|
|
@@ -37,6 +37,9 @@ class FilterModule(object):
|
|
|
def get_attr(data, attribute=None):
|
|
|
""" This looks up dictionary attributes of the form a.b.c and returns
|
|
|
the value.
|
|
|
+
|
|
|
+ If the key isn't present, None is returned.
|
|
|
+
|
|
|
Ex: data = {'a': {'b': {'c': 5}}}
|
|
|
attribute = "a.b.c"
|
|
|
returns 5
|
|
|
@@ -46,7 +49,11 @@ class FilterModule(object):
|
|
|
|
|
|
ptr = data
|
|
|
for attr in attribute.split('.'):
|
|
|
- ptr = ptr[attr]
|
|
|
+ if attr in ptr:
|
|
|
+ ptr = ptr[attr]
|
|
|
+ else:
|
|
|
+ ptr = None
|
|
|
+ break
|
|
|
|
|
|
return ptr
|
|
|
|
|
|
@@ -138,6 +145,7 @@ class FilterModule(object):
|
|
|
else:
|
|
|
retval = [FilterModule.get_attr(d, attribute) for d in data]
|
|
|
|
|
|
+ retval = [val for val in retval if val != None]
|
|
|
return retval
|
|
|
|
|
|
@staticmethod
|
|
|
@@ -474,16 +482,20 @@ class FilterModule(object):
|
|
|
""" Parses names from list of certificate hashes.
|
|
|
|
|
|
Ex: certificates = [{ "certfile": "/root/custom1.crt",
|
|
|
- "keyfile": "/root/custom1.key" },
|
|
|
+ "keyfile": "/root/custom1.key",
|
|
|
+ "cafile": "/root/custom-ca1.crt" },
|
|
|
{ "certfile": "custom2.crt",
|
|
|
- "keyfile": "custom2.key" }]
|
|
|
+ "keyfile": "custom2.key",
|
|
|
+ "cafile": "custom-ca2.crt" }]
|
|
|
|
|
|
returns [{ "certfile": "/etc/origin/master/named_certificates/custom1.crt",
|
|
|
"keyfile": "/etc/origin/master/named_certificates/custom1.key",
|
|
|
+ "cafile": "/etc/origin/master/named_certificates/custom-ca1.crt",
|
|
|
"names": [ "public-master-host.com",
|
|
|
"other-master-host.com" ] },
|
|
|
{ "certfile": "/etc/origin/master/named_certificates/custom2.crt",
|
|
|
"keyfile": "/etc/origin/master/named_certificates/custom2.key",
|
|
|
+ "cafile": "/etc/origin/master/named_certificates/custom-ca-2.crt",
|
|
|
"names": [ "some-hostname.com" ] }]
|
|
|
"""
|
|
|
if not isinstance(named_certs_dir, basestring):
|
|
|
@@ -514,17 +526,20 @@ class FilterModule(object):
|
|
|
raise errors.AnsibleFilterError(("|failed to parse certificate '%s', " % certificate['certfile'] +
|
|
|
"please specify certificate names in host inventory"))
|
|
|
|
|
|
- certificate['names'] = [name for name in certificate['names'] if name not in internal_hostnames]
|
|
|
- certificate['names'] = list(set(certificate['names']))
|
|
|
- if not certificate['names']:
|
|
|
- raise errors.AnsibleFilterError(("|failed to parse certificate '%s' or " % certificate['certfile'] +
|
|
|
- "detected a collision with internal hostname, please specify " +
|
|
|
- "certificate names in host inventory"))
|
|
|
+ if 'cafile' not in certificate:
|
|
|
+ certificate['names'] = [name for name in certificate['names'] if name not in internal_hostnames]
|
|
|
+ certificate['names'] = list(set(certificate['names']))
|
|
|
+ if not certificate['names']:
|
|
|
+ raise errors.AnsibleFilterError(("|failed to parse certificate '%s' or " % certificate['certfile'] +
|
|
|
+ "detected a collision with internal hostname, please specify " +
|
|
|
+ "certificate names in host inventory"))
|
|
|
|
|
|
for certificate in certificates:
|
|
|
# Update paths for configuration
|
|
|
certificate['certfile'] = os.path.join(named_certs_dir, os.path.basename(certificate['certfile']))
|
|
|
certificate['keyfile'] = os.path.join(named_certs_dir, os.path.basename(certificate['keyfile']))
|
|
|
+ if 'cafile' in certificate:
|
|
|
+ certificate['cafile'] = os.path.join(named_certs_dir, os.path.basename(certificate['cafile']))
|
|
|
return certificates
|
|
|
|
|
|
@staticmethod
|
Andrew Butcher