From 0b59b4e84c8d3d2244294e625f0b916709959e28 Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 5 Aug 2011 15:24:44 +0200 Subject: introduce trocla_set - useful to migrate existing manifests --- lib/puppet/parser/functions/trocla_set.rb | 65 +++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 lib/puppet/parser/functions/trocla_set.rb (limited to 'lib/puppet/parser/functions/trocla_set.rb') diff --git a/lib/puppet/parser/functions/trocla_set.rb b/lib/puppet/parser/functions/trocla_set.rb new file mode 100644 index 0000000..5b6079a --- /dev/null +++ b/lib/puppet/parser/functions/trocla_set.rb @@ -0,0 +1,65 @@ +module Puppet::Parser::Functions + newfunction(:trocla_set, :type => :rvalue, :doc => " + This will set a password/hash in the local storage and return itself, + or hashed in another format, if the password is present in plaintext or + in that specific hash format. + + This function is mainly useful to migrate from hashes in manifests to trocla only manifests. + +Usage: + + $password_user1 = trocla_set(key,value,[format='plain',[return_format,[options={}]]]) + +Means: + + $password_user1 = trocla_set('user1','mysecret') + +Will set and return 'mysecret' as plain password. + + $password_user2 = trocla_set('user2','*AAA...','mysql') + +Will set and return the sha1 hashed mysql password for the key user2. + + $password_user3 = trocla_set('user3','mysecret','plain','sha512crypt') + +Will set 'mysecret' as plain password, but return a newly created sha512crypt hash. + + $postgres_user4 = { username => 'user4' } + $password_user4 = trocla_set('user4','mysecret','plain','pgsql',$postgres_user4) + +Will set the plain password 'mysecret' and return a pgsql md5 hash for user5. + + $password_user2 = trocla_set('user2','*AAA...','mysql','sha512crypt') + +This will likely fail, except if you add the plain password or the sha512crypt hash manually to +trocla, for example via cli. +" +) do |*args| + if args[0].is_a?(Array) + args = args[0] + end + + key = args[0] + value = args[1] + raise(Puppet::ParseError, "You need to pass at least key & value as an argument!") if key.nil? || value.nil? + + format = args[2] || 'plain' + return_format = args[3] || format + options = args[4] || {} + + configfile = File.join(File.dirname(Puppet.settings[:config]), "troclarc.yaml") + + raise(Puppet::ParseError, "Trocla config file #{configfile} not readable") unless File.exist?(configfile) + raise(Puppet::ParseError, "You need rubygems to use Trocla") unless Puppet.features.rubygems? + + require 'rubygems' + require 'trocla' + + result = (trocla=Trocla.new(configfile)).set_password(key,format,value) + if format != return_format && (result = trocla.get_password(key,return_format)).nil? + raise(Puppet::ParseError, "Plaintext password is not present, but required to return password in format #{return_format}") if (return_format == 'plain') || trocla.get_password(key,'plain').nil? + result = trocla.password(key,return_format,options) + end + result + end +end -- cgit v1.2.3 From 02bbc22223f53d979c1ab5724e26aa2ac4c22c7a Mon Sep 17 00:00:00 2001 From: Michael Franz Aigner Date: Thu, 28 Feb 2013 08:17:37 -0500 Subject: Removing calls to Puppet.features.rubygems? This makes the Gem usable in the latest Puppet versions. The handling of RubyGems got revised in Puppet 3.0.1-rc1: http://projects.puppetlabs.com/issues/16757 The new policy is that either bundler and/or rubygems are guaranteed to be loaded and initialized when the Puppet manifest is evaluated, making it unnecessary for Puppet modules to load rubygems. This new policy broke the puppet-trocla module. This is because 'Puppet.features.rubygems?' always evaluates to false now, which causes the module to abort the manifest compilation with a message informing about the necessity of RubyGems to be present. --- lib/puppet/parser/functions/trocla_set.rb | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'lib/puppet/parser/functions/trocla_set.rb') diff --git a/lib/puppet/parser/functions/trocla_set.rb b/lib/puppet/parser/functions/trocla_set.rb index 5b6079a..c3c9b49 100644 --- a/lib/puppet/parser/functions/trocla_set.rb +++ b/lib/puppet/parser/functions/trocla_set.rb @@ -50,9 +50,7 @@ trocla, for example via cli. configfile = File.join(File.dirname(Puppet.settings[:config]), "troclarc.yaml") raise(Puppet::ParseError, "Trocla config file #{configfile} not readable") unless File.exist?(configfile) - raise(Puppet::ParseError, "You need rubygems to use Trocla") unless Puppet.features.rubygems? - - require 'rubygems' + require 'trocla' result = (trocla=Trocla.new(configfile)).set_password(key,format,value) -- cgit v1.2.3 From 0e320508328db93fc2ca8aa29eb1ed22e0f0f22a Mon Sep 17 00:00:00 2001 From: mh Date: Wed, 12 Aug 2015 08:42:35 +0200 Subject: whitespace cleanup --- lib/puppet/parser/functions/trocla_set.rb | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'lib/puppet/parser/functions/trocla_set.rb') diff --git a/lib/puppet/parser/functions/trocla_set.rb b/lib/puppet/parser/functions/trocla_set.rb index c3c9b49..06da5ae 100644 --- a/lib/puppet/parser/functions/trocla_set.rb +++ b/lib/puppet/parser/functions/trocla_set.rb @@ -38,21 +38,21 @@ trocla, for example via cli. if args[0].is_a?(Array) args = args[0] end - + key = args[0] value = args[1] raise(Puppet::ParseError, "You need to pass at least key & value as an argument!") if key.nil? || value.nil? - + format = args[2] || 'plain' return_format = args[3] || format options = args[4] || {} - + configfile = File.join(File.dirname(Puppet.settings[:config]), "troclarc.yaml") - + raise(Puppet::ParseError, "Trocla config file #{configfile} not readable") unless File.exist?(configfile) require 'trocla' - + result = (trocla=Trocla.new(configfile)).set_password(key,format,value) if format != return_format && (result = trocla.get_password(key,return_format)).nil? raise(Puppet::ParseError, "Plaintext password is not present, but required to return password in format #{return_format}") if (return_format == 'plain') || trocla.get_password(key,'plain').nil? -- cgit v1.2.3