diff options
-rw-r--r-- | Modulefile | 11 | ||||
-rw-r--r-- | README | 23 | ||||
-rw-r--r-- | lib/puppet/provider/gpgkey/gpgme.rb | 35 | ||||
-rw-r--r-- | lib/puppet/type/gpgkey.rb | 45 | ||||
-rw-r--r-- | manifests/init.pp | 43 | ||||
-rw-r--r-- | spec/spec_helper.rb | 17 | ||||
-rw-r--r-- | tests/init.pp | 11 |
7 files changed, 185 insertions, 0 deletions
diff --git a/Modulefile b/Modulefile new file mode 100644 index 0000000..df3ac88 --- /dev/null +++ b/Modulefile @@ -0,0 +1,11 @@ +name 'crayfishx-gpg' +version '0.0.1' +source 'UNKNOWN' +author 'crayfishx' +license 'Apache License, Version 2.0' +summary 'UNKNOWN' +description 'UNKNOWN' +project_page 'UNKNOWN' + +## Add dependencies, if any: +# dependency 'username/name', '>= 1.2.0' @@ -0,0 +1,23 @@ +Puppet Module: gpg +------------------ + +This module gives a type and provider for managing and creating gpg keys on the fly - useful for sites running hiera-gpg + +Example: + gpgkey { 'hiera': + ensure => present, + email => 'puppet@puppet.mydomain.com', + } + +License +------- + + +Contact +------- + + +Support +------- + +Please log tickets and issues at our [Projects site](http://projects.example.com) diff --git a/lib/puppet/provider/gpgkey/gpgme.rb b/lib/puppet/provider/gpgkey/gpgme.rb new file mode 100644 index 0000000..7a37f45 --- /dev/null +++ b/lib/puppet/provider/gpgkey/gpgme.rb @@ -0,0 +1,35 @@ +Puppet::Type.type(:gpgkey).provide(:gpgme) do + require 'gpgme' + def exists? + ! GPGME::Key.find(:secret, keyname()).empty? + end + + def create + ctx = GPGME::Ctx.new + keydata = "<GnupgKeyParms format=\"internal\">\n" + keydata += "Key-Type: " +@resource.value(:keytype)+"\n" + keydata += "Key-Length: " +@resource.value(:keylength)+"\n" + keydata += "Subkey-Type: " +@resource.value(:subkeytype)+"\n" + keydata += "Subkey-Length: " +@resource.value(:subkeylength)+"\n" + keydata += "Name-Real: " +@resource.value(:name)+"\n" + keydata += "Name-Comment: " +keyname()+"\n" + keydata += "Name-Email: " +@resource.value(:email)+"\n" + keydata += "Expire-Date: " +@resource.value(:expire)+"\n" + keydata += "</GnupgKeyParms>\n" + + ctx.genkey(keydata, nil, nil) + end + + def destroy + GPGME::Key.find(:secret, keyname()).each do |key| + key.delete!(true) + end + end + + private + def keyname + keyname = 'puppet#' + @resource.value(:name) + '#' + return keyname + end + +end diff --git a/lib/puppet/type/gpgkey.rb b/lib/puppet/type/gpgkey.rb new file mode 100644 index 0000000..83bbd6f --- /dev/null +++ b/lib/puppet/type/gpgkey.rb @@ -0,0 +1,45 @@ +Puppet::Type.newtype(:gpgkey) do + ensurable + @doc = "Creates and managed GPG keys through GPGME" + + newparam(:name, :namevar => true) do + desc 'The name of the GPG key, this will use the Real Name attribute of the key' + end + + newparam(:keytype) do + defaultto 'DSA' + desc 'GPG Key Type' + end + + newparam(:keylength) do + defaultto '1024' + desc 'Key Length (default 1024)' + end + + newparam(:subkeytype) do + defaultto 'RSA' + desc 'GPG Sub Key Type' + end + + newparam(:subkeylength) do + defaultto '1024' + desc 'Sub Key Length (default 1024)' + end + + newparam(:email) do + defaultto 'puppet@localhost' + end + + newparam(:expire) do + defaultto '0' + end + + newparam(:password) do + defaultto '' + end + + newparam(:armour) do + defaultto true + end + +end diff --git a/manifests/init.pp b/manifests/init.pp new file mode 100644 index 0000000..4847fc2 --- /dev/null +++ b/manifests/init.pp @@ -0,0 +1,43 @@ +# == Class: gpg +# +# Manage GPG keys using GPGME +# +# === Parameters +# +# packagename, defaults to gnupg2 +# +# === Examples +# +# include gpg +# +# gpgkey { 'hiera': +# ensure => 'present', +# email => 'puppet@localhost', +# } +# +# +# +# === Authors +# +# Craig Dunn <craig@craigdunn.org> +# +# === Copyright +# +# Copyright 2012 Craig Dunn +# +class gpg ( + $packagename = 'gnupg2', + $gpgme_provider = 'gem' +) { + + package { 'gnupg': + name => $packagename, + ensure => 'installed', + } + + package { 'gpgme': + ensure => 'instaled', + provider => $gpgme_provider, + require => Package['gnupg'] + } +} diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb new file mode 100644 index 0000000..5fda588 --- /dev/null +++ b/spec/spec_helper.rb @@ -0,0 +1,17 @@ +dir = File.expand_path(File.dirname(__FILE__)) +$LOAD_PATH.unshift File.join(dir, 'lib') + +require 'mocha' +require 'puppet' +require 'rspec' +require 'spec/autorun' + +Spec::Runner.configure do |config| + config.mock_with :mocha +end + +# We need this because the RAL uses 'should' as a method. This +# allows us the same behaviour but with a different method name. +class Object + alias :must :should +end diff --git a/tests/init.pp b/tests/init.pp new file mode 100644 index 0000000..d8b20dc --- /dev/null +++ b/tests/init.pp @@ -0,0 +1,11 @@ +# The baseline for module testing used by Puppet Labs is that each manifest +# should have a corresponding test manifest that declares that class or defined +# type. +# +# Tests are then run by using puppet apply --noop (to check for compilation errors +# and view a log of events) or by fully applying the test in a virtual environment +# (to compare the resulting system state to the desired state). +# +# Learn more about module testing here: http://docs.puppetlabs.com/guides/tests_smoke.html +# +include gpg |