Puppet Function: cd4peadm::write_new_certs_to_hiera

Defined in:
functions/write_new_certs_to_hiera.pp
Function type:
Puppet Language

Overview

cd4peadm::write_new_certs_to_hiera(Hash $old_config, String $hiera_data_file_path, String $pkcs7_public_key_path)Any

Parameters:

  • old_config (Hash)

    data loaded from the Hiera config. Might not contain cert keys, which is why we cannot explicitly require the ‘Hiera_config` type.

  • hiera_data_file_path (String)

    the path to CD4PE’s Hiera config file.

  • pkcs7_public_key_path (String)

    path to the key used to encrypt hiera-eymal data.

Returns:

  • (Any) 


5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
# File 'functions/write_new_certs_to_hiera.pp', line 5

function cd4peadm::write_new_certs_to_hiera(
  Hash $old_config,
  String $hiera_data_file_path,
  String $pkcs7_public_key_path,
) {
  $ssl_objects = cd4peadm::generate_cert_chain($old_config['resolvable_hostname'])

  $new_config = deep_merge($old_config,
  {
    ssl_cert_chain      => $ssl_objects['cert_chain'],
    ssl_crl             => $ssl_objects['crl'],
    ssl_private_key     => regsubst(
      cd4peadm::encrypt(Sensitive($ssl_objects['private_key']), $pkcs7_public_key_path),
      '\n', ' ', 'MG'
    ),
  })

  cd4peadm::save_yaml_file({ 'cd4peadm::config' => $new_config }, $hiera_data_file_path)
  out::message("Saved Hiera config file to ${hiera_data_file_path}")
}