Class: Chef::Key
Overview
Class for interacting with a chef key object. Can be used to create new keys, save to server, load keys from server, list keys, delete keys, etc.
Instance Attribute Summary collapse
Class Method Summary
collapse
Instance Method Summary
collapse
#lazy, #set_or_return, #validate
Constructor Details
#initialize(actor, actor_field_name) ⇒ Key
Returns a new instance of Key.
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
# File 'lib/chef/key.rb', line 45
def initialize(actor, actor_field_name)
@actor = actor
unless actor_field_name == "user" || actor_field_name == "client"
raise Chef::Exceptions::InvalidKeyArgument, "the second argument to initialize must be either 'user' or 'client'"
end
@actor_field_name = actor_field_name
@name = nil
@public_key = nil
@private_key = nil
@expiration_date = nil
@create_key = nil
end
|
Instance Attribute Details
#actor(arg = nil) ⇒ String
the name of the client or user that this key is for
39
40
41
|
# File 'lib/chef/key.rb', line 39
def actor
@actor
end
|
#actor_field_name ⇒ String
must be either ‘client’ or ‘user’
39
40
41
|
# File 'lib/chef/key.rb', line 39
def actor_field_name
@actor_field_name
end
|
#api_base ⇒ string
either “users” or “clients”, initialized and cached via api_base method
39
40
41
|
# File 'lib/chef/key.rb', line 39
def api_base
@api_base
end
|
#expiration_date(arg = nil) ⇒ String
the ISO formatted string YYYY-MM-DDTHH:MM:SSZ, i.e. 2020-12-24T21:00:00Z
39
40
41
|
# File 'lib/chef/key.rb', line 39
def expiration_date
@expiration_date
end
|
#name(arg = nil) ⇒ String
39
40
41
|
# File 'lib/chef/key.rb', line 39
def name
@name
end
|
#private_key(arg = nil) ⇒ String
the RSA string of the private key if returned via a POST or PUT
39
40
41
|
# File 'lib/chef/key.rb', line 39
def private_key
@private_key
end
|
#public_key(arg = nil) ⇒ String
the RSA string of this key
39
40
41
|
# File 'lib/chef/key.rb', line 39
def public_key
@public_key
end
|
Chef::ServerAPI object, initialized and cached via chef_rest method
39
40
41
|
# File 'lib/chef/key.rb', line 39
def rest
@rest
end
|
Class Method Details
.from_hash(key_hash) ⇒ Object
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
|
# File 'lib/chef/key.rb', line 205
def self.from_hash(key_hash)
if key_hash.has_key?("user")
key = Chef::Key.new(key_hash["user"], "user")
elsif key_hash.has_key?("client")
key = Chef::Key.new(key_hash["client"], "client")
else
raise Chef::Exceptions::MissingKeyAttribute, "The hash passed to from_hash does not contain the key 'user' or 'client'. Please pass a hash that defines one of those keys."
end
key.name key_hash["name"] if key_hash.key?("name")
key.public_key key_hash["public_key"] if key_hash.key?("public_key")
key.private_key key_hash["private_key"] if key_hash.key?("private_key")
key.create_key key_hash["create_key"] if key_hash.key?("create_key")
key.expiration_date key_hash["expiration_date"] if key_hash.key?("expiration_date")
key
end
|
.from_json(json) ⇒ Object
.generate_fingerprint(public_key) ⇒ Object
250
251
252
253
254
255
256
257
|
# File 'lib/chef/key.rb', line 250
def self.generate_fingerprint(public_key)
openssl_key_object = OpenSSL::PKey::RSA.new(public_key)
data_string = OpenSSL::ASN1::Sequence([
OpenSSL::ASN1::Integer.new(openssl_key_object.public_key.n),
OpenSSL::ASN1::Integer.new(openssl_key_object.public_key.e),
])
OpenSSL::Digest::SHA1.hexdigest(data_string.to_der).scan(/../).join(":")
end
|
.json_create(json) ⇒ Object
225
226
227
228
|
# File 'lib/chef/key.rb', line 225
def self.json_create(json)
Chef.log_deprecation("Auto inflation of JSON data is deprecated. Please use Chef::Key#from_json or one of the load_by methods.")
