| Revision | 8d73b2f73eaea13a49e4f57c63567d6f9a0fc825 (tree) |
|---|---|
| Zeit | 2017-09-05 20:49:32 |
| Autor | whitestar <whitestar@user...> |
| Commiter | whitestar |
adds some helper methods to the ssl_cert cookbook.
cookbooks/ssl_cert/.rubocop.yml (diff) cookbooks/ssl_cert/CHANGELOG.md (diff) cookbooks/ssl_cert/README.md (diff) cookbooks/ssl_cert/libraries/helper.rb (diff) cookbooks/ssl_cert/metadata.rb (diff) cookbooks/ssl_cert/version (diff)| @@ -36,4 +36,4 @@ Style/AccessorMethodName: | ||
| 36 | 36 | Metrics/MethodLength: |
| 37 | 37 | Max: 50 |
| 38 | 38 | Metrics/ModuleLength: |
| 39 | - Max: 250 | |
| 39 | + Max: 280 |
| @@ -1,6 +1,11 @@ | ||
| 1 | 1 | ssl_cert CHANGELOG |
| 2 | 2 | ================== |
| 3 | 3 | |
| 4 | +0.4.1 | |
| 5 | +----- | |
| 6 | +- adds `SSLCert::Helper.append_ca_name` method. | |
| 7 | +- adds `SSLCert::Helper.append_server_ssl_cn` method. | |
| 8 | + | |
| 4 | 9 | 0.4.0 |
| 5 | 10 | ----- |
| 6 | 11 | - adds `SSLCert::Helper.server_{cert,key}_content` method. |
| @@ -232,9 +232,14 @@ override_attributes( | ||
| 232 | 232 | |
| 233 | 233 | ### Helper methods |
| 234 | 234 | |
| 235 | +- `SSLCert::Helper.get_vault_item_value(vault, name)`: return vault item value string. | |
| 236 | +- `SSLCert::Helper.append_ca_name(ca_name)`: append CA name which certificate is deployed. | |
| 235 | 237 | - `SSLCert::Helper.ca_cert_path(ca_name)`: return CA certificate file path string. |
| 236 | 238 | - `SSLCert::Helper.ca_pubkey_path(ca_name)`: return CA public key file path string. |
| 237 | 239 | - `SSLCert::Helper.ca_krl_path(ca_name)`: return CA KRL file path string. |
| 240 | +- `SSLCert::Helper.append_server_ssl_cn(common_name)`: append server common name which key and certificate are deployed. | |
| 241 | +- `SSLCert::Helper.server_key_content(common_name)`: return server private key content string. | |
| 242 | +- `SSLCert::Helper.server_cert_content(common_name)`: return server certificate content string. | |
| 238 | 243 | - `SSLCert::Helper.server_key_path(common_name)`: return server private key file path string. |
| 239 | 244 | - `SSLCert::Helper.server_cert_path(common_name)`: return server certificate file path string. |
| 240 | 245 | - `SSLCert::Helper.append_members_to_key_access_group(members_array)`: append members to the key access group (default: `ssl-cert`). |
| @@ -124,6 +124,18 @@ module SSLCert | ||
| 124 | 124 | suffix |
| 125 | 125 | end |
| 126 | 126 | |
| 127 | + def append_ca_name(ca_name) | |
| 128 | + ca_names = node['ssl_cert']['ca_names'].to_a | |
| 129 | + return if ca_names.include?(ca_name) | |
| 130 | + | |
| 131 | + ca_names.push(ca_name) | |
| 132 | + node.override['ssl_cert']['ca_names'] = ca_names | |
| 133 | + node.from_file(run_context.resolve_attribute('ssl_cert', 'default')) | |
| 134 | + # workaround for `ssl_cert::ca_certs` recipe execution before the current recipe. | |
| 135 | + ca_certificate(ca_name) | |
| 136 | + Chef::Log.info("CA name #{ca_name} has been appended for CA certificate deployment.") | |
| 137 | + end | |
| 138 | + | |
| 127 | 139 | def ca_cert_src_path(ca) |
| 128 | 140 | undotted_ca = ca.tr('.', '_') |
| 129 | 141 | node['ssl_cert']["#{undotted_ca}_cert_src_path"] |
| @@ -234,6 +246,19 @@ module SSLCert | ||
| 234 | 246 | end |
| 235 | 247 | end |
| 236 | 248 | |
| 249 | + def append_server_ssl_cn(cn) | |
| 250 | + cns = node['ssl_cert']['common_names'].to_a | |
| 251 | + return if cns.include?(cn) | |
| 252 | + | |
| 253 | + cns.push(cn) | |
| 254 | + node.override['ssl_cert']['common_names'] = cns | |
| 255 | + node.from_file(run_context.resolve_attribute('ssl_cert', 'default')) | |
| 256 | + # workaround for `ssl_cert::server_key_pairs` recipe execution before the current recipe. | |
| 257 | + server_certificate(cn) | |
| 258 | + server_private_key(cn) | |
| 259 | + Chef::Log.info("Common name #{cn} has been appended for server key pair deployment.") | |
| 260 | + end | |
| 261 | + | |
| 237 | 262 | def server_cert_path(cn) |
| 238 | 263 | undotted_cn = cn.tr('.', '_') |
| 239 | 264 | node['ssl_cert']["#{undotted_cn}_cert_path"] |
| @@ -3,7 +3,7 @@ name 'ssl_cert' | ||
| 3 | 3 | maintainer 'whitestar' |
| 4 | 4 | maintainer_email '' |
| 5 | 5 | license 'Apache 2.0' |
| 6 | -description 'Installs/Configures ssl_cert' | |
| 6 | +description 'Sets up private keys and certificates for PKI from Chef Vault.' | |
| 7 | 7 | long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) |
| 8 | 8 | version IO.read(File.join(File.dirname(__FILE__), 'version')).chomp |
| 9 | 9 | source_url 'http://scm.osdn.jp/gitroot/metasearch/grid-chef-repo.git' |
| @@ -1 +1 @@ | ||
| 1 | -0.4.0 | |
| 1 | +0.4.1 |
Fork