stackforge-attic/cookbook-ceph
Code Issues Proposed changes
cookbook-ceph/providers/client.rb
galstrom21 899ec191c9 Normalizing this cookbook 
This cookbook needed to be brought up to the standard of the other
cookbooks in the repo.

* Adding .gitreview
* Normalizing .rubocop.yml
* Normalizing Gemfile
* Normalizing metadata.rb
* Normalizing .gitignore
* Adding specs/ directory and spec_helper.rb
* Fixed all rubocop errors

Change-Id: Ica7c525aae5fbd5c441ce50cff36046c678046d6
Partial-Bug: 1348243
2014-07-24 14:18:31 -05:00

80 lines
2.5 KiB
Ruby
Raw Blame History

# encoding: UTF-8
use_inline_resources
def whyrun_supported?
true
end
action :add do
filename = @current_resource.filename
keyname = @current_resource.keyname
caps = @new_resource.caps.map { |k, v| "#{k} '#{v}'" }.join(' ')
unless @current_resource.caps_match
converge_by("Set caps for #{@new_resource}") do
auth_set_key(keyname, caps)
end
end
file filename do
content file_content
owner 'root'
group 'root'
mode '640'
end
end
def load_current_resource
@current_resource = Chef::Resource::CephClient.new(@new_resource.name)
@current_resource.name(@new_resource.name)
@current_resource.as_keyring(@new_resource.as_keyring)
@current_resource.keyname(@new_resource.keyname || "client.#{current_resource.name}.#{node['hostname']}")
@current_resource.caps(get_caps(@current_resource.keyname))
default_filename = "/etc/ceph/ceph.client.#{@new_resource.name}.#{node['hostname']}.#{@new_resource.as_keyring ? 'keyring' : 'secret'}"
@current_resource.filename(@new_resource.filename || default_filename)
@current_resource.key(get_new_key(@current_resource.keyname))
@current_resource.caps_match = true if @current_resource.caps == @new_resource.caps
end
def file_content
@current_resource.as_keyring ? "[#{@current_resource.keyname}]\n\tkey = #{@current_resource.key}\n" : @current_resource.key
end
def get_new_key(keyname)
cmd = "ceph auth print_key #{keyname}"
Mixlib::ShellOut.new(cmd).run_command.stdout
end
def get_caps(keyname)
caps = {}
cmd = "ceph auth get #{keyname}"
output = Mixlib::ShellOut.new(cmd).run_command.stdout
output.scan(/caps\s*(\S+)\s*=\s*"([^"]*)"/) { |k, v| caps[k] = v }
caps
end
def auth_set_key(keyname, caps) # rubocop:disable MethodLength
# find the monitor secret
mon_secret = ''
mons = get_mon_nodes
if !mons.empty?
mon_secret = mons[0]['ceph']['monitor-secret']
elsif mons.empty? && node['ceph']['monitor-secret']
mon_secret = node['ceph']['monitor-secret']
else
Chef::Log.warn('No monitor secret found')
end
# try to add the key
cmd = "ceph auth get-or-create #{keyname} #{caps} --name mon. --key='#{mon_secret}'"
get_or_create = Mixlib::ShellOut.new(cmd)
get_or_create.run_command
if get_or_create.stderr.scan(/EINVAL.*but cap.*does not match/)
Chef::Log.info('Deleting old key with incorrect caps')
# delete an old key if it exists and is wrong
Mixlib::ShellOut.new("ceph auth del #{keyname}").run_command
# try to create again
get_or_create.run_command
end
get_or_create.error!
end
View Git Blame Copy Permalink