adds the ['ssl_cert']['ca_name_symlinks'] attribute.

author whitestar <whitestar@users.osdn.me>

Sat, 11 Nov 2017 04:22:31 +0000 (13:22 +0900)

committer whitestar <whitestar@users.osdn.me>

Sat, 11 Nov 2017 04:22:31 +0000 (13:22 +0900)
author whitestar <whitestar@users.osdn.me>
Sat, 11 Nov 2017 04:22:31 +0000 (13:22 +0900)
committer whitestar <whitestar@users.osdn.me>
Sat, 11 Nov 2017 04:22:31 +0000 (13:22 +0900)
diff --git a/cookbooks/ssl_cert/CHANGELOG.md b/cookbooks/ssl_cert/CHANGELOG.md

index ce61919..7864988 100644 (file)
--- a/cookbooks/ssl_cert/CHANGELOG.md
+++ b/cookbooks/ssl_cert/CHANGELOG.md
@@ -1,6 +1,10 @@
  ssl_cert CHANGELOG
  ==================
  
+0.4.2
+-----
+- adds the `['ssl_cert']['ca_name_symlinks']` attribute.
+
  0.4.1
  -----
  - adds `SSLCert::Helper.append_ca_name` method. 
diff --git a/cookbooks/ssl_cert/README.md b/cookbooks/ssl_cert/README.md

index af50bcf..83f6ca8 100644 (file)
--- a/cookbooks/ssl_cert/README.md
+++ b/cookbooks/ssl_cert/README.md
@@ -32,6 +32,7 @@ This cookbook deploys CA certificates, SSL server keys and/or certificates from
  |Key|Type|Description, example|Default|
  |:--|:--|:--|:--|
  |`['ssl_cert']['ca_names']`|Array|deployed CA certificates from chef-vault|empty|
+|`['ssl_cert']['ca_name_symlinks']`|Hash|Key: ca_name, value: array of symbolic link names to the CA certificate file.|empty|
  |`['ssl_cert']['ca_pubkey_names']`|Array|deployed CA public keys from chef-vault (0.2.0 or later)|empty|
  |`['ssl_cert']['ssh_ca_krl_name']`|String|deployed SSH-CA KRL (Key Revocation List) from chef-vault (0.3.0 or later)|`nil`|
  |`['ssl_cert']['common_names']`|Array|deployed server keys and/or certificates from chef-vault|empty|
diff --git a/cookbooks/ssl_cert/attributes/default.rb b/cookbooks/ssl_cert/attributes/default.rb

index bd76961..567dbd5 100644 (file)
--- a/cookbooks/ssl_cert/attributes/default.rb
+++ b/cookbooks/ssl_cert/attributes/default.rb
@@ -26,6 +26,11 @@ default['ssl_cert']['rhel']['key_access_mode'] = '0400'
  default['ssl_cert']['ca_names'] = [
    #'grid_ca',
  ]
+default['ssl_cert']['ca_name_symlinks'] = {
+  #'grid_ca' => [
+  #  '/path/to/linkname',
+  #],
+}
  
  # deployed CA public keys from chef-vault
  # for SSH-CA, ...
diff --git a/cookbooks/ssl_cert/libraries/helper.rb b/cookbooks/ssl_cert/libraries/helper.rb

index b2d8459..56480c2 100644 (file)
--- a/cookbooks/ssl_cert/libraries/helper.rb
+++ b/cookbooks/ssl_cert/libraries/helper.rb
@@ -172,6 +172,8 @@ module SSLCert
          notifies :run, "execute[#{update_command_name}]", :delayed
        end
  
+      symlinks(node['ssl_cert']['ca_name_symlinks'][ca], cert_path)
+
        case node['platform_family']
        when 'debian'
          execute "add_ca_cert_entry_#{cert_file_name}" do
@@ -194,6 +196,16 @@ module SSLCert
        end
      end
  
+    def symlinks(link_names, target_path)
+      return if link_names.nil?
+
+      link_names.each {|name|
+        link name do
+          to target_path
+        end
+      }
+    end
+
      def ca_pubkey_path(ca)
        undotted_ca = ca.tr('.', '_')
        node['ssl_cert']["#{undotted_ca}_pubkey_path"]
diff --git a/cookbooks/ssl_cert/version b/cookbooks/ssl_cert/version

index 267577d..2b7c5ae 100644 (file)
--- a/cookbooks/ssl_cert/version
+++ b/cookbooks/ssl_cert/version
@@ -1 +1 @@
-0.4.1
+0.4.2
author	whitestar <whitestar@users.osdn.me>
	Sat, 11 Nov 2017 04:22:31 +0000 (13:22 +0900)
committer	whitestar <whitestar@users.osdn.me>
	Sat, 11 Nov 2017 04:22:31 +0000 (13:22 +0900)
cookbooks/ssl_cert/CHANGELOG.md		patch \| blob \| history
cookbooks/ssl_cert/README.md		patch \| blob \| history
cookbooks/ssl_cert/attributes/default.rb		patch \| blob \| history
cookbooks/ssl_cert/libraries/helper.rb		patch \| blob \| history
cookbooks/ssl_cert/version		patch \| blob \| history