Class: Acmesmith::PostIssuingHooks::Acm

Inherits:
Base
  • Object
show all
Defined in:
lib/acmesmith/post_issuing_hooks/acm.rb

Instance Attribute Summary collapse

Attributes inherited from Base

#certificate

Instance Method Summary collapse

Methods inherited from Base

#common_name, #run

Constructor Details

#initialize(certificate_arn: nil, region:) ⇒ Acm

Returns a new instance of Acm.



7
8
9
10
11
 
# File 'lib/acmesmith/post_issuing_hooks/acm.rb', line 7

def initialize(certificate_arn: nil, region:)
  @certificate_arn = certificate_arn
  @certificate_arn_set = true if @certificate_arn
  @region = region
end

Instance Attribute Details

#regionObject (readonly)

Returns the value of attribute region.



13
14
15
 
# File 'lib/acmesmith/post_issuing_hooks/acm.rb', line 13

def region
  @region
end

Instance Method Details

#acmObject 



35
36
37
 
# File 'lib/acmesmith/post_issuing_hooks/acm.rb', line 35

def acm
  @acm ||= Aws::ACM::Client.new(region: region)
end

#certificate_arnObject 



15
16
17
18
19
20
 
# File 'lib/acmesmith/post_issuing_hooks/acm.rb', line 15

def certificate_arn
  return @certificate_arn if @certificate_arn_set
  @certificate_arn ||= find_certificate_arn
  @certificate_arn_set = true
  @certificate_arn
end

#executeObject 



39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 
# File 'lib/acmesmith/post_issuing_hooks/acm.rb', line 39

def execute
  puts "=> Importing certificate CN=#{common_name} into AWS ACM (region=#{region})"
  if certificate_arn
    puts " * updating ARN: #{certificate_arn}"
  else
    puts " * Importing as as new certificate"
  end

  resp = acm.import_certificate(
    {
      certificate: certificate.certificate.to_pem,
      private_key: certificate.private_key.to_pem,
      certificate_chain: certificate.issuer_pems,
    }.merge(certificate_arn ? {certificate_arn: certificate_arn} : {})
  )
  unless certificate_arn
    puts " * ARN: #{resp.certificate_arn}"
  end

  acm.add_tags_to_certificate(
    certificate_arn: resp.certificate_arn,
    tags: [key: 'Acmesmith', value: '1'],
  )
end

#find_certificate_arnObject 



22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'lib/acmesmith/post_issuing_hooks/acm.rb', line 22

def find_certificate_arn
  acm.list_certificates().each do |page|
    page.certificate_summary_list.each do |summary|
      if summary.domain_name == common_name
        tags = acm.list_tags_for_certificate(certificate_arn: summary.certificate_arn).tags
        if tags.find{ |_| _.key == 'Acmesmith' }
          return summary.certificate_arn
        end
      end
    end
  end
end