52 lines
1.7 KiB
Python
52 lines
1.7 KiB
Python
#!/usr/bin/python3
|
|
|
|
from salt.utils.stringutils import get_diff
|
|
|
|
|
|
def fetched(name=None,
|
|
url="http://pki",
|
|
username=None,
|
|
password=None,
|
|
domains=None,
|
|
fullcertfile=None,
|
|
keyfile=None):
|
|
|
|
ret = {
|
|
'name': name,
|
|
'changes': {},
|
|
'result': False,
|
|
'comment': 'Config is not up to date'
|
|
}
|
|
|
|
currentcert = None
|
|
currentkey = None
|
|
domain_concat = ",".join(domains)
|
|
|
|
currentcert = __salt__['pki.get_file_content'](checkfile=fullcertfile)
|
|
currentkey = __salt__['pki.get_file_content'](checkfile=keyfile)
|
|
|
|
newcert, newkey = __salt__['pki.get_pki_cert'](url=url,
|
|
username=username,
|
|
password=password,
|
|
domains=domain_concat)
|
|
|
|
if currentcert != newcert or currentkey != newkey:
|
|
if len(newcert) > 10 or len(newkey) > 10:
|
|
wcert = __salt__['pki.write_file_content'](newcert, fullcertfile)
|
|
wkey = __salt__['pki.write_file_content'](newkey, keyfile)
|
|
|
|
ret["changes"]["old"] = "\n".join([currentcert, currentkey])
|
|
ret["changes"]["new"] = "\n".join([newcert, newkey])
|
|
ret["changes"]["diff"] = get_diff(ret["changes"]["old"],
|
|
ret["changes"]["new"])
|
|
ret["comment"] = "Updated certificates and keys"
|
|
ret["result"] = all([wcert, wkey])
|
|
else:
|
|
ret["comment"] = "Error fetching in certificate / key length"
|
|
return ret
|
|
else:
|
|
ret["comment"] = "Config is good and not changed"
|
|
ret["result"] = True
|
|
|
|
return ret
|