puppetserver-ca 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3ce9f1836cdf33c3a90c4ead5503c9e3bd77dd4c
4
- data.tar.gz: 4c935b843c029cce7626c9b5ae5ec4d2e3d7a483
3
+ metadata.gz: f41aeb772961d07711e18252a727800b7962e11a
4
+ data.tar.gz: ebc595c85433ec3a4c14d2660e0e92237bee3690
5
5
  SHA512:
6
- metadata.gz: 136312e8f3183ba47e97d7e256c6887e22b044bc4b455cb0d7f7e635835b511a83e2a78d53c87b6c45f12c1b11ff149a82dd02346324fde2a75dcb656de4c688
7
- data.tar.gz: 1bff6c715e519f6cc4fcb238059c318659b244a7fad493d8a4b446a7d204a9947464838adb76f213a80fbf7416088b49231dab4531013318c8703abf01b6b579
6
+ metadata.gz: 315814ed7b351eea57fc5620bd08e8e406d6c489a24cc4e0e2e6048844d2ed2ef85260a6fc5c1de8f923f999708aaf0679388b3a23af865f04538f14f6a617e2
7
+ data.tar.gz: b482951edd70310b07d1aa2a8f988a34bc3a08d3a5ddf75e10799a2b86ad09e0dfd8eee0b683ee0fd665eb90e795c0c422517371dedb68124c49d6544283bec6
data/Gemfile CHANGED
@@ -7,3 +7,4 @@ gemspec
7
7
 
8
8
  gem 'pry'
9
9
  gem 'pry-byebug'
10
+ gem 'hocon', '~> 1.2', require: false
@@ -1,6 +1,6 @@
1
1
  require 'optparse'
2
2
  require 'puppetserver/ca/version'
3
- require 'puppetserver/ca/setup_action'
3
+ require 'puppetserver/ca/import_action'
4
4
  require 'puppetserver/ca/logger'
5
5
 
6
6
  module Puppetserver
@@ -13,7 +13,7 @@ Manage the Private Key Infrastructure for
13
13
  Puppet Server's built-in Certificate Authority
14
14
  BANNER
15
15
 
16
- VALID_ACTIONS = {'setup' => SetupAction}
16
+ VALID_ACTIONS = {'import' => ImportAction}
17
17
 
18
18
  ACTION_LIST = "\nAvailable Actions:\n" +
19
19
  VALID_ACTIONS.map do |action, cls|
@@ -0,0 +1,11 @@
1
+ module Puppetserver
2
+ module Ca
3
+ module ConfigUtils
4
+
5
+ def running_as_root?
6
+ !Gem.win_platform? && Process::UID.eid == 0
7
+ end
8
+
9
+ end
10
+ end
11
+ end
@@ -6,13 +6,13 @@ require 'puppetserver/ca/puppet_config'
6
6
 
7
7
  module Puppetserver
8
8
  module Ca
9
- class SetupAction
9
+ class ImportAction
10
10
 
11
- SUMMARY = "Set up the CA's key, certs, and crls"
11
+ SUMMARY = "Import the CA's key, certs, and crls"
12
12
  BANNER = <<-BANNER
13
13
  Usage:
14
- puppetserver ca setup [--help|--version]
15
- puppetserver ca setup [--config PATH]
14
+ puppetserver ca import [--help|--version]
15
+ puppetserver ca import [--config PATH]
16
16
  --private-key PATH --cert-bundle PATH --crl-chain PATH
17
17
 
18
18
  Description:
@@ -175,7 +175,7 @@ BANNER
175
175
  def self.parser(parsed = {})
176
176
  OptionParser.new do |opts|
177
177
  opts.banner = BANNER
178
- opts.on('--help', 'Display this setup specific help output') do |help|
178
+ opts.on('--help', 'Display this import specific help output') do |help|
179
179
  parsed['help'] = true
180
180
  end
181
181
  opts.on('--version', 'Output the version') do |v|
@@ -1,11 +1,14 @@
1
+ require 'puppetserver/ca/config_utils'
1
2
 
2
3
  module Puppetserver
3
4
  module Ca
4
- # Provides an interface for asking for Puppet[ Server] settings w/o loading
5
- # either Puppet or Puppet Server. Includes a simple ini parser that will
6
- # ignore Puppet's more complicated conventions.
5
+ # Provides an interface for asking for Puppet settings w/o loading
6
+ # Puppet. Includes a simple ini parser that will ignore Puppet's
7
+ # more complicated conventions.
7
8
  class PuppetConfig
8
9
 
10
+ include Puppetserver::Ca::ConfigUtils
11
+
9
12
  def self.parse(config_path = nil)
10
13
  instance = new(config_path)
11
14
  instance.load
@@ -119,16 +122,11 @@ module Puppetserver
119
122
  res
120
123
  end
121
124
 
