Created
January 25, 2022 08:03
-
-
Save tom-krieger/ef2f960b77ad2353323af3196991fc15 to your computer and use it in GitHub Desktop.
Upload new CRL task
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"description": "Upload a new crl file to the Puppet Primary server. The crl file must be provided in PEM format.", | |
"input_method": "environment", | |
"parameters": { | |
"crl_file": { | |
"description": "File with new certificate revolcation lists to upload.", | |
"type": "String[1]" | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
BINDIR=/opt/puppetlabs/bin | |
if [ -x /bin/hostname ] ; then | |
hostcmd='/bin/hostname' | |
else | |
hostcmd='/usr/bin/hostame' | |
fi | |
if ${BINDIR}/puppet config print server | grep -v -q `${hostcmd}`; then | |
echo "This task can only be run on the PE master!"; | |
exit 1 | |
fi | |
crl_file=$PT_crl_file | |
if [ -f "$crl_file" ] ; then | |
type_header='Content-Type: text/plain' | |
cert="$(puppet config print hostcert)" | |
cacert="$(puppet config print localcacert)" | |
key="$(puppet config print hostprivkey)" | |
uri="https://$(puppet config print server):8140/puppet-ca/v1/certificate_revocation_list" | |
curl --insecure --cert "$cert" --cacert "$cacert" --key "$key" \ | |
--header "Content-Type: text/plain" \ | |
--header "Accept: text/plain" \ | |
--request PUT --data-binary "@$crl_file" -v "$uri" | |
echo | |
else | |
echo "The file ${crl_file} is not available or not readable." | |
exit 2 | |
fi | |
exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment