#!/usr/bin/python3 from salt.utils.stringutils import get_diff def fetched(name=None, url="http://pki", username=None, password=None, domains=None, fullcertfile=None, keyfile=None): ret = { 'name': name, 'changes': {}, 'result': False, 'comment': 'Config is not up to date' } currentcert = None currentkey = None domain_concat = ",".join(domains) currentcert = __salt__['pki.get_file_content'](checkfile=fullcertfile) currentkey = __salt__['pki.get_file_content'](checkfile=keyfile) newcert, newkey = __salt__['pki.get_pki_cert'](url=url, username=username, password=password, domains=domain_concat) if currentcert != newcert or currentkey != newkey: if len(newcert) > 10 or len(newkey) > 10: wcert = __salt__['pki.write_file_content'](newcert, fullcertfile) wkey = __salt__['pki.write_file_content'](newkey, keyfile) ret["changes"]["old"] = "\n".join([currentcert, currentkey]) ret["changes"]["new"] = "\n".join([newcert, newkey]) ret["changes"]["diff"] = get_diff(ret["changes"]["old"], ret["changes"]["new"]) ret["comment"] = "Updated certificates and keys" ret["result"] = all([wcert, wkey]) else: ret["comment"] = "Error fetching in certificate / key length" return ret else: ret["comment"] = "Config is good and not changed" ret["result"] = True return ret