puppetserver-ca 1.11.1 → 1.11.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/puppetserver/ca/action/list.rb +9 -7
  3. data/lib/puppetserver/ca/certificate_authority.rb +8 -8
  4. data/lib/puppetserver/ca/utils/http_client.rb +7 -4
  5. data/lib/puppetserver/ca/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8257bbee6c6752b584beaa360580369b747a33375ebd9ff9da76b02fe29cb514
4
- data.tar.gz: cf8f8b6d1bff9ab7136358919e2e4e0f6b2180b50f9dd87bf9eac5954327937f
3
+ metadata.gz: 3bf01df30647e5485dd150dcb6fa503e3e06b72a65fcf38d9747acccf825a35d
4
+ data.tar.gz: 02f96aad894e4c4183aee3f17680e0402db7bf691763d163b687493fbda5b391
5
5
  SHA512:
6
- metadata.gz: 608fda03455ff0f57193593ce3923516c567966e9c153c05e3da27cebcbd81edcc9cab1f7030cfa49dfce62f01b1f1b25ec862a31cc2512eb0705d51805ee795
7
- data.tar.gz: 7d3fc368714cb706d49b5289f2e59bb1307292afac31a043a07a2ba04b61ea3ae827222d81e40cbf48ed9a33ff0b0a4d826cae98f39a9bbae5b800ef2caacf38
6
+ metadata.gz: d6c57e9cbd7e2ff2268b539101c28e22b0000f886994a3b279ee1a6807f82837a43d804445e57fef5e606891424b8e2a2d0d4e7785464eaf9e0c527ca9667f65
7
+ data.tar.gz: 7838616fd79736820eacfd8c94c50ca93c5ef8ed5ab51d8fbc8ddf7b6a0bf2b9f5e5813346922dfeda8c466a56071315e92b0a604ef0a7f83a3f0a5e8731733d
data/lib/puppetserver/ca/action/list.rb CHANGED
@@ -62,6 +62,7 @@ Options:
62
62
  certnames = input['certname'] || []
63
63
  all = input['all']
64
64
  output_format = input['format'] || "text"
65
+ missing = []
65
66
 
66
67
  unless VALID_FORMAT.include?(output_format)
67
68
  Errors.handle_with_usage(@logger, ["Unknown format flag '#{output_format}'. Valid formats are '#{VALID_FORMAT.join("', '")}'."])
@@ -87,14 +88,14 @@ Options:
87
88
  filter_names = lambda { |x| true }
88
89
  end
89
90
 
90
- all_certs = get_all_certs(puppet.settings).select { |cert| filter_names.call(cert) }
91
- requested, signed, revoked = separate_certs(all_certs)
92
- missing = certnames - all_certs.map { |cert| cert['name'] }
93
-
94
91
  if (all || certnames.any?)
92
+ all_certs = get_certs_or_csrs(puppet.settings).select { |cert| filter_names.call(cert) }
93
+ requested, signed, revoked = separate_certs(all_certs)
94
+ missing = certnames - all_certs.map { |cert| cert['name'] }
95
95
  output_certs_by_state(all, output_format, requested, signed, revoked, missing)
96
96
  else
97
- output_certs_by_state(all, output_format, requested)
97
+ all_csrs = get_certs_or_csrs(puppet.settings, "requested")
98
+ output_certs_by_state(all, output_format, all_csrs)
98
99
  end
99
100
 
100
101
  return missing.any? ? 1 : 0
@@ -209,8 +210,9 @@ Options:
209
210
  return requested, signed, revoked
210
211
  end
211
212
 
212
- def get_all_certs(settings)
213
- result = Puppetserver::Ca::CertificateAuthority.new(@logger, settings).get_certificate_statuses
213
+ def get_certs_or_csrs(settings, queried_state = nil)
214
+ query = queried_state ? { :state => queried_state } : {}
215
+ result = Puppetserver::Ca::CertificateAuthority.new(@logger, settings).get_certificate_statuses(query)
214
216
 