122
-
123
125
  private
124
126
 
125
127
  def explicitly_given_config_file_or_default_config_exists?
126
128
  !@using_default_location || File.exist?(@config_path)
127
129
  end
128
-
129
- def running_as_root?
130
- !Gem.win_platform? && Process::UID.eid == 0
131
- end
132
130
  end
133
131
  end
134
132
  end
@@ -0,0 +1,83 @@
1
+ require 'hocon'
2
+ require 'puppetserver/ca/config_utils'
3
+
4
+ module Puppetserver
5
+ module Ca
6
+ # Provides an interface for querying Puppetserver settings w/o loading
7
+ # Puppetserver or any TK config service. Uses the ruby-hocon gem for parsing.
8
+ class PuppetserverConfig
9
+
10
+ include Puppetserver::Ca::ConfigUtils
11
+
12
+ def self.parse(config_path = nil)
13
+ instance = new(config_path)
14
+ instance.load
15
+
16
+ return instance
17
+ end
18
+
19
+ attr_reader :errors, :settings
20
+
21
+ def initialize(supplied_config_path = nil)
22
+ @using_default_location = !supplied_config_path
23
+ @config_path = supplied_config_path || "/etc/puppetlabs/puppetserver/conf.d/ca.conf"
24
+
25
+ @settings = nil
26
+ @errors = []
27
+ end
28
+
29
+ # Populate this config object with the CA-related settings
30
+ def load
31
+ if explicitly_given_config_file_or_default_config_exists?
32
+ begin
33
+ results = Hocon.load(@config_path)
34
+ rescue Hocon::ConfigError => e
35
+ errors << e.message
36
+ end
37
+ end
38
+
39
+ overrides = results || {}
40
+ @settings = supply_defaults(overrides).freeze
41
+ end
42
+
43
+ private
44
+
45
+ # Return the correct confdir. We check for being root on *nix,
46
+ # else the user path. We do not include a check for running
47
+ # as Adminstrator since non-development scenarios for Puppet Server
48
+ # on Windows are unsupported.
49
+ # Note that Puppet Server runs as the [pe-]puppet user but to
50
+ # start/stop it you must be root.
51
+ def user_specific_ca_dir
52
+ if running_as_root?
53
+ '/etc/puppetlabs/puppetserver/ca'
54
+ else
55
+ "#{ENV['HOME']}/.puppetlabs/etc/puppetserver/ca"
56
+ end
57
+ end
58
+
59
+ # Supply defaults for any CA settings not present in the config file
60
+ # @param [Hash] overrides setting names and values loaded from the config file,
61
+ # for overriding the defaults
62
+ # @return [Hash] CA-related settings
63
+ def supply_defaults(overrides = {})
64
+ ca_settings = overrides['certificate-authority'] || {}
65
+ settings = {}
66
+
67
+ cadir = settings[:cadir] = ca_settings.fetch('cadir', user_specific_ca_dir)
68
+
69
+ settings[:cacert] = ca_settings.fetch('cacert', "#{cadir}/ca_crt.pem")
70
+ settings[:cakey] = ca_settings.fetch('cakey', "#{cadir}/ca_key.pem")
71
+ settings[:cacrl] = ca_settings.fetch('cacrl', "#{cadir}/ca_crl.pem")
72
+ settings[:serial] = ca_settings.fetch('serial', "#{cadir}/serial")
73
+ settings[:cert_inventory] = ca_settings.fetch('cert-inventory', "#{cadir}/inventory.txt")
74
+
75
+ return settings
76
+ end
77
+
78
+ def explicitly_given_config_file_or_default_config_exists?
79
+ !@using_default_location || File.exist?(@config_path)
80
+ end
81
+ end
82
+ end
83
+ end
@@ -1,5 +1,5 @@
1
1
  module Puppetserver
2
2
  module Ca
3
- VERSION = "0.1.0"
3
+ VERSION = "0.2.0"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: puppetserver-ca
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Puppet, Inc.
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-07-19 00:00:00.000000000 Z
11
+ date: 2018-07-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler
@@ -74,9 +74,11 @@ files:
74
74
  - exe/puppetserver-ca
75
75
  - lib/puppetserver/ca.rb
76
76
  - lib/puppetserver/ca/cli.rb
77
+ - lib/puppetserver/ca/config_utils.rb
78
+ - lib/puppetserver/ca/import_action.rb
77
79
  - lib/puppetserver/ca/logger.rb
78
80
  - lib/puppetserver/ca/puppet_config.rb
79
- - lib/puppetserver/ca/setup_action.rb
81
+ - lib/puppetserver/ca/puppetserver_config.rb
80
82
  - lib/puppetserver/ca/stub.rb
81
83
  - lib/puppetserver/ca/version.rb
82
84
  - lib/puppetserver/ca/x509_loader.rb