Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ACL fixes - idempotentcy and port bug. #214

Merged
merged 2 commits into from
Jan 8, 2016
Merged

ACL fixes - idempotentcy and port bug. #214

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
2ae5c41
ACL fixes - idempotency and port bug.
sigerber Jan 6, 2016
13b4f61
Merge remote-tracking branch 'github/master'
sigerber Jan 8, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 32 additions & 12 deletions lib/puppet/provider/consul_acl/default.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,35 @@
) do
mk_resource_methods

def self.list_resources(acl_api_token)
def self.prefetch(resources)
resources.each do |name, resource|
Puppet.debug("prefetching for #{name}")
port = resource[:port]
token = resource[:acl_api_token]

found_acls = list_resources(token, port).select do |acl|
acl[:name] == name
end

found_acl = found_acls.first || nil
if found_acl
Puppet.debug("found #{found_acl}")
resource.provider = new(found_acl)
else
Puppet.debug("found none #{name}")
resource.provider = new({:ensure => :absent})
end
end
end

def self.list_resources(acl_api_token, port)
if @acls
return @acls
end

# this might be configurable by searching /etc/consul.d
# but would break for anyone using nonstandard paths
uri = URI("http://localhost:#{@resource[:port]}/v1/acl")
uri = URI("http://localhost:#{port}/v1/acl")
http = Net::HTTP.new(uri.host, uri.port)

path=uri.request_uri + "/list?token=#{acl_api_token}"
Expand Down Expand Up @@ -61,17 +82,13 @@ def put_acl(method,body)
end
end

def get_resource_id(name)
def get_resource(name, port)
acl_api_token = @resource[:acl_api_token]
resources = self.class.list_resources(acl_api_token).select do |res|
resources = self.class.list_resources(acl_api_token, port).select do |res|
res[:name] == name
end
# if the user creates multiple with the same name this will do odd things
if resources.first
return resources.first[:id]
else
return nil
end
resources.first || nil
end

def initialize(value={})
Expand Down Expand Up @@ -99,8 +116,10 @@ def flush
rules = ""
end
type = @resource[:type]
id = @resource[:id]
if id
port = @resource[:port]
acl = self.get_resource(name, port)
if acl
id = acl[:id]
if @property_flush[:ensure] == :absent
put_acl("destroy/#{id}", nil)
return
Expand All @@ -111,10 +130,11 @@ def flush
"rules" => "#{rules}" })

else
put_acl('create', { "id" => "#{id}",
put_acl('create', { "id" => "#{@resource[:id]}",
"name" => "#{name}",
"type" => "#{type}",
"rules" => "#{rules}" })
end
@property_hash.clear
end
end
4 changes: 2 additions & 2 deletions lib/puppet/type/consul_acl.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
defaultto 'client'
end

newproperty(:acl_api_token) do
newparam(:acl_api_token) do
desc 'Token for accessing the ACL API'
validate do |value|
raise ArgumentError, "ACL API token must be a string" if not value.is_a?(String)
Expand All @@ -38,7 +38,7 @@
desc 'ID of token'
end

newproperty(:port) do
newparam(:port) do
desc 'consul port'
defaultto 8500
validate do |value|
Expand Down