From 7422d76d52f4e22b36e58489cf2e8c239626255b Mon Sep 17 00:00:00 2001 From: Roland Moriz Date: Tue, 4 Apr 2017 10:51:38 +0200 Subject: [PATCH] compatibility with certificate cookbook --- resources/persistence.rb | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/resources/persistence.rb b/resources/persistence.rb index a113b3b..18da30d 100644 --- a/resources/persistence.rb +++ b/resources/persistence.rb @@ -23,17 +23,19 @@ end data = { - 'id' => cn, - 'alt_names' => alt_names, + 'id' => cn, + 'alt_names' => alt_names, + 'created_by' => node['fqdn'], + 'created_at' => Time.now } + # 'key', 'cert', 'chain' are also used in the data bag format used by + # https://github.com/atomic-penguin/cookbook-certificate/blob/master/providers/manage.rb data['key'] = ::File.read(new_resource.key) if new_resource.key - data['crt'] = ::File.read(new_resource.crt) if new_resource.crt + data['cert'] = ::File.read(new_resource.crt) if new_resource.crt data['chain'] = ::File.read(new_resource.chain) if new_resource.chain - data['fullchain'] = ::File.read(new_resource.fullchain) if new_resource.fullchain - data['created_by'] = node['fqdn'] - data['created_at'] = Time.now + data['fullchain'] = ::File.read(new_resource.fullchain) if new_resource.fullchain chef_data_bag_item "#{data_bag_name}/#{cn}" do raw_data data @@ -89,7 +91,7 @@ def self_signed?(cert) end def item_newer?(item, existing_cert) - item_cert = ::OpenSSL::X509::Certificate.new item['crt'] if item['crt'] + item_cert = ::OpenSSL::X509::Certificate.new item['cert'] if item['cert'] item_cert ||= ::OpenSSL::X509::Certificate.new item['fullchain'] if item['fullchain'] item_cert.not_before > existing_cert.not_before rescue OpenSSL::X509::CertificateError => e @@ -112,10 +114,10 @@ def render_to_files(item) owner new_resource.owner group new_resource.group mode 00644 - content item['crt'] + content item['cert'] action :create - only_if { !!item['crt'] } + only_if { !!item['cert'] } end file "acme_store: #{new_resource.cn} SSL fullchain" do