Chef::Key.from_json(json)
end
|
.list_by_client(actor, inflate = false) ⇒ Object
235
236
237
238
|
# File 'lib/chef/key.rb', line 235
def self.list_by_client(actor, inflate = false)
keys = Chef::ServerAPI.new(Chef::Config[:chef_server_url]).get("clients/#{actor}/keys")
self.list(keys, actor, :load_by_client, inflate)
end
|
.list_by_user(actor, inflate = false) ⇒ Object
230
231
232
233
|
# File 'lib/chef/key.rb', line 230
def self.list_by_user(actor, inflate = false)
keys = Chef::ServerAPI.new(Chef::Config[:chef_server_root]).get("users/#{actor}/keys")
self.list(keys, actor, :load_by_user, inflate)
end
|
.load_by_client(actor, key_name) ⇒ Object
245
246
247
248
|
# File 'lib/chef/key.rb', line 245
def self.load_by_client(actor, key_name)
response = Chef::ServerAPI.new(Chef::Config[:chef_server_url]).get("clients/#{actor}/keys/#{key_name}")
Chef::Key.from_hash(response.merge({ "client" => actor }))
end
|
.load_by_user(actor, key_name) ⇒ Object
240
241
242
243
|
# File 'lib/chef/key.rb', line 240
def self.load_by_user(actor, key_name)
response = Chef::ServerAPI.new(Chef::Config[:chef_server_root]).get("users/#{actor}/keys/#{key_name}")
Chef::Key.from_hash(response.merge({ "user" => actor }))
end
|
Instance Method Details
#create ⇒ Object
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
|
# File 'lib/chef/key.rb', line 134
def create
if @public_key.nil? && !@create_key
raise Chef::Exceptions::MissingKeyAttribute, "either public_key must be defined or create_key must be true"
end
if @name.nil?
unless @public_key.nil?
@name = fingerprint
else
raise Chef::Exceptions::MissingKeyAttribute, "a name cannot be auto-generated if no public key passed, either pass a public key or supply a name"
end
end
payload = { "name" => @name }
payload["public_key"] = @public_key unless @public_key.nil?
payload["create_key"] = @create_key if @create_key
payload["expiration_date"] = @expiration_date unless @expiration_date.nil?
result = chef_rest.post("#{api_base}/#{@actor}/keys", payload)
new_key = self.to_hash
new_key["private_key"] = result["private_key"] if result["private_key"]
Chef::Key.from_hash(new_key)
end
|
#create_key(arg = nil) ⇒ Object
107
108
109
110
111
|
# File 'lib/chef/key.rb', line 107
def create_key(arg = nil)
raise Chef::Exceptions::InvalidKeyAttribute, "you cannot set create_key to true if the public_key field exists" if arg == true && !@public_key.nil?
set_or_return(:create_key, arg,
:kind_of => [TrueClass, FalseClass])
end
|
#delete_create_key ⇒ Object
103
104
105
|
# File 'lib/chef/key.rb', line 103
def delete_create_key
@create_key = nil
end
|
#delete_public_key ⇒ Object
99
100
101
|
# File 'lib/chef/key.rb', line 99
def delete_public_key
@public_key = nil
end
|
#destroy ⇒ Object
196
197
198
199
200
201
202
|
# File 'lib/chef/key.rb', line 196
def destroy
if @name.nil?
raise Chef::Exceptions::MissingKeyAttribute, "the name field must be populated when delete is called"
end
chef_rest.delete("#{api_base}/#{@actor}/keys/#{@name}")
end
|
#fingerprint ⇒ Object
163
164
165
|
# File 'lib/chef/key.rb', line 163
def fingerprint
self.class.generate_fingerprint(@public_key)
end
|
#save ⇒ Object
186
187
188
189
190
191
192
193
194
|
# File 'lib/chef/key.rb', line 186
def save
create
rescue Net::HTTPServerException => e
if e.response.code == "409"
update
else
raise e
end
end
|
#to_hash ⇒ Object
118
119
120
121
122
123
124
125
126
127
128
|
# File 'lib/chef/key.rb', line 118
def to_hash
result = {
@actor_field_name => @actor,
}
result["name"] = @name if @name
result["public_key"] = @public_key if @public_key
result["private_key"] = @private_key if @private_key
result["expiration_date"] = @expiration_date if @expiration_date
result["create_key"] = @create_key if @create_key
result
end
|
#update(put_name = nil) ⇒ Object
set @name and pass put_name if you wish to update the name of an existing key put_name to @name
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
|
# File 'lib/chef/key.rb', line 168
def update(put_name = nil)
if @name.nil? && put_name.nil?
raise Chef::Exceptions::MissingKeyAttribute, "the name field must be populated or you must pass a name to update when update is called"
end
put_name = @name if put_name.nil?
new_key = chef_rest.put("#{api_base}/#{@actor}/keys/#{put_name}", to_hash)
if new_key["public_key"]
self.delete_create_key
end
Chef::Key.from_hash(self.to_hash.merge(new_key))
end
|