thr3ads.net - Puppet users - [Puppet Users] emulate "puppet cert clean" via API... [Apr 2014]

If this information is useful, please help other people find it:
Share via:
Matthew Nicholson
2014-Apr-25 21:09 UTC
[Puppet Users] emulate "puppet cert clean" via API...

I'm looking to emulate "puppet cert clean <certname>" via
the REST API...

Up until now our puppet CA has lived on the same host as out cobbler
installation, letting me have triggers in cobbler to clean certs when we
rebuild hosts.  its been VERY handy.

Now we're splitting the two up, and I'm looking to do the same via the
REST
API, to avoid some ssh-via-key-hackery.


I can revoke a cert seemingly fine:
matt at Matthews-iMac in ~
$ curl -k -X PUT -H "Content-Type: text/pson" --data
'{"desired_state":"revoked"}'
https://provisions:8140/production/certificate_status/<CERTNAME>
null%

(i then check and see that cert as revoked)

But then trying to actually delete the cert (so that the client can
regenerate and be autosigned when it does its first run, which we do IN
kickstart) fails:

matt at Matthews-iMac in ~
$ curl -k -X DELETE -H "Accept: pson"
https://provisions:8140/production/certificate_status/CERTNAME
{"stacktrace":["/usr/lib/ruby/site_ruby/1.8/puppet/network/http/route.rb:72:in
`process'","/usr/lib/ruby/site_ruby/1.8/puppet/network/http/handler.rb:63:in
`process'","/usr/lib/ruby/site_ruby/1.8/puppet/util/profiler/none.rb:6:in
`profile'","/usr/lib/ruby/site_ruby/1.8/puppet/util/profiler.rb:43:in
`profile'","/usr/lib/ruby/site_ruby/1.8/puppet/network/http/handler.rb:61:in
`process'","/usr/lib/ruby/site_ruby/1.8/puppet/network/http/rack.rb:21:in
`call'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/rack/request_handler.rb:96:in
`process_request'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/abstract_request_handler.rb:513:in
`accept_and_process_next_request'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/abstract_request_handler.rb:274:in
`main_loop'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/rack/application_spawner.rb:205:in
`start_request_handler'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/rack/application_spawner.rb:170:in
`send'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/rack/application_spawner.rb:170:in
`handle_spawn_application'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/utils.rb:479:in
`safe_fork'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/rack/application_spawner.rb:165:in
`handle_spawn_application'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/abstract_server.rb:357:in
`__send__'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/abstract_server.rb:357:in
`server_main_loop'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/abstract_server.rb:206:in
`start_synchronously'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/abstract_server.rb:180:in
`start'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/rack/application_spawner.rb:128:in
`start'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/spawn_manager.rb:253:in
`spawn_rack_application'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/abstract_server_collection.rb:132:in
`lookup_or_add'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/spawn_manager.rb:246:in
`spawn_rack_application'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/abstract_server_collection.rb:82:in
`synchronize'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/abstract_server_collection.rb:79:in
`synchronize'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/spawn_manager.rb:244:in
`spawn_rack_application'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/spawn_manager.rb:137:in
`spawn_application'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/spawn_manager.rb:275:in
`handle_spawn_application'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/abstract_server.rb:357:in
`__send__'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/abstract_server.rb:357:in
`server_main_loop'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/lib/phusion_passenger/abstract_server.rb:206:in
`start_synchronously'","/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.7/helper-scripts/passenger-spawn-server:99"],"issue_kind":"RUNTIME_ERROR","message":"Server
Error: undefined method `each' for nil:NilClass"}%


our passenger setup isn't anything exotic...

Anyone have any thoughts/ideas? I'll also take implementation idea for how
to do this from a remote system (just one), in other ways...


-- 
Matthew Nicholson

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CA%2BnEbkYj4q4K3stdvHO2OaT9MWc1A%2Bg%3DtZ%2BLkkyG6hRMgOFrBQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Puppet users - Apr 2014 - emulate "puppet cert clean" via API...

[Puppet Users] emulate "puppet cert clean" via API...
