From e8493916ff6e957c752df1cfc1789844c426d987 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Mon, 19 Mar 2018 16:02:30 +0100
Subject: [PATCH] Add ldap backend for hiera lookup

---
 environments/hiera.yaml                       |  3 ++
 .../lib/puppet/functions/ldap_data.rb         | 46 +++++++++++++++++++
 2 files changed, 49 insertions(+)
 create mode 100644 modules/base_installation/lib/puppet/functions/ldap_data.rb

diff --git a/environments/hiera.yaml b/environments/hiera.yaml
index 5a9a6d6..eda5eb3 100644
--- a/environments/hiera.yaml
+++ b/environments/hiera.yaml
@@ -9,6 +9,9 @@ hierarchy:
   - name: "Initialization variables"
     path: "/root/puppet_variables.json"
 
+  - name: "Puppet ldap variables"
+    data_hash: ldap_data
+
   - name: "Per-role environment data"
     mapped_paths: [ldapvar.self.vars.roles, role, "roles/%{role}.yaml"]
 
diff --git a/modules/base_installation/lib/puppet/functions/ldap_data.rb b/modules/base_installation/lib/puppet/functions/ldap_data.rb
new file mode 100644
index 0000000..ff8d779
--- /dev/null
+++ b/modules/base_installation/lib/puppet/functions/ldap_data.rb
@@ -0,0 +1,46 @@
+require 'json'
+
+Puppet::Functions.create_function(:ldap_data) do
+  dispatch :ldap_data do
+    param 'Hash', :options
+    param 'Puppet::LookupContext', :context
+  end
+
+  def ldap_data(options, context)
+    begin
+      require 'ldap'
+      require 'puppet/util/ldap/connection'
+    rescue
+      context.not_found
+      return
+    end
+
+    if !context.cache_has_key("ldap_lookup")
+      begin
+        conn = Puppet::Util::Ldap::Connection.instance
+        conn.start
+        connection = conn.connection
+      rescue ::LDAP::ResultError => e
+        raise Puppet::ParseError, ("ldapquery(): LDAP ResultError - #{e.message}")
+      end
+
+      host = Facter.value('ec2_metadata')["hostname"]
+      base = Puppet[:ldapbase]
+      scope  = ::LDAP::LDAP_SCOPE_SUBTREE
+      filter = "(objectclass=*)"
+
+      data = {}
+      connection.search(base, scope, filter) do |entry|
+        data_ = entry.to_hash
+        jsons = data_["immaePuppetJson"] || []
+        jsons.each do |json|
+          data.merge!(JSON.parse(json))
+        end
+      end
+
+      context.cache("ldap_lookup", data)
+    end
+
+    context.cached_value("ldap_lookup")
+  end
+end
-- 
2.41.0