paulbsd-salt/states/_states/pki.py

#!/usr/bin/python3

from salt.utils.stringutils import get_diff


def fetched(name=None,
            url="http://pki",
            username=None,
            password=None,
            domains=None,
            certfile=None,
            fullcertfile=None,
            keyfile=None):

    ret = {
        'name': name,
        'changes': {},
        'result': False,
        'comment': 'Config is not up to date'
    }

    currentcert = None
    currentkey = None
    domain_concat = ",".join(domains)

    currentcert = __salt__['pki.get_file_content'](checkfile=certfile)
    currentkey = __salt__['pki.get_file_content'](checkfile=keyfile)
    currentfullcert = __salt__['pki.get_file_content'](checkfile=fullcertfile)

    newcert, newkey = __salt__['pki.get_pki_cert'](url=url,
                                                   username=username,
                                                   password=password,
                                                   domains=domain_concat)
    newfullcert = f"{newcert}\n\n{newkey}"

    if all([newcert,newkey,newfullcert]):
        if currentcert != newcert or currentkey != newkey or currentfullcert != newfullcert:
            wcert = __salt__['pki.write_file_content'](newcert, certfile)
            wkey = __salt__['pki.write_file_content'](newkey, keyfile)
            wfullcert = __salt__['pki.write_file_content'](newfullcert, fullcertfile)

            if currentcert and currentkey:
                ret["changes"]["old"] = "\n".join([currentcert, currentkey])
            else:
                ret["changes"]["old"] = ""
            ret["changes"]["new"] = "\n".join([newcert, newkey])
            ret["changes"]["diff"] = get_diff(ret["changes"]["old"],
                                              ret["changes"]["new"])
            ret["comment"] = "Updated certificates and keys"
            ret["result"] = all([wcert, wkey, wfullcert])
        else:
            ret["comment"] = "Config is good and not changed"
            ret["result"] = True
    else:
        ret["comment"] = "Error fetching in certificate / key length"
        return ret

    return ret
updated molotov state 2021-07-11 17:37:42 +02:00			`#!/usr/bin/python3`

updated acme state 2021-07-18 10:02:15 +02:00			`from salt.utils.stringutils import get_diff`


updated molotov state 2021-07-11 17:37:42 +02:00			`def fetched(name=None,`
updated code security in pki state 2021-09-25 17:17:29 +02:00			`url="http://pki",`
			`username=None,`
			`password=None,`
			`domains=None,`
updated acme state 2022-10-01 20:10:31 +02:00			`certfile=None,`
updated code security in pki state 2021-09-25 17:17:29 +02:00			`fullcertfile=None,`
			`keyfile=None):`
updated molotov state 2021-07-11 17:37:42 +02:00
			`ret = {`
			`'name': name,`
			`'changes': {},`
			`'result': False,`
updated acme state 2021-07-18 10:02:15 +02:00			`'comment': 'Config is not up to date'`
updated molotov state 2021-07-11 17:37:42 +02:00			`}`

			`currentcert = None`
			`currentkey = None`
updated acme state 2021-07-18 10:02:15 +02:00			`domain_concat = ",".join(domains)`
updated molotov state 2021-07-11 17:37:42 +02:00
updated acme state 2022-10-01 20:10:31 +02:00			`currentcert = __salt__['pki.get_file_content'](checkfile=certfile)`
updated molotov state 2021-07-11 17:37:42 +02:00			`currentkey = __salt__['pki.get_file_content'](checkfile=keyfile)`
updated acme state 2022-10-23 16:39:33 +02:00			`currentfullcert = __salt__['pki.get_file_content'](checkfile=fullcertfile)`
updated molotov state 2021-07-11 17:37:42 +02:00
			`newcert, newkey = __salt__['pki.get_pki_cert'](url=url,`
			`username=username,`
			`password=password,`
			`domains=domain_concat)`
updated acme state 2022-10-01 20:10:31 +02:00			`newfullcert = f"{newcert}\n\n{newkey}"`
updated molotov state 2021-07-11 17:37:42 +02:00
updated acme state 2022-10-23 16:39:33 +02:00			`if all([newcert,newkey,newfullcert]):`
fixed bug in pki.py state module 2022-11-08 11:08:12 +01:00			`if currentcert != newcert or currentkey != newkey or currentfullcert != newfullcert:`
updated acme state 2022-10-01 20:10:31 +02:00			`wcert = __salt__['pki.write_file_content'](newcert, certfile)`
updated code security in pki state 2021-09-25 17:17:29 +02:00			`wkey = __salt__['pki.write_file_content'](newkey, keyfile)`
updated acme state 2022-10-01 20:10:31 +02:00			`wfullcert = __salt__['pki.write_file_content'](newfullcert, fullcertfile)`
updated code security in pki state 2021-09-25 17:17:29 +02:00
updated acme state 2022-10-01 20:10:31 +02:00			`if currentcert and currentkey:`
			`ret["changes"]["old"] = "\n".join([currentcert, currentkey])`
			`else:`
			`ret["changes"]["old"] = ""`
updated code security in pki state 2021-09-25 17:17:29 +02:00			`ret["changes"]["new"] = "\n".join([newcert, newkey])`
			`ret["changes"]["diff"] = get_diff(ret["changes"]["old"],`
			`ret["changes"]["new"])`
			`ret["comment"] = "Updated certificates and keys"`
updated acme state 2022-10-01 20:10:31 +02:00			`ret["result"] = all([wcert, wkey, wfullcert])`
updated code security in pki state 2021-09-25 17:17:29 +02:00			`else:`
updated scripts 2021-10-02 12:39:16 +02:00			`ret["comment"] = "Config is good and not changed"`
			`ret["result"] = True`
updated acme state 2021-07-18 10:02:15 +02:00			`else:`
updated scripts 2021-10-02 12:39:16 +02:00			`ret["comment"] = "Error fetching in certificate / key length"`
			`return ret`
updated molotov state 2021-07-11 17:37:42 +02:00
			`return ret`