Class: Puppet::Indirector::CertificateStatus::File

# File 'lib/vendor/puppet/indirector/certificate_status/file.rb', line 10

def ca
  raise ArgumentError, "This process is not configured as a certificate authority" unless Puppet::SSL::CertificateAuthority.ca?
  Puppet::SSL::CertificateAuthority.new
end

#destroy(request) ⇒ `Object`

# File 'lib/vendor/puppet/indirector/certificate_status/file.rb', line 15

def destroy(request)
  deleted = []
  [
    Puppet::SSL::Certificate,
    Puppet::SSL::CertificateRequest,
    Puppet::SSL::Key,
  ].collect do |part|
    if part.indirection.destroy(request.key)
      deleted << "#{part}"
    end
  end

  return "Nothing was deleted" if deleted.empty?
  "Deleted for #{request.key}: #{deleted.join(", ")}"
end

#find(request) ⇒ `Object`

# File 'lib/vendor/puppet/indirector/certificate_status/file.rb', line 72

def find(request)
  ssl_host = Puppet::SSL::Host.new(request.key)
  public_key = Puppet::SSL::Certificate.indirection.find(request.key)

  if ssl_host.certificate_request || public_key
    ssl_host
  else
    nil
  end
end

#save(request) ⇒ `Object`

# File 'lib/vendor/puppet/indirector/certificate_status/file.rb', line 31

def save(request)
  if request.instance.desired_state == "signed"
    certificate_request = Puppet::SSL::CertificateRequest.indirection.find(request.key)
    raise Puppet::Error, "Cannot sign for host #{request.key} without a certificate request" unless certificate_request
    ca.sign(request.key)
  elsif request.instance.desired_state == "revoked"
    certificate = Puppet::SSL::Certificate.indirection.find(request.key)
    raise Puppet::Error, "Cannot revoke host #{request.key} because has it doesn't have a signed certificate" unless certificate
    ca.revoke(request.key)
  else
    raise Puppet::Error, "State #{request.instance.desired_state} invalid; Must specify desired state of 'signed' or 'revoked' for host #{request.key}"
  end

end

#search(request) ⇒ `Object`

# File 'lib/vendor/puppet/indirector/certificate_status/file.rb', line 46

def search(request)
  # Support historic interface wherein users provide classes to filter
  # the search.  When used via the REST API, the arguments must be
  # a Symbol or an Array containing Symbol objects.
  klasses = case request.options[:for]
  when Class
    [request.options[:for]]
  when nil
    [
      Puppet::SSL::Certificate,
      Puppet::SSL::CertificateRequest,
      Puppet::SSL::Key,
    ]
  else
    [request.options[:for]].flatten.map do |klassname|
      indirection.class.model(klassname.to_sym)
    end
  end

  klasses.collect do |klass|
    klass.indirection.search(request.key, request.options)
  end.flatten.collect do |result|
    result.name
  end.uniq.collect &Puppet::SSL::Host.method(:new)
end

Class: Puppet::Indirector::CertificateStatus::File

Constant Summary

Constants included from Util

Constants included from Util::Docs

Instance Attribute Summary

Attributes included from Util::Docs

Instance Method Summary collapse

Methods inherited from Terminus

Methods included from Util::InstanceLoader

Methods included from Util

Methods included from Util::POSIX

Methods included from Util::Docs

Constructor Details

Instance Method Details

#ca ⇒ Object

#destroy(request) ⇒ Object

#find(request) ⇒ Object

#save(request) ⇒ Object

#search(request) ⇒ Object

#ca ⇒ `Object`

#destroy(request) ⇒ `Object`

#find(request) ⇒ `Object`

#save(request) ⇒ `Object`

#search(request) ⇒ `Object`