diff options
author | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-03-19 16:02:30 +0100 |
---|---|---|
committer | Ismaël Bouya <ismael.bouya@normalesup.org> | 2018-03-19 16:10:18 +0100 |
commit | e8493916ff6e957c752df1cfc1789844c426d987 (patch) | |
tree | 1cdabf5c650331e14ff4df2dd4e3b85b719b9cb8 | |
parent | c443842eae41fb28d5608acfd303106e5f24798a (diff) | |
download | Puppet-e8493916ff6e957c752df1cfc1789844c426d987.tar.gz Puppet-e8493916ff6e957c752df1cfc1789844c426d987.tar.zst Puppet-e8493916ff6e957c752df1cfc1789844c426d987.zip |
Add ldap backend for hiera lookup
-rw-r--r-- | environments/hiera.yaml | 3 | ||||
-rw-r--r-- | modules/base_installation/lib/puppet/functions/ldap_data.rb | 46 |
2 files changed, 49 insertions, 0 deletions
diff --git a/environments/hiera.yaml b/environments/hiera.yaml index 5a9a6d6..eda5eb3 100644 --- a/environments/hiera.yaml +++ b/environments/hiera.yaml | |||
@@ -9,6 +9,9 @@ hierarchy: | |||
9 | - name: "Initialization variables" | 9 | - name: "Initialization variables" |
10 | path: "/root/puppet_variables.json" | 10 | path: "/root/puppet_variables.json" |
11 | 11 | ||
12 | - name: "Puppet ldap variables" | ||
13 | data_hash: ldap_data | ||
14 | |||
12 | - name: "Per-role environment data" | 15 | - name: "Per-role environment data" |
13 | mapped_paths: [ldapvar.self.vars.roles, role, "roles/%{role}.yaml"] | 16 | mapped_paths: [ldapvar.self.vars.roles, role, "roles/%{role}.yaml"] |
14 | 17 | ||
diff --git a/modules/base_installation/lib/puppet/functions/ldap_data.rb b/modules/base_installation/lib/puppet/functions/ldap_data.rb new file mode 100644 index 0000000..ff8d779 --- /dev/null +++ b/modules/base_installation/lib/puppet/functions/ldap_data.rb | |||
@@ -0,0 +1,46 @@ | |||
1 | require 'json' | ||
2 | |||
3 | Puppet::Functions.create_function(:ldap_data) do | ||
4 | dispatch :ldap_data do | ||
5 | param 'Hash', :options | ||
6 | param 'Puppet::LookupContext', :context | ||
7 | end | ||
8 | |||
9 | def ldap_data(options, context) | ||
10 | begin | ||
11 | require 'ldap' | ||
12 | require 'puppet/util/ldap/connection' | ||
13 | rescue | ||
14 | context.not_found | ||
15 | return | ||
16 | end | ||
17 | |||
18 | if !context.cache_has_key("ldap_lookup") | ||
19 | begin | ||
20 | conn = Puppet::Util::Ldap::Connection.instance | ||
21 | conn.start | ||
22 | connection = conn.connection | ||
23 | rescue ::LDAP::ResultError => e | ||
24 | raise Puppet::ParseError, ("ldapquery(): LDAP ResultError - #{e.message}") | ||
25 | end | ||
26 | |||
27 | host = Facter.value('ec2_metadata')["hostname"] | ||
28 | base = Puppet[:ldapbase] | ||
29 | scope = ::LDAP::LDAP_SCOPE_SUBTREE | ||
30 | filter = "(objectclass=*)" | ||
31 | |||
32 | data = {} | ||
33 | connection.search(base, scope, filter) do |entry| | ||
34 | data_ = entry.to_hash | ||
35 | jsons = data_["immaePuppetJson"] || [] | ||
36 | jsons.each do |json| | ||
37 | data.merge!(JSON.parse(json)) | ||
38 | end | ||
39 | end | ||
40 | |||
41 | context.cache("ldap_lookup", data) | ||
42 | end | ||
43 | |||
44 | context.cached_value("ldap_lookup") | ||
45 | end | ||
46 | end | ||