Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support puppetdb token authentication #73

Merged
merged 1 commit into from
Jan 12, 2024
Merged

support puppetdb token authentication #73

merged 1 commit into from
Jan 12, 2024

Conversation

h0tw1r3
Copy link
Contributor

@h0tw1r3 h0tw1r3 commented Oct 12, 2023

No description provided.

@h0tw1r3 h0tw1r3 force-pushed the puppetdb_token_auth branch 2 times, most recently from 615aeab to 5ea2333 Compare October 13, 2023 13:11
ekohl
ekohl requested changes Jan 9, 2024
View reviewed changes
Copy link
Member

@ekohl ekohl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not familiar with PE and their tokens, but this is a general Ruby thing.

lib/puppet-ghostbuster/puppetdb.rb Outdated
Comment on lines 16 to 31
options = {
server: ENV['PUPPETDB_URL'] || @@puppetdb,
}

if ENV['PE_TOKEN']
options[:token] = ENV['PE_TOKEN']
options[:cacert] = ENV['PUPPETDB_CACERT_FILE'] || Puppet[:localcacert]
else
options[:pem] = {
'key' => ENV['PUPPETDB_KEY_FILE'] || Puppet[:hostprivkey],
'cert' => ENV['PUPPETDB_CERT_FILE'] || Puppet[:hostcert],
'ca_file' => ENV['PUPPETDB_CACERT_FILE'] || Puppet[:localcacert],
}
end

@@client ||= ::PuppetDB::Client.new(options, 4)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you should use a block to cache. The diff may be hard to read, but it's essentially

@@client ||= begin
  # ...
end
Suggested change
options = {
server: ENV['PUPPETDB_URL'] || @@puppetdb,
}
if ENV['PE_TOKEN']
options[:token] = ENV['PE_TOKEN']
options[:cacert] = ENV['PUPPETDB_CACERT_FILE'] || Puppet[:localcacert]
else
options[:pem] = {
'key' => ENV['PUPPETDB_KEY_FILE'] || Puppet[:hostprivkey],
'cert' => ENV['PUPPETDB_CERT_FILE'] || Puppet[:hostcert],
'ca_file' => ENV['PUPPETDB_CACERT_FILE'] || Puppet[:localcacert],
}
end
@@client ||= ::PuppetDB::Client.new(options, 4)
@@client ||= begin
options = {
server: ENV['PUPPETDB_URL'] || @@puppetdb,
}
if ENV['PE_TOKEN']
options[:token] = ENV['PE_TOKEN']
options[:cacert] = ENV['PUPPETDB_CACERT_FILE'] || Puppet[:localcacert]
else
options[:pem] = {
'key' => ENV['PUPPETDB_KEY_FILE'] || Puppet[:hostprivkey],
'cert' => ENV['PUPPETDB_CERT_FILE'] || Puppet[:hostcert],
'ca_file' => ENV['PUPPETDB_CACERT_FILE'] || Puppet[:localcacert],
}
end
::PuppetDB::Client.new(options, 4)
end

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cheers. Fixed.

@zilchms zilchms requested a review from ekohl January 12, 2024 09:41
@ekohl ekohl merged commit ad5edd4 into voxpupuli:master Jan 12, 2024
6 checks passed
@h0tw1r3 h0tw1r3 deleted the puppetdb_token_auth branch January 19, 2024 05:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ekohl ekohl ekohl approved these changes

@zilchms zilchms zilchms approved these changes

Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@h0tw1r3 @ekohl @zilchms @bastelfreak