aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2018-03-19 16:02:30 +0100
committerIsmaël Bouya <ismael.bouya@normalesup.org>2018-03-19 16:10:18 +0100
commite8493916ff6e957c752df1cfc1789844c426d987 (patch)
tree1cdabf5c650331e14ff4df2dd4e3b85b719b9cb8
parentc443842eae41fb28d5608acfd303106e5f24798a (diff)
downloadPuppet-e8493916ff6e957c752df1cfc1789844c426d987.tar.gz
Puppet-e8493916ff6e957c752df1cfc1789844c426d987.tar.zst
Puppet-e8493916ff6e957c752df1cfc1789844c426d987.zip
Add ldap backend for hiera lookup
-rw-r--r--environments/hiera.yaml3
-rw-r--r--modules/base_installation/lib/puppet/functions/ldap_data.rb46
2 files changed, 49 insertions, 0 deletions
diff --git a/environments/hiera.yaml b/environments/hiera.yaml
index 5a9a6d6..eda5eb3 100644
--- a/environments/hiera.yaml
+++ b/environments/hiera.yaml
@@ -9,6 +9,9 @@ hierarchy:
9 - name: "Initialization variables" 9 - name: "Initialization variables"
10 path: "/root/puppet_variables.json" 10 path: "/root/puppet_variables.json"
11 11
12 - name: "Puppet ldap variables"
13 data_hash: ldap_data
14
12 - name: "Per-role environment data" 15 - name: "Per-role environment data"
13 mapped_paths: [ldapvar.self.vars.roles, role, "roles/%{role}.yaml"] 16 mapped_paths: [ldapvar.self.vars.roles, role, "roles/%{role}.yaml"]
14 17
diff --git a/modules/base_installation/lib/puppet/functions/ldap_data.rb b/modules/base_installation/lib/puppet/functions/ldap_data.rb
new file mode 100644
index 0000000..ff8d779
--- /dev/null
+++ b/modules/base_installation/lib/puppet/functions/ldap_data.rb
@@ -0,0 +1,46 @@
1require 'json'
2
3Puppet::Functions.create_function(:ldap_data) do
4 dispatch :ldap_data do
5 param 'Hash', :options
6 param 'Puppet::LookupContext', :context
7 end
8
9 def ldap_data(options, context)
10 begin
11 require 'ldap'
12 require 'puppet/util/ldap/connection'
13 rescue
14 context.not_found
15 return
16 end
17
18 if !context.cache_has_key("ldap_lookup")
19 begin
20 conn = Puppet::Util::Ldap::Connection.instance
21 conn.start
22 connection = conn.connection
23 rescue ::LDAP::ResultError => e
24 raise Puppet::ParseError, ("ldapquery(): LDAP ResultError - #{e.message}")
25 end
26
27 host = Facter.value('ec2_metadata')["hostname"]
28 base = Puppet[:ldapbase]
29 scope = ::LDAP::LDAP_SCOPE_SUBTREE
30 filter = "(objectclass=*)"
31
32 data = {}
33 connection.search(base, scope, filter) do |entry|
34 data_ = entry.to_hash
35 jsons = data_["immaePuppetJson"] || []
36 jsons.each do |json|
37 data.merge!(JSON.parse(json))
38 end
39 end
40
41 context.cache("ldap_lookup", data)
42 end
43
44 context.cached_value("ldap_lookup")
45 end
46end