|
+
|
44
|
+
# If the server doesn't have a copy, refresh
|
45
|
+
return false unless uuid
|
46
|
+
|
47
|
+
if scope_cache[identifier]
|
48
|
+
# If the UUID is different we need to refresh
|
49
|
+
return false unless scope_cache[identifier][:uuid] == uuid
|
50
|
+
|
51
|
+
# If the MD5 sum of the scope has changed, we are probably in a new
|
52
|
+
# puppet run and need to refresh the scope.
|
53
|
+
return false unless scope_cache[identifier][:md5] == Digest::MD5.hexdigest(scope.to_s)
|
54
|
+
else
|
55
|
+
|
56
|
+
# If the scope is not cached at all then we should refresh
|
57
|
+
return false
|
58
|
+
end
|
59
|
+
return true
|
60
|
+
end
|
61
|
+
|
62
|
+
|
63
|
+
|
64
|
+
|
65
|
+
def find(request)
|
66
|
+
|
67
|
+
# Jerakia doesn't do anything with lookup_options, this behaviour is achieved
|
68
|
+
# using schemas, therefore we always return nil here for the key
|
69
|
+
return nil if request.key == 'lookup_options'
|
70
|
+
|
71
|
+
lookupdata=request.key.split(/::/)
|
72
|
+
key=lookupdata.pop
|
73
|
+
namespace=lookupdata.join('/')
|
74
|
+
metadata = request.options[:variables].to_hash.reject { |k, v| v.is_a?(Puppet::Resource) }
|
75
|
+
|
76
|
+
# If the scope is unchanged assume this is part of the same puppet run and don't resend
|
77
|
+
# otherwise we need to send the scope to Jerakia server ahead of time.
|
78
|
+
#
|
79
|
+
identifier = metadata['trusted']['certname']
|
80
|
+
|
81
|
+
send_scope(identifier, metadata) unless scope_valid?(identifier, metadata)
|
82
|
+
|
83
|
+
lookup_options = {
|
84
|
+
:namespace => namespace,
|
85
|
+
:scope => 'server',
|
86
|
+
:scope_opts => {
|
87
|
+
'identifier' => identifier,
|
88
|
+
'realm' => 'puppet'
|
89
|
+
}
|
90
|
+
}
|
91
|
+
|
92
|
+
lookup = jerakia.lookup(key, lookup_options)
|
93
|
+
if lookup.is_a?(Hash)
|
94
|
+
raise Puppet::DataBinding::LookupError.new("Jerakia data lookup failed", lookup['message']) unless lookup['status'] = 'ok'
|
95
|
+
return lookup['payload']
|
96
|
+
else
|
97
|
+
raise Puppet::DataBinding::LookupError.new("Jerakia data lookup failed", "Unknown reason")
|
98
|
+
end
|
99
|
+
end
|
100
|
+
end
|
metadata
ADDED
@@ -0,0 +1,59 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: puppet-databinding-jerakiaserver
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Craig Dunn
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2017-01-14 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: jerakia-client
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ">="
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
description: Puppet databinding for Jerakia Server using the Jerakia client libraries
|
28
|
+
email:
|
29
|
+
executables: []
|
30
|
+
extensions: []
|
31
|
+
extra_rdoc_files: []
|
32
|
+
files:
|
33
|
+
- lib/puppet/indirector/data_binding/jerakiaserver.rb
|
34
|
+
homepage: http://jerakia.io
|
35
|
+
licenses:
|
36
|
+
- Apache 2.0
|
37
|
+
metadata: {}
|
38
|
+
post_install_message:
|
39
|
+
rdoc_options: []
|
40
|
+
require_paths:
|
41
|
+
- lib
|
42
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
43
|
+
requirements:
|
44
|
+
- - ">="
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: '0'
|
47
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
48
|
+
requirements:
|
49
|
+
- - ">="
|
50
|
+
- !ruby/object:Gem::Version
|
51
|
+
version: '0'
|
52
|
+
requirements: []
|
53
|
+
rubyforge_project:
|
54
|
+
rubygems_version: 2.5.1
|
55
|
+
signing_key:
|
56
|
+
specification_version: 4
|
57
|
+
summary: Puppet databding for Jerakia Server
|
58
|
+
test_files: []
|
59
|
+
has_rdoc:
|