|
Lines 66-72
Link Here
|
| 66 |
# list of all certificates and their state/fingerprint |
66 |
# list of all certificates and their state/fingerprint |
| 67 |
def list |
67 |
def list |
| 68 |
find_puppetca |
68 |
find_puppetca |
| 69 |
command = "#{@sudo} #{@puppetca} --list --all" |
69 |
if @puppetca.include?("puppetserver") |
|
|
70 |
command = "#{@sudo} #{@puppetca} list --all" |
| 71 |
else |
| 72 |
command = "#{@sudo} #{@puppetca} --list --all" |
| 73 |
end |
| 70 |
logger.debug "Executing #{command}" |
74 |
logger.debug "Executing #{command}" |
| 71 |
response = `#{command}` |
75 |
response = `#{command}` |
| 72 |
unless $? == 0 |
76 |
unless $? == 0 |
|
Lines 99-116
Link Here
|
| 99 |
end |
103 |
end |
| 100 |
default_path = ["/opt/puppet/bin", "/opt/puppet/sbin", "/opt/puppetlabs/bin"] |
104 |
default_path = ["/opt/puppet/bin", "/opt/puppet/sbin", "/opt/puppetlabs/bin"] |
| 101 |
@puppetca = which("puppetca", default_path) || which("puppet", default_path) |
105 |
puppet = which("puppetca", default_path) || which("puppet", default_path) |
|
|
106 |
puppetserver = which("puppetserver", default_path) |
| 107 |
puppetserver_version = `#{puppetserver} --version`.split(": ")[1] |
| 108 |
if puppetserver_version >= "6" |
| 109 |
@puppetca = puppetserver |
| 110 |
else |
| 111 |
@puppetca = puppet |
| 112 |
end |
| 113 |
|
| 102 |
unless File.exist?(@puppetca.to_s) |
114 |
unless File.exist?(@puppetca.to_s) |
| 103 |
logger.warn "unable to find puppetca binary" |
115 |
logger.warn "unable to find puppetca binary" |
| 104 |
raise "unable to find puppetca" |
116 |
raise "unable to find puppetca" |
| 105 |
end |
117 |
end |
| 106 |
# Append cert to the puppet command if we are not using the old puppetca command |
118 |
# Append cert to the puppet command if we are not using the old puppetca command |
| 107 |
logger.debug "Found puppetca at #{@puppetca}" |
119 |
logger.debug "Found puppetca at #{@puppetca}" |
| 108 |
@puppetca << " cert" unless @puppetca.include?("puppetca") |
120 |
if @puppetca.include?("puppetserver") |
|
|
121 |
@puppetca << " ca" |
| 122 |
else |
| 123 |
@puppetca << " cert" unless @puppetca.include?("puppetca") |
| 124 |
end |
| 109 |
# Tell puppetca to use the ssl dir that Foreman has been told to use |
125 |
# Tell puppetca to use the ssl dir that Foreman has been told to use |
| 110 |
@puppetca << " --ssldir #{ssl_dir}" |
126 |
@puppetca << " --ssldir #{ssl_dir}" unless @puppetca.include?("puppetserver") |
| 111 |
if to_bool(::Proxy::PuppetCa::Plugin.settings.puppetca_use_sudo, true) |
127 |
if to_bool(::Proxy::PuppetCa::Plugin.settings.puppetca_use_sudo, true) |
| 112 |
@sudo = ::Proxy::PuppetCa::Plugin.settings.sudo_command || which("sudo") |
128 |
@sudo = ::Proxy::PuppetCa::Plugin.settings.sudo_command || which("sudo") |
|
Lines 137-143
Link Here
|
| 137 |
"#{puppetdir}/autosign.conf" |
153 |
"#{puppetdir}/autosign.conf" |
| 138 |
end |
154 |
end |
| 139 |
# parse the puppetca --list output |
155 |
# parse the puppetca list output |
| 140 |
def certificate str |
156 |
def certificate str |
| 141 |
case str |
157 |
case str |
| 142 |
when /(\+|\-)\s+["]{0,1}(.*\w)["]{0,1}\s+\((\S+)\)/ |
158 |
when /(\+|\-)\s+["]{0,1}(.*\w)["]{0,1}\s+\((\S+)\)/ |