-
Notifications
You must be signed in to change notification settings - Fork 293
/
sensuctl.rb
149 lines (136 loc) · 4.58 KB
/
sensuctl.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
require File.expand_path(File.join(File.dirname(__FILE__), '..', 'sensuctl'))
Puppet::Type.type(:sensu_ad_auth).provide(:sensuctl, :parent => Puppet::Provider::Sensuctl) do
desc "Provider sensu_ad_auth using sensuctl"
mk_resource_methods
def self.instances
auths = []
data = sensuctl_list('auth', false)
auth_types = sensuctl_auth_types()
data.each do |d|
auth = {}
auth[:ensure] = :present
auth[:name] = d['metadata']['name']
if auth_types[auth[:name]] != 'AD'
next
end
auth[:groups_prefix] = d['groups_prefix']
auth[:username_prefix] = d['username_prefix']
binding = {}
group_search = {}
user_search = {}
servers = []
d['servers'].each do |server|
s = {}
s['host'] = server['host']
s['port'] = server['port']
s['insecure'] = server['insecure']
s['security'] = server['security']
s['trusted_ca_file'] = server['trusted_ca_file']
s['client_cert_file'] = server['client_cert_file']
s['client_key_file'] = server['client_key_file']
binding[s['host']] = server['binding']
group_search[s['host']] = server['group_search']
user_search[s['host']] = server['user_search']
servers << s
end
auth[:servers] = servers
auth[:server_binding] = binding
auth[:server_group_search] = group_search
auth[:server_user_search] = user_search
auths << new(auth)
end
auths
end
def self.prefetch(resources)
auths = instances
resources.keys.each do |name|
if provider = auths.find { |c| c.name == name }
resources[name].provider = provider
end
end
end
def exists?
@property_hash[:ensure] == :present
end
def initialize(value = {})
super(value)
@property_flush = {}
end
type_properties.each do |prop|
define_method "#{prop}=".to_sym do |value|
@property_flush[prop] = value
end
end
def create
spec = {}
metadata = {}
metadata[:name] = resource[:name]
spec[:servers] = []
resource[:servers].each do |server|
host = server['host']
server['binding'] = resource[:server_binding][host] if resource[:server_binding]
server['group_search'] = resource[:server_group_search][host]
server['user_search'] = resource[:server_user_search][host]
spec[:servers] << server
end
spec[:groups_prefix] = resource[:groups_prefix] if resource[:groups_prefix]
spec[:username_prefix] = resource[:username_prefix] if resource[:username_prefix]
begin
sensuctl_create('ad', metadata, spec, 'authentication/v2')
rescue Exception => e
raise Puppet::Error, "sensuctl create #{resource[:name]} failed\nError message: #{e.message}"
end
@property_hash[:ensure] = :present
end
def flush
if !@property_flush.empty?
spec = {}
metadata = {}
metadata[:name] = resource[:name]
spec[:servers] = []
(@property_flush[:servers] || resource[:servers]).each do |server|
host = server['host']
if @property_flush[:server_binding]
server['binding'] = @property_flush[:server_binding][host]
else
server['binding'] = resource[:server_binding][host] if resource[:server_binding]
end
if @property_flush[:server_group_search]
server['group_search'] = @property_flush[:server_group_search][host]
else
server['group_search'] = resource[:server_group_search][host]
end
if @property_flush[:server_user_search]
server['user_search'] = @property_flush[:server_user_search][host]
else
server['user_search'] = resource[:server_user_search][host]
end
spec[:servers] << server
end
if @property_flush[:groups_prefix]
spec[:groups_prefix] = @property_flush[:groups_prefix]
else
spec[:groups_prefix] = resource[:groups_prefix]
end
if @property_flush[:username_prefix]
spec[:username_prefix] = @property_flush[:username_prefix]
else
spec[:username_prefix] = resource[:username_prefix]
end
begin
sensuctl_create('ad', metadata, spec, 'authentication/v2')
rescue Exception => e
raise Puppet::Error, "sensuctl create #{resource[:name]} failed\nError message: #{e.message}"
end
end
@property_hash = resource.to_hash
end
def destroy
begin
sensuctl_delete('auth', resource[:name])
rescue Exception => e
raise Puppet::Error, "sensuctl delete auth #{resource[:name]} failed\nError message: #{e.message}"
end
@property_hash.clear
end
end