|
4 | 4 | # |
5 | 5 | # rubocop:disable Style/GlobalVars |
6 | 6 | require 'net/https' |
7 | | -require 'uri' |
8 | 7 | require 'json' |
9 | 8 | require 'fileutils' |
| 9 | +require 'puppet' |
10 | 10 |
|
11 | 11 | # Parameters expected: |
12 | 12 | # Hash |
13 | 13 | # String password |
14 | 14 | $params = JSON.parse(STDIN.read) |
15 | 15 |
|
16 | | -uri = URI.parse('https://localhost:4433/rbac-api/v1/auth/token') |
| 16 | +Puppet.initialize_settings |
| 17 | + |
17 | 18 | body = { |
18 | 19 | 'login' => 'admin', |
19 | 20 | 'password' => $params['password'], |
20 | 21 | 'lifetime' => $params['token_lifetime'], |
21 | 22 | 'label' => 'provision-time token', |
22 | 23 | }.to_json |
23 | 24 |
|
24 | | -http = Net::HTTP.new(uri.host, uri.port) |
25 | | -http.use_ssl = true |
26 | | -http.verify_mode = OpenSSL::SSL::VERIFY_NONE |
27 | | -request = Net::HTTP::Post.new(uri.request_uri) |
| 25 | +https. = Net::HTTP.new(Puppet.settings[:certname], 4433) |
| 26 | +https..use_ssl = true |
| 27 | +https..cert = OpenSSL::X509::Certificate.new(File.read(Puppet.settings[:hostcert])) |
| 28 | +https..key = OpenSSL::PKey::RSA.new(File.read(Puppet.settings[:hostprivkey])) |
| 29 | +https..verify_mode = OpenSSL::SSL::VERIFY_PEER |
| 30 | +https..ca_file = Puppet.settings[:localcacert] |
| 31 | +request = Net::https.:Post.new('/rbac-api/v1/auth/token') |
28 | 32 | request['Content-Type'] = 'application/json' |
29 | 33 | request.body = body |
30 | 34 |
|
31 | | -response = http.request(request) |
32 | | -raise "Error requesting token, #{response.body}" unless response.is_a? Net::HTTPSuccess |
| 35 | +response = https.request(request) |
| 36 | +raise "Error requesting token, #{response.body}" unless response.is_a? Net::https.success |
33 | 37 | token = JSON.parse(response.body)['token'] |
34 | 38 |
|
35 | 39 | FileUtils.mkdir_p('/root/.puppetlabs') |
|
0 commit comments