puppetserver-ca 2.3.5 → 2.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 37981ba97c1f259e077b807b2903ea73d4726c56c4fb28b1e7e506fa456c2002
4
- data.tar.gz: 15fab6a94a112e748d6605cb7d1b9a511fb17f663e6c25b59a2552d254f5c155
3
+ metadata.gz: 6df60141ee08a19cc170166263abff7028ee6085bf833981efad3458cef5ce26
4
+ data.tar.gz: 4da9da0d545605f13bd0dfa2a6272a301dfe46251d0277663e8d09e6d3f65a29
5
5
  SHA512:
6
- metadata.gz: 993aa454173c018b817f5028bd0726679fd71c9588cf96aa75e4534e3726919b0b851b83c7bd04628c2cf9e58146739678d9b856e0b64fea8ca0fea98b78f567
7
- data.tar.gz: ea9b4e92cf2a607274bee95d882f8e69c34fa5ae4dcf338aee4fae7697ed82d39f0cb1ffa16ba8466a88d2040e75d3d96b01f6b2c528adaf8170779966b2e366
6
+ metadata.gz: 15891316786fa4fcd63c3f86ac2f66051841fb3e680fe63e5d0d6ceb025241cc5c122ae1f3b2819c9b1063f7c1a166efd1ebd010b35921fb2c6f3fef2917da88
7
+ data.tar.gz: fee93fa98f038ab7eb660fe55ca466874221cb980e5794c8d32c7561a2dfa069cdc003046799b89ef99b0f6b7bc97b58928e788b1e057f5ef68362bd864c16c7
@@ -0,0 +1,31 @@
1
+ ---
2
+ name: Snyk Monitor
3
+ on:
4
+ push:
5
+ branches:
6
+ - main
7
+ jobs:
8
+ snyk_monitor:
9
+ if: ${{ github.repository_owner == 'puppetlabs' }}
10
+ runs-on: ubuntu-latest
11
+ name: Snyk Monitor
12
+ steps:
13
+ - name: Checkout current PR
14
+ uses: actions/checkout@v2
15
+ - name: Setup Ruby
16
+ uses: ruby/setup-ruby@v1
17
+ with:
18
+ ruby-version: 2.7
19
+ - name: Install dependencies
20
+ run: bundle install --jobs 3 --retry 3
21
+ - name: Extract branch name
22
+ shell: bash
23
+ run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
24
+ id: extract_branch
25
+ - name: Run Snyk to check for vulnerabilities
26
+ uses: snyk/actions/ruby@master
27
+ env:
28
+ SNYK_TOKEN: ${{ secrets.SNYK_FOSS_KEY }}
29
+ with:
30
+ command: monitor
31
+ args: --org=puppet-foss --project-name=${{ github.repository }}#${{ steps.extract_branch.outputs.branch }}
@@ -89,12 +89,23 @@ Options:
89
89
  end
90
90
 
91
91
  if (all || certnames.any?)
92
- all_certs = get_certs_or_csrs(puppet.settings).select { |cert| filter_names.call(cert) }
92
+ found_certs = get_certs_or_csrs(puppet.settings)
93
+ if found_certs.nil?
94
+ # nil is different from no certs found
95
+ @logger.err('Error while getting certificates')
96
+ return 1
97
+ end
98
+ all_certs = found_certs.select { |cert| filter_names.call(cert) }
93
99
  requested, signed, revoked = separate_certs(all_certs)
94
100
  missing = certnames - all_certs.map { |cert| cert['name'] }
95
101
  output_certs_by_state(all, output_format, requested, signed, revoked, missing)
96
102
  else
97
103
  all_csrs = get_certs_or_csrs(puppet.settings, "requested")
104
+ if all_csrs.nil?
105
+ # nil is different from no certs found
106
+ @logger.err('Error while getting certificate requests')
107
+ return 1
108
+ end
98
109
  output_certs_by_state(all, output_format, all_csrs)
99
110
  end
100
111
 
@@ -217,7 +228,7 @@ Options:
217
228
  if result
218
229
  return JSON.parse(result.body)
219
230
  else
220
- return []
231
+ return nil
221
232
  end
222
233
  end
223
234
 
@@ -63,14 +63,14 @@ module Puppetserver
63
63
  # and if neither exist we generate a new key. This logic is necessary for
64
64
  # proper bootstrapping for certain server workflows.
65
65
  def create_private_key(keylength, private_path = '', public_path = '')
66
- if File.exists?(private_path) && File.exists?(public_path)
66
+ if File.exist?(private_path) && File.exist?(public_path)
67
67
  return OpenSSL::PKey.read(File.read(private_path))
68
- elsif !File.exists?(private_path) && !File.exists?(public_path)
68
+ elsif !File.exist?(private_path) && !File.exist?(public_path)
69
69
  return OpenSSL::PKey::RSA.new(keylength)
70
- elsif !File.exists?(private_path) && File.exists?(public_path)
70
+ elsif !File.exist?(private_path) && File.exist?(public_path)
71
71
  @errors << "Missing private key to match public key at #{public_path}"
72
72
  return nil
73
- elsif File.exists?(private_path) && !File.exists?(public_path)
73
+ elsif File.exist?(private_path) && !File.exist?(public_path)
74
74
  @errors << "Missing public key to match private key at #{private_path}"
75
75
  return nil
76
76
  end
@@ -1,5 +1,5 @@
1
1
  module Puppetserver
2
2
  module Ca
3
- VERSION = "2.3.5"
3
+ VERSION = "2.4.0"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: puppetserver-ca
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.5
4
+ version: 2.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Puppet, Inc.
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-09-07 00:00:00.000000000 Z
11
+ date: 2023-01-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: facter
@@ -80,6 +80,7 @@ executables:
80
80
  extensions: []
81
81
  extra_rdoc_files: []
82
82
  files:
83
+ - ".github/workflows/snyk.yaml"
83
84
  - ".gitignore"
84
85
  - ".rspec"
85
86
  - ".travis.yml"
@@ -140,7 +141,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
140
141
  - !ruby/object:Gem::Version
141
142
  version: '0'
142
143
  requirements: []
143
- rubygems_version: 3.0.8
144
+ rubygems_version: 3.0.9
144
145
  signing_key:
145
146
  specification_version: 4
146
147
  summary: A simple CLI tool for interacting with Puppet Server's Certificate Authority