Class: Puppetserver::Ca::Action::Sign
- Inherits:
-
Object
- Object
- Puppetserver::Ca::Action::Sign
- Includes:
- Utils
- Defined in:
- lib/puppetserver/ca/action/sign.rb
Constant Summary collapse
- SUMMARY =
'Sign certificate request(s)'
- BANNER =
<<-BANNER Usage: puppetserver ca sign [--help] puppetserver ca sign [--config] --certname NAME[,NAME] puppetserver ca sign --all Description: Given a comma-separated list of valid certnames, instructs the CA to sign each cert. Options: BANNER
Class Method Summary collapse
Instance Method Summary collapse
- #check_flag_usage(results) ⇒ Object
- #get_all_pending_certs(ca) ⇒ Object
-
#initialize(logger) ⇒ Sign
constructor
A new instance of Sign.
- #parse(args) ⇒ Object
- #run(input) ⇒ Object
- #select_pending_certs(get_result) ⇒ Object
Constructor Details
#initialize(logger) ⇒ Sign
Returns a new instance of Sign.
53 54 55 |
# File 'lib/puppetserver/ca/action/sign.rb', line 53 def initialize(logger) @logger = logger end |
Class Method Details
.parser(parsed = {}) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
# File 'lib/puppetserver/ca/action/sign.rb', line 32 def self.parser(parsed = {}) OptionParser.new do |opts| opts. = BANNER opts.on('--ttl TTL', 'The time-to-live for each cert signed') do |ttl| parsed['ttl'] = ttl end opts.on('--certname NAME[,NAME]', Array, 'the name(s) of the cert(s) to be signed') do |cert| parsed['certname'] = cert end opts.on('--config CONF', 'Custom path to Puppet\'s config file') do |conf| parsed['config'] = conf end opts.on('--help', 'Display this command-specific help output') do |help| parsed['help'] = true end opts.on('--all', 'Operate on all certnames') do |a| parsed['all'] = true end end end |
Instance Method Details
#check_flag_usage(results) ⇒ Object
100 101 102 103 104 105 106 107 108 109 |
# File 'lib/puppetserver/ca/action/sign.rb', line 100 def check_flag_usage(results) if results['certname'] && results['all'] '--all and --certname cannot be used together' elsif !results['certname'] && !results['all'] 'No arguments given' elsif results['certname'] && results['certname'].include?('--all') 'Cannot use --all with --certname. If you actually have a certificate request ' + 'for a certifcate named --all, you need to use the HTTP API.' end end |
#get_all_pending_certs(ca) ⇒ Object
82 83 84 85 86 |
# File 'lib/puppetserver/ca/action/sign.rb', line 82 def get_all_pending_certs(ca) if result = ca.get_certificate_statuses select_pending_certs(result.body) end end |
#parse(args) ⇒ Object
111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 |
# File 'lib/puppetserver/ca/action/sign.rb', line 111 def parse(args) results = {} parser = self.class.parser(results) errors = CliParsing.parse_with_errors(parser, args) if err = check_flag_usage(results) errors << err end errors_were_handled = Errors.handle_with_usage(@logger, errors, parser.help) exit_code = errors_were_handled ? 1 : nil return results, exit_code end |
#run(input) ⇒ Object
57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 |
# File 'lib/puppetserver/ca/action/sign.rb', line 57 def run(input) config = input['config'] if config errors = FileSystem.validate_file_paths(config) return 1 if Errors.handle_with_usage(@logger, errors) end puppet = Config::Puppet.parse(config, @logger) return 1 if Errors.handle_with_usage(@logger, puppet.errors) ca = Puppetserver::Ca::CertificateAuthority.new(@logger, puppet.settings) if input['all'] requested_certnames = get_all_pending_certs(ca) return 1 if requested_certnames.nil? return 24 if requested_certnames.empty? else requested_certnames = input['certname'] end success = ca.sign_certs(requested_certnames, input['ttl']) return success ? 0 : 1 end |
#select_pending_certs(get_result) ⇒ Object
88 89 90 91 92 93 94 95 96 97 98 |
# File 'lib/puppetserver/ca/action/sign.rb', line 88 def select_pending_certs(get_result) requested_certnames = JSON.parse(get_result).select{|e| e["state"] == "requested"}.map{|e| e["name"]} if requested_certnames.empty? @logger.err 'Error:' @logger.err " No waiting certificate requests to sign" return requested_certnames end return requested_certnames end |