215
217
  if result
216
218
  return JSON.parse(result.body)
data/lib/puppetserver/ca/certificate_authority.rb CHANGED
@@ -41,8 +41,8 @@ module Puppetserver
41
41
  end
42
42
 
43
43
  # Returns a URI-like wrapper around CA specific urls
44
- def make_ca_url(resource_type = nil, certname = nil)
45
- HttpClient::URL.new('https', @ca_server, @ca_port, 'puppet-ca', 'v1', resource_type, certname)
44
+ def make_ca_url(resource_type = nil, certname = nil, query = {})
45
+ HttpClient::URL.new('https', @ca_server, @ca_port, 'puppet-ca', 'v1', resource_type, certname, query)
46
46
  end
47
47
 
48
48
  def process_ttl_input(ttl)
@@ -141,7 +141,7 @@ module Puppetserver
141
141
  when :revoke
142
142
  case result.code
143
143
  when '200', '204'
144
- @logger.inform "Revoked certificate for #{certname}"
144
+ @logger.inform "Certificate for #{certname} has been revoked"
145
145
  return :success
146
146
  when '404'
147
147
  @logger.err 'Error:'
@@ -215,7 +215,7 @@ module Puppetserver
215
215
  def check_revocation(certname, result)
216
216
  case result.code
217
217
  when '200', '204'
218
- @logger.inform "Revoked certificate for #{certname}"
218
+ @logger.inform "Certificate for #{certname} has been revoked"
219
219
  return :success
220
220
  when '409'
221
221
  return :invalid
@@ -250,8 +250,8 @@ module Puppetserver
250
250
  end
251
251
 
252
252
  # Returns nil for errors, else the result of the GET request
253
- def get_certificate_statuses
254
- result = get('certificate_statuses', 'any_key')
253
+ def get_certificate_statuses(query = {})
254
+ result = get('certificate_statuses', 'any_key', query)
255
255
 
256
256
  unless result.code == '200'
257
257
  @logger.err 'Error:'
@@ -287,8 +287,8 @@ module Puppetserver
287
287
  # @param resource_type [String] the resource type of url
288
288
  # @param resource_name [String] the resource name of url
289
289
  # @return [Struct] an instance of the Result struct with :code, :body
290
- def get(resource_type, resource_name)
291
- url = make_ca_url(resource_type, resource_name)
290
+ def get(resource_type, resource_name, query = {})
291
+ url = make_ca_url(resource_type, resource_name, query)
292
292
  @client.with_connection(url) do |connection|
293
293
  connection.get(url)
294
294
  end
data/lib/puppetserver/ca/utils/http_client.rb CHANGED
@@ -1,5 +1,6 @@
1
1
  require 'net/https'
2
2
  require 'openssl'
3
+ require 'uri'
3
4
 
4
5
  require 'puppetserver/ca/errors'
5
6
 
@@ -114,7 +115,6 @@ module Puppetserver
114
115
  request.body = body
115
116
  result = @conn.request(request)
116
117
 
117
-
118
118
  Result.new(result.code, result.body)
119
119
  end
120
120
 
@@ -136,10 +136,13 @@ module Puppetserver
136
136
  # Like URI, but not... maybe of suspicious value
137
137
  URL = Struct.new(:protocol, :host, :port,
138
138
  :endpoint, :version,
139
- :resource_type, :resource_name) do
139
+ :resource_type, :resource_name, :query) do
140
140
  def full_url
141
- protocol + '://' + host + ':' + port + '/' +
142
- [endpoint, version, resource_type, resource_name].join('/')
141
+ url = protocol + '://' + host + ':' + port + '/' +
142
+ [endpoint, version, resource_type, resource_name].join('/')
143
+
144
+ url = url + "?" + URI.encode_www_form(query) unless query.empty?
145
+ return url
143
146
  end
144
147
 
145
148
  def to_uri
data/lib/puppetserver/ca/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Puppetserver
2
2
  module Ca
3
- VERSION = "1.11.1"
3
+ VERSION = "1.11.2"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: puppetserver-ca
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.11.1
4
+ version: 1.11.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Puppet, Inc.
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-07-28 00:00:00.000000000 Z
11
+ date: 2021-08-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: facter