Grid環境構築用のChefリポジトリです。
Révision | 8d73b2f73eaea13a49e4f57c63567d6f9a0fc825 (tree) |
---|---|
l'heure | 2017-09-05 20:49:32 |
Auteur | whitestar <whitestar@user...> |
Commiter | whitestar |
adds some helper methods to the ssl_cert cookbook.
@@ -36,4 +36,4 @@ Style/AccessorMethodName: | ||
36 | 36 | Metrics/MethodLength: |
37 | 37 | Max: 50 |
38 | 38 | Metrics/ModuleLength: |
39 | - Max: 250 | |
39 | + Max: 280 |
@@ -1,6 +1,11 @@ | ||
1 | 1 | ssl_cert CHANGELOG |
2 | 2 | ================== |
3 | 3 | |
4 | +0.4.1 | |
5 | +----- | |
6 | +- adds `SSLCert::Helper.append_ca_name` method. | |
7 | +- adds `SSLCert::Helper.append_server_ssl_cn` method. | |
8 | + | |
4 | 9 | 0.4.0 |
5 | 10 | ----- |
6 | 11 | - adds `SSLCert::Helper.server_{cert,key}_content` method. |
@@ -232,9 +232,14 @@ override_attributes( | ||
232 | 232 | |
233 | 233 | ### Helper methods |
234 | 234 | |
235 | +- `SSLCert::Helper.get_vault_item_value(vault, name)`: return vault item value string. | |
236 | +- `SSLCert::Helper.append_ca_name(ca_name)`: append CA name which certificate is deployed. | |
235 | 237 | - `SSLCert::Helper.ca_cert_path(ca_name)`: return CA certificate file path string. |
236 | 238 | - `SSLCert::Helper.ca_pubkey_path(ca_name)`: return CA public key file path string. |
237 | 239 | - `SSLCert::Helper.ca_krl_path(ca_name)`: return CA KRL file path string. |
240 | +- `SSLCert::Helper.append_server_ssl_cn(common_name)`: append server common name which key and certificate are deployed. | |
241 | +- `SSLCert::Helper.server_key_content(common_name)`: return server private key content string. | |
242 | +- `SSLCert::Helper.server_cert_content(common_name)`: return server certificate content string. | |
238 | 243 | - `SSLCert::Helper.server_key_path(common_name)`: return server private key file path string. |
239 | 244 | - `SSLCert::Helper.server_cert_path(common_name)`: return server certificate file path string. |
240 | 245 | - `SSLCert::Helper.append_members_to_key_access_group(members_array)`: append members to the key access group (default: `ssl-cert`). |
@@ -124,6 +124,18 @@ module SSLCert | ||
124 | 124 | suffix |
125 | 125 | end |
126 | 126 | |
127 | + def append_ca_name(ca_name) | |
128 | + ca_names = node['ssl_cert']['ca_names'].to_a | |
129 | + return if ca_names.include?(ca_name) | |
130 | + | |
131 | + ca_names.push(ca_name) | |
132 | + node.override['ssl_cert']['ca_names'] = ca_names | |
133 | + node.from_file(run_context.resolve_attribute('ssl_cert', 'default')) | |
134 | + # workaround for `ssl_cert::ca_certs` recipe execution before the current recipe. | |
135 | + ca_certificate(ca_name) | |
136 | + Chef::Log.info("CA name #{ca_name} has been appended for CA certificate deployment.") | |
137 | + end | |
138 | + | |
127 | 139 | def ca_cert_src_path(ca) |
128 | 140 | undotted_ca = ca.tr('.', '_') |
129 | 141 | node['ssl_cert']["#{undotted_ca}_cert_src_path"] |
@@ -234,6 +246,19 @@ module SSLCert | ||
234 | 246 | end |
235 | 247 | end |
236 | 248 | |
249 | + def append_server_ssl_cn(cn) | |
250 | + cns = node['ssl_cert']['common_names'].to_a | |
251 | + return if cns.include?(cn) | |
252 | + | |
253 | + cns.push(cn) | |
254 | + node.override['ssl_cert']['common_names'] = cns | |
255 | + node.from_file(run_context.resolve_attribute('ssl_cert', 'default')) | |
256 | + # workaround for `ssl_cert::server_key_pairs` recipe execution before the current recipe. | |
257 | + server_certificate(cn) | |
258 | + server_private_key(cn) | |
259 | + Chef::Log.info("Common name #{cn} has been appended for server key pair deployment.") | |
260 | + end | |
261 | + | |
237 | 262 | def server_cert_path(cn) |
238 | 263 | undotted_cn = cn.tr('.', '_') |
239 | 264 | node['ssl_cert']["#{undotted_cn}_cert_path"] |
@@ -3,7 +3,7 @@ name 'ssl_cert' | ||
3 | 3 | maintainer 'whitestar' |
4 | 4 | maintainer_email '' |
5 | 5 | license 'Apache 2.0' |
6 | -description 'Installs/Configures ssl_cert' | |
6 | +description 'Sets up private keys and certificates for PKI from Chef Vault.' | |
7 | 7 | long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) |
8 | 8 | version IO.read(File.join(File.dirname(__FILE__), 'version')).chomp |
9 | 9 | source_url 'http://scm.osdn.jp/gitroot/metasearch/grid-chef-repo.git' |
@@ -1 +1 @@ | ||
1 | -0.4.0 | |
1 | +0.4.1 |