Class: PEClient::Resource::PuppetCAV1

Inherits:
BaseWithPort show all
Defined in:
lib/pe_client/resources/puppet_ca.v1.rb,
lib/pe_client/resources/puppet_ca.v1/certificate_status.rb,
lib/pe_client/resources/puppet_ca.v1/certificate_request.rb,
lib/pe_client/resources/puppet_ca.v1/bulk_certificate_sign.rb,
lib/pe_client/resources/puppet_ca.v1/certificate_revocation_list.rb

Overview

Note:

The Puppet CA V1 API requires certificate-based authentication. The certificate used must have the pp_cli_auth extension.

Manages interactions with Puppet CA API endpoints. Most of the certificate authority (CA) API requires admin access.

See Also:

Defined Under Namespace

Classes: BulkCertificateSign, CertificateRequest, CertificateRevocationList, CertificateStatus

Constant Summary collapse

BASE_PATH =

The base path for Puppet CA API v1 endpoints.

"/puppet-ca/v1"
PORT =

Default Puppet CA API Port

8140
HEADERS =

Common Puppet CA API V1 Headers

{Accept: "text/plain"}.freeze

Instance Method Summary collapse

Methods inherited from BaseWithPort

#initialize

Constructor Details

This class inherits a constructor from PEClient::Resource::BaseWithPort

Instance Method Details

#bulk_certificate_signPEClient::Resource::PuppetCAV1::BulkCertificateSign

Returns:



89
90
91
92
 
# File 'lib/pe_client/resources/puppet_ca.v1.rb', line 89

def bulk_certificate_sign
  require_relative "puppet_ca.v1/bulk_certificate_sign"
  @bulk_certificate_sign ||= PuppetCAV1::BulkCertificateSign.new(@client)
end

#certificate(node_name) ⇒ String

Returns the certificate for the specified name, which might be either a standard certname or ca.

Parameters:

  • node_name (String)

Returns:

  • (String)

    PEM-encoded certificate

See Also:



46
47
48
 
# File 'lib/pe_client/resources/puppet_ca.v1.rb', line 46

def certificate(node_name)
  @client.get "#{BASE_PATH}/certificate/#{node_name}", headers: HEADERS
end

#certificate_requestPEClient::Resource::PuppetCAV1::CertificateRequest

Returns:



71
72
73
74
 
# File 'lib/pe_client/resources/puppet_ca.v1.rb', line 71

def certificate_request
  require_relative "puppet_ca.v1/certificate_request"
  @certificate_request ||= PuppetCAV1::CertificateRequest.new(@client)
end

#certificate_revocation_listPEClient::Resource::PuppetCAV1::CertificateRevocationList

Returns:



83
84
85
86
 
# File 'lib/pe_client/resources/puppet_ca.v1.rb', line 83

def certificate_revocation_list
  require_relative "puppet_ca.v1/certificate_revocation_list"
  @certificate_revocation_list ||= PuppetCAV1::CertificateRevocationList.new(@client)
end

#certificate_statusPEClient::Resource::PuppetCAV1::CertificateStatus

Returns:



77
78
79
80
 
# File 'lib/pe_client/resources/puppet_ca.v1.rb', line 77

def certificate_status
  require_relative "puppet_ca.v1/certificate_status"
  @certificate_status ||= PuppetCAV1::CertificateStatus.new(@client)
end

#clean(certnames) ⇒ String

Allows you to revoke and delete a list of certificates with a single request.

Parameters:

  • certnames (Array<String>)

Returns:

  • (String)

See Also:



66
67
68
 
# File 'lib/pe_client/resources/puppet_ca.v1.rb', line 66

def clean(certnames)
  @client.put "#{BASE_PATH}/clean", body: {certnames:}, headers: HEADERS
end

#expirationsString

Returns the “not-after” date for all certificates in the CA bundle, and the “next-update” date of all CRLs in the chain.

Returns:

  • (String)

See Also:



55
56
57
 
# File 'lib/pe_client/resources/puppet_ca.v1.rb', line 55

def expirations
  @client.get "#{BASE_PATH}/expirations", headers: HEADERS
end