From 572fd99995e50591f3e774582937c28eb337aa00 Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Tue, 22 Dec 2015 11:51:17 +0100
Subject: Fix #17 - point to @ZeroPointEnergy's hiera-backend

---
 README.md                           |  4 ++
 lib/hiera/backend/trocla_backend.rb | 96 -------------------------------------
 2 files changed, 4 insertions(+), 96 deletions(-)
 delete mode 100644 lib/hiera/backend/trocla_backend.rb

diff --git a/README.md b/README.md
index b3dff56..551de54 100644
--- a/README.md
+++ b/README.md
@@ -81,6 +81,10 @@ one if you do not use the default yaml setup.
 This class manages the installation of trocla itself. It will not configure
 trocla, it will just install the necessary packages.
 
+## Hiera backend
+
+Trocla can also be integrated into [Hiera](https://docs.puppetlabs.com/hiera/) by using ZeroPointEnergy's [hiera-backend](https://github.com/ZeroPointEnergy/hiera-backend-trocla).
+
 ## Moar
 
 RTFC and for more information about trocla visit: https://github.com/duritong/trocla
diff --git a/lib/hiera/backend/trocla_backend.rb b/lib/hiera/backend/trocla_backend.rb
deleted file mode 100644
index db342e9..0000000
--- a/lib/hiera/backend/trocla_backend.rb
+++ /dev/null
@@ -1,96 +0,0 @@
-# Custom hiera backend for trocla
-#
-# Only reacts to key namespace trocla::password::<trocla_key>. Looks up
-# additional parameters via hiera itself as
-# trocla::options::<trocla_key>::format (string) and
-# trocla::options::<trocla_key>::options (hash). Looks for <trocla_key> in
-# trocla as hiera/<source>/<trocla> with <source> iterating over the configured
-# hiera hierarchy. If not found, makes a normal trocla lookup with
-# <trocla_key> that might create a new password on the first run.
-#
-# example entry in hiera.yaml:
-# backends:
-#   - ...
-#   - trocla
-# trocla:
-#   configfile: /etc/puppet/troclarc.yaml
-#   default_format: plain
-#   default_options:
-#     length: 16
-#
-# example usage in hiera yaml file:
-# kerberos::kdc_database_password: "%{hiera('trocla::password::kdc_database_password')}"
-# trocla::options::kdc_database_password::format: 'plain'
-# trocla::options::kdc_database_password::options:
-#   length: 71
-class Hiera
-  module Backend
-    class Trocla_backend
-      attr_accessor :trocla
-      def initialize
-        Hiera.debug("Hiera Trocla backend starting")
-        require 'trocla'
-        unless File.readable?(config[:configfile])
-          Hiera.warn("Trocla config file #{config[:configfile]} is not readable")
-          return
-        end
-
-        @trocla = Trocla.new(config[:configfile])
-      end
-
-      def lookup(key, scope, order_override, resolution_type)
-        return nil unless trocla
-
-        Hiera.debug("Looking up #{key} in trocla backend")
-
-
-        # we only accept trocla::password:: lookups because we do hiera lookups
-        # ourselves and could otherwise cause loops
-        return nil unless key.start_with?(config[:password_namespace])
-
-        # cut off trocla hiera namespace: trocla::password::root -> root
-        trocla_key = key.sub(/^#{config[:password_namespace]}/,'')
-        Hiera.debug("Looking for key #{trocla_key} in trocla")
-
-        # HERE BE DRAGONS: hiera lookups from backend to determine additional
-        # trocla options for this password
-        format = Backend.lookup(config[:options_namespace] + trocla_key + '::format',
-                                config[:default_format], scope, nil, :priority)
-
-        answer = nil
-        # Go looking for existing password as hiera/<source>/<trocla_key>.
-        # Would need to be initialised externally, e.g by calling
-        # trocla('hiera/osfamily/Debian/jessie/root' in site.pp.  Alternatively
-        # we could use hiera's concept of datafiles to look into different
-        # trocla password stores. But this would need somehow providing
-        # different troclarcs as well.
-        Backend.datasources(scope, order_override) do |source|
-          Hiera.debug("Looking for data source #{source}")
-          break if answer = trocla.get_password(
-                                      'hiera/' + source + '/' + trocla_key,
-                                      format)
-        end
-
-        unless answer
-          # lookup and maybe create a new password
-          options = Backend.lookup(config[:options_namespace] + trocla_key + '::options',
-                                   config[:default_options], scope, nil, :hash)
-          answer = trocla.password(trocla_key, format, options)
-        end
-
-        return answer
-      end
-
-      private
-      def config
-        @config ||= {
-            :configfile         => '/etc/puppet/troclarc.yaml',
-            :default_format     => 'plain',
-            :default_options    => {},
-            :password_namespace => 'trocla::password::',
-            :options_namespace  => 'trocla::options::',
-        }.merge(Config[:trocla] || {})
-      end
-    end
-  end
-end
-- 
cgit v1.2.3