diff options
| author | Daniel Pittman <daniel@puppetlabs.com> | 2011-04-05 18:39:19 -0700 |
|---|---|---|
| committer | Daniel Pittman <daniel@puppetlabs.com> | 2011-04-06 16:37:08 -0700 |
| commit | a03790d82a2c190d6f00ee7677617a7be04aa85d (patch) | |
| tree | 0aac739e7554a7a7b7e65ccb5788efb16594d475 /lib/puppet/string | |
| parent | 7e7d246bf46349c904c76a31951d4a40c200790b (diff) | |
| download | puppet-a03790d82a2c190d6f00ee7677617a7be04aa85d.tar.gz puppet-a03790d82a2c190d6f00ee7677617a7be04aa85d.tar.xz puppet-a03790d82a2c190d6f00ee7677617a7be04aa85d.zip | |
(#6972) Handle ca-location in the certificate string.
This ports the existing certificate location configuration to be a string
option, and then uses that to change the configuration. This will leak state
between calls, which is somewhat unavoidable, but should at least get the
basic stuff right for the CLI.
We eventually need the CA string to be supported by a stateless internal CA
implementation that allows us to do the right thing overall.
Reviewed-By: Dan Bode <dan@puppetlabs.com>
Diffstat (limited to 'lib/puppet/string')
| -rw-r--r-- | lib/puppet/string/certificate.rb | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/lib/puppet/string/certificate.rb b/lib/puppet/string/certificate.rb index b231cafb1..fdb0bc9f4 100644 --- a/lib/puppet/string/certificate.rb +++ b/lib/puppet/string/certificate.rb @@ -2,9 +2,24 @@ require 'puppet/string/indirector' require 'puppet/ssl/host' Puppet::String::Indirector.define(:certificate, '0.0.1') do + # REVISIT: This should use a pre-invoke hook to run the common code that + # needs to happen before we invoke any action; that would be much nicer than + # the "please repeat yourself" stuff found in here right now. + # + # option "--ca-location LOCATION" do + # type [:whatever, :location, :symbols] + # hook :before do |value| + # Puppet::SSL::Host.ca_location = value + # end + # end + # + # ...but should I pass the arguments as well? + # --daniel 2011-04-05 + option "--ca-location LOCATION" action :generate do when_invoked do |name, options| + Puppet::SSL::Host.ca_location = options[:ca_location].to_sym host = Puppet::SSL::Host.new(name) host.generate_certificate_request host.certificate_request.class.indirection.save(host.certificate_request) @@ -13,6 +28,7 @@ Puppet::String::Indirector.define(:certificate, '0.0.1') do action :list do when_invoked do |options| + Puppet::SSL::Host.ca_location = options[:ca_location].to_sym Puppet::SSL::Host.indirection.search("*", { :for => :certificate_request, }).map { |h| h.inspect } @@ -21,6 +37,7 @@ Puppet::String::Indirector.define(:certificate, '0.0.1') do action :sign do when_invoked do |name, options| + Puppet::SSL::Host.ca_location = options[:ca_location].to_sym host = Puppet::SSL::Host.new(name) host.desired_state = 'signed' Puppet::SSL::Host.indirection.save(host) |