Revision dc457681
Added by Joseph Magen almost 11 years ago
- ID dc45768149de1393f5b81f8d1ab8bb4583817791
app/models/concerns/orchestration/puppetca.rb | ||
---|---|---|
module Orchestration::Puppetca
|
||
def self.included(base)
|
||
base.send :include, InstanceMethods
|
||
base.class_eval do
|
||
attr_reader :puppetca
|
||
after_validation :initialize_puppetca, :queue_puppetca
|
||
before_destroy :initialize_puppetca, :queue_puppetca_destroy unless Rails.env == "test"
|
||
end
|
||
end
|
||
|
||
module InstanceMethods
|
||
extend ActiveSupport::Concern
|
||
|
||
protected
|
||
def initialize_puppetca
|
||
return unless puppetca?
|
||
return unless Setting[:manage_puppetca]
|
||
@puppetca = ProxyAPI::Puppetca.new :url => puppet_ca_proxy.url
|
||
true
|
||
rescue => e
|
||
failure _("Failed to initialize the PuppetCA proxy: %s") % e
|
||
end
|
||
included do
|
||
attr_reader :puppetca
|
||
after_validation :initialize_puppetca, :queue_puppetca
|
||
before_destroy :initialize_puppetca, :queue_puppetca_destroy unless Rails.env == "test"
|
||
end
|
||
|
||
# Removes the host's puppet certificate from the puppetmaster's CA
|
||
def delCertificate
|
||
logger.info "Remove puppet certificate for #{name}"
|
||
puppetca.del_certificate certname
|
||
rescue => e
|
||
failure _("Failed to remove %{name}'s puppet certificate: %{e}") % { :name => name, :e => proxy_error(e) }
|
||
end
|
||
protected
|
||
def initialize_puppetca
|
||
return unless puppetca?
|
||
return unless Setting[:manage_puppetca]
|
||
@puppetca = ProxyAPI::Puppetca.new :url => puppet_ca_proxy.url
|
||
true
|
||
rescue => e
|
||
failure _("Failed to initialize the PuppetCA proxy: %s") % e
|
||
end
|
||
|
||
# Empty method for rollbacks - maybe in the future we would support creating the certificates directly
|
||
def setCertificate; end
|
||
# Removes the host's puppet certificate from the puppetmaster's CA
|
||
def delCertificate
|
||
logger.info "Remove puppet certificate for #{name}"
|
||
puppetca.del_certificate certname
|
||
rescue => e
|
||
failure _("Failed to remove %{name}'s puppet certificate: %{e}") % { :name => name, :e => proxy_error(e) }
|
||
end
|
||
|
||
# Adds the host's name to the autosign.conf file
|
||
def setAutosign
|
||
logger.info "Adding autosign entry for #{name}"
|
||
puppetca.set_autosign certname
|
||
rescue => e
|
||
failure _("Failed to add %{name} to autosign file: %{e}") % { :name => name, :e => proxy_error(e) }
|
||
end
|
||
# Empty method for rollbacks - maybe in the future we would support creating the certificates directly
|
||
def setCertificate; end
|
||
|
||
# Removes the host's name from the autosign.conf file
|
||
def delAutosign
|
||
logger.info "Delete the autosign entry for #{name}"
|
||
puppetca.del_autosign certname
|
||
rescue => e
|
||
failure _("Failed to remove %{self} from the autosign file: %{e}") % { :self => self, :e => proxy_error(e) }
|
||
end
|
||
# Adds the host's name to the autosign.conf file
|
||
def setAutosign
|
||
logger.info "Adding autosign entry for #{name}"
|
||
puppetca.set_autosign certname
|
||
rescue => e
|
||
failure _("Failed to add %{name} to autosign file: %{e}") % { :name => name, :e => proxy_error(e) }
|
||
end
|
||
|
||
private
|
||
# Removes the host's name from the autosign.conf file
|
||
def delAutosign
|
||
logger.info "Delete the autosign entry for #{name}"
|
||
puppetca.del_autosign certname
|
||
rescue => e
|
||
failure _("Failed to remove %{self} from the autosign file: %{e}") % { :self => self, :e => proxy_error(e) }
|
||
end
|
||
|
||
def queue_puppetca
|
||
return unless puppetca? and errors.empty?
|
||
return unless Setting[:manage_puppetca]
|
||
new_record? ? queue_puppetca_create : queue_puppetca_update
|
||
end
|
||
private
|
||
|
||
# we don't perform any actions upon create
|
||
# PuppetCA is set only when a provisioning script (such as a kickstart) is being requested.
|
||
def queue_puppetca_create; end
|
||
def queue_puppetca
|
||
return unless puppetca? and errors.empty?
|
||
return unless Setting[:manage_puppetca]
|
||
new_record? ? queue_puppetca_create : queue_puppetca_update
|
||
end
|
||
|
||
def queue_puppetca_update
|
||
# Host has been built --> remove auto sign
|
||
if old.build? and !build?
|
||
queue.create(:name => _("Delete autosign entry for %s") % self, :priority => 50,
|
||
:action => [self, :delAutosign])
|
||
end
|
||
end
|
||
# we don't perform any actions upon create
|
||
# PuppetCA is set only when a provisioning script (such as a kickstart) is being requested.
|
||
def queue_puppetca_create; end
|
||
|
||
def queue_puppetca_destroy
|
||
return unless puppetca? and errors.empty?
|
||
return unless Setting[:manage_puppetca]
|
||
queue.create(:name => _("Delete PuppetCA certificates for %s") % self, :priority => 50,
|
||
:action => [self, :delCertificate])
|
||
queue.create(:name => _("Delete PuppetCA certificates for %s") % self, :priority => 55,
|
||
def queue_puppetca_update
|
||
# Host has been built --> remove auto sign
|
||
if old.build? and !build?
|
||
queue.create(:name => _("Delete autosign entry for %s") % self, :priority => 50,
|
||
:action => [self, :delAutosign])
|
||
end
|
||
end
|
||
|
||
def queue_puppetca_destroy
|
||
return unless puppetca? and errors.empty?
|
||
return unless Setting[:manage_puppetca]
|
||
queue.create(:name => _("Delete PuppetCA certificates for %s") % self, :priority => 50,
|
||
:action => [self, :delCertificate])
|
||
queue.create(:name => _("Delete PuppetCA certificates for %s") % self, :priority => 55,
|
||
:action => [self, :delAutosign])
|
||
end
|
||
end
|
Also available in: Unified diff
fixes #2739 - add ActiveSupport::Concern syntax to mixins