simp-beaker-helpers 1.2.0 → 1.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +8 -8
- data/lib/simp/beaker_helpers.rb +23 -6
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
---
|
|
2
2
|
!binary "U0hBMQ==":
|
|
3
3
|
metadata.gz: !binary |-
|
|
4
|
-
|
|
4
|
+
YjliNTUyNTQzNzFkNjZkYWZlNjU2YTA3OGFjMWUyZGU3NWFiZGQ2Yw==
|
|
5
5
|
data.tar.gz: !binary |-
|
|
6
|
-
|
|
6
|
+
N2VlYzNjMGM3ZDMwZTk5Y2ZiOWE1OWJkODUyMzA1ODJmZjVlNDQwNw==
|
|
7
7
|
SHA512:
|
|
8
8
|
metadata.gz: !binary |-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
9
|
+
NzU0ZjJmZTNlNmIwNzNlYzE4ZGE3YmFmZDc5MDUzMjIyMzE5M2JmNGUxMjJm
|
|
10
|
+
Zjc3MzU3NDhmZWYzYTJjMjA5ODc4MDJhYjUwYzAyMTA0NTNmOTYwM2IwYWQy
|
|
11
|
+
NzM4NWJmMjZjZTRmOWZmYzgwMDFjNzllOGVkOTA5ZjY4MTEwZDg=
|
|
12
12
|
data.tar.gz: !binary |-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
13
|
+
OTc5YTI3YjBmYTI4NjU5ODcxN2FlYTE5Y2Y2NGU2NjlhMzg2NTk0NWQ1NDRl
|
|
14
|
+
NTdmZmMzYjFiMjNiYmI2OTExZmE1ZTQ0Mjg2ZDIxYTdmZWVhZDBjYzMzMjUw
|
|
15
|
+
NDc5ZWJiYjEyN2M4NjA1NzM3OTA2Y2U4ZTRmNjI0YTM5ZjA1YTE=
|
data/lib/simp/beaker_helpers.rb
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module Simp; end
|
|
2
2
|
|
|
3
3
|
module Simp::BeakerHelpers
|
|
4
|
-
VERSION = '1.2.
|
|
4
|
+
VERSION = '1.2.1'
|
|
5
5
|
|
|
6
6
|
# use the `puppet fact` face to look up facts on an SUT
|
|
7
7
|
def pfact_on(sut, fact_name)
|
|
@@ -230,10 +230,10 @@ DEFAULT_KERNEL_TITLE=`/sbin/grubby --info=\\\${DEFAULT_KERNEL_INFO} | grep -m1 t
|
|
|
230
230
|
puts "== Fake PKI CA"
|
|
231
231
|
pki_dir = File.expand_path( "../../files/pki", File.dirname(__FILE__))
|
|
232
232
|
host_dir = '/root/pki'
|
|
233
|
-
fqdns = fact_on
|
|
233
|
+
fqdns = fact_on(hosts, 'fqdn')
|
|
234
234
|
|
|
235
235
|
on ca_sut, %Q(mkdir -p "#{host_dir}")
|
|
236
|
-
Dir[ File.join(pki_dir, '*')].each
|
|
236
|
+
Dir[ File.join(pki_dir, '*') ].each{|f| scp_to( ca_sut, f, host_dir)}
|
|
237
237
|
|
|
238
238
|
# generate PKI certs for each SUT
|
|
239
239
|
Dir.mktmpdir do |dir|
|
|
@@ -241,7 +241,7 @@ DEFAULT_KERNEL_TITLE=`/sbin/grubby --info=\\\${DEFAULT_KERNEL_INFO} | grep -m1 t
|
|
|
241
241
|
File.open(pki_hosts_file, 'w'){|fh| fqdns.each{|fqdn| fh.puts fqdn}}
|
|
242
242
|
scp_to(ca_sut, pki_hosts_file, host_dir)
|
|
243
243
|
# generate certs
|
|
244
|
-
on
|
|
244
|
+
on(ca_sut, "cd #{host_dir}; cat #{host_dir}/pki.hosts | xargs bash make.sh")
|
|
245
245
|
end
|
|
246
246
|
|
|
247
247
|
# if a local_dir was provided, copy everything down to it
|
|
@@ -273,10 +273,27 @@ DEFAULT_KERNEL_TITLE=`/sbin/grubby --info=\\\${DEFAULT_KERNEL_INFO} | grep -m1 t
|
|
|
273
273
|
scp_to(sut, "#{local_host_pki_tree}/#{fqdn}.pem", "#{sut_pki_dir}/private/")
|
|
274
274
|
scp_to(sut, "#{local_host_pki_tree}/#{fqdn}.pub", "#{sut_pki_dir}/public/")
|
|
275
275
|
|
|
276
|
-
# NOTE: to match pki::copy, 'cacert.pem' is
|
|
276
|
+
# NOTE: to match pki::copy, 'cacert.pem' is copied to 'cacerts.pem'
|
|
277
277
|
scp_to(sut, local_cacert, "#{sut_pki_dir}/cacerts/cacerts.pem")
|
|
278
|
-
end
|
|
279
278
|
|
|
279
|
+
# Need to hash all of the CA certificates so that apps can use them
|
|
280
|
+
# properly! This must happen on the host itself since it needs to match
|
|
281
|
+
# the native hashing algorithms.
|
|
282
|
+
hash_cmd = <<-EOM.strip
|
|
283
|
+
cd #{sut_pki_dir}/cacerts; \
|
|
284
|
+
for x in *; do \
|
|
285
|
+
if [ ! -h "$x" ]; then \
|
|
286
|
+
`openssl x509 -in $x >/dev/null 2>&1`; \
|
|
287
|
+
if [ $? -eq 0 ]; then \
|
|
288
|
+
hash=`openssl x509 -in $x -hash | head -1`; \
|
|
289
|
+
ln -sf $x $hash.0; \
|
|
290
|
+
fi; \
|
|
291
|
+
fi; \
|
|
292
|
+
done
|
|
293
|
+
EOM
|
|
294
|
+
|
|
295
|
+
on(sut, hash_cmd)
|
|
296
|
+
end
|
|
280
297
|
|
|
281
298
|
# Copy a CA keydist/ directory of CA+host certs into an SUT
|
|
282
299
|
#
|