class Puppetserver::Ca::Action::Enable
Constants
- BANNER
- SUMMARY
Public Class Methods
new(logger)
click to toggle source
# File lib/puppetserver/ca/action/enable.rb, line 35 def initialize(logger) @logger = logger end
parser(parsed = {})
click to toggle source
# File lib/puppetserver/ca/action/enable.rb, line 123 def self.parser(parsed = {}) OptionParser.new do |opts| opts.banner = BANNER opts.on('--help', 'Display this command-specific help output') do |help| parsed['help'] = true end opts.on('--config CONF', 'Path to puppet.conf') do |conf| parsed['config'] = conf end opts.on('--infracrl', "Create auxiliary files for the infrastructure-only CRL.") do |infracrl| parsed['infracrl'] = true end end end
Public Instance Methods
check_for_existing_infra_files(files)
click to toggle source
# File lib/puppetserver/ca/action/enable.rb, line 82 def check_for_existing_infra_files(files) file_errors = FileSystem.check_for_existing_files(files) if !file_errors.empty? notice = <<-MSG If you would really like to reinitialize your infrastructure CRL, please delete the existing files and run this command again. MSG file_errors << notice end return file_errors end
create_infra_crl_chain(settings)
click to toggle source
# File lib/puppetserver/ca/action/enable.rb, line 94 def create_infra_crl_chain(settings) # Load most secure signing digest we can for cers/crl/csr signing. signer = SigningDigest.new return signer.errors if signer.errors.any? ca = LocalCertificateAuthority.new(signer.digest, settings) return ca.errors if ca.errors.any? infra_crl = ca.create_crl_for(ca.cert, ca.key) # Drop the full leaf CRL from the chain crl_chain = ca.crl_chain.drop(1) # Add the new clean CRL, that will be populated with infra nodes only # as they are revoked crl_chain.unshift(infra_crl) FileSystem.write_file(File.join(settings[:cadir], 'infra_crl.pem'), crl_chain, 0644) [] end
enable_infra_crl(settings)
click to toggle source
# File lib/puppetserver/ca/action/enable.rb, line 60 def enable_infra_crl(settings) inventory_file = File.join(settings[:cadir], 'infra_inventory.txt') if !File.exist?(inventory_file) error = <<-ERR Please create an inventory file at '#{inventory_file}' with the certnames of your infrastructure nodes before proceeding with infra CRL setup!" ERR return [error] end infra_crl = File.join(settings[:cadir], 'infra_crl.pem') file_errors = check_for_existing_infra_files(infra_crl) return file_errors if !file_errors.empty? errors = create_infra_crl_chain(settings) return errors if !errors.empty? @logger.inform "Infra CRL files created." return [] end
parse(cli_args)
click to toggle source
# File lib/puppetserver/ca/action/enable.rb, line 114 def parse(cli_args) results = {} parser = self.class.parser(results) errors = CliParsing.parse_with_errors(parser, cli_args) errors_were_handled = Errors.handle_with_usage(@logger, errors, parser.help) exit_code = errors_were_handled ? 1 : nil return results, exit_code end
run(input)
click to toggle source
# File lib/puppetserver/ca/action/enable.rb, line 39 def run(input) # Validate config_path provided config_path = input['config'] if config_path errors = FileSystem.validate_file_paths(config_path) return 1 if Errors.handle_with_usage(@logger, errors) end puppet = Config::Puppet.new(config_path) puppet.load(logger: @logger) settings = puppet.settings return 1 if Errors.handle_with_usage(@logger, puppet.errors) if input['infracrl'] errors = enable_infra_crl(settings) return 1 if Errors.handle_with_usage(@logger, errors) end return 0 end