This gem lets you drive the Puppet Enterprise RBAC API from the command line or ruby. While you can of-course do the same thing using the pltraining/rbac forge module, this requires that you have:
- Write-access to Puppet's git repository
- Code Manager setup to read from git
- A desire to continually enforce your RBAC changes
Since this is often not the case, this gem provides a command line to do things like reset passwords or setup Code Manager with a single command.
- Setup Code Manager
- Setup Read-only PuppetDB access
- Reset passwords
- Ruby API
Add this line to your application's Gemfile:
gem 'pe_rbac'
And then execute:
$ bundle
Or install it yourself as:
$ gem install pe_rbac
pe_rbac code_manager --password t0ps3cret
Generate a token which can be used to deploy code using Code Manager.
- If you omit
--password
, then a random password will be chosen for you.
# read-only access
pe_rbac puppetdb --password t0ps3cret
# read-write access
pe_rbac puppetdb --allow-write --password t0ps3cret
- If you omit
--password
, then a random password will be chosen for you.
pe_rbac reset_password
Change the password for admin
to changeme
pe_rbac reset_password --username foo --password 12345678
Reset the password for the foo
user to 12345678
- If you omit
--password
, then a random password will be chosen for you.
A Ruby API exists, see code for more info. For the moment this code does what I want, but may extend to cover new features as requred.
RESTCLIENT_LOG=stdout bundle exec pe_rbac
After checking out the repo, run bin/setup
to install dependencies. You can also run bin/console
for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version, update the version number in version.rb
, and then run bundle exec rake release
, which will create a git tag for the version, push git commits and tags, and push the .gem
file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/declarativesystems/pe_rbac.