search

sous-chefs / certificate

Development repository for the certificate cookbook
https://supermarket.chef.io/cookbooks/certificate
73 stars 43 forks source link

Custom data_bag type #48

Closed niven01 closed 9 years ago

niven01 commented 9 years ago

Hi,

I was in the process of writing my own certificate cookbook and one of my colleagues pointed me to yours. I believe he met you recently at a Chef summit or similar. He told me you were keen for the community to contribute.

I have a fairly large PR here with the sole goal of adding the option of a custom data bag. This allows me to handle how I store and retrieve the certificates. I have quite a few scenarios where there is a data bag structure that does not meet your cookbook requirements.

I've written this as a HWRP with multiple providers for each data bag type. I've moved some of the functions into helpers as well as the assessors determining where file should be placed. I've also moved the cert_path decision into a function in helpers.

Have a look and let me know your thoughts on this. I'm keen to keep on using your cookbook but I do need the flexibility of my own data bag structure.

The resource will be as follows:

certificate_manage 'Install certificate' do
  cert_file custom_data_bag['cert_name']
  key_file custom_data_bag['key_name']
  chain_file custom_data_bag['chain_file_bundle']
  cert_file_source custom_data_bag['cert_file_source']
  key_file_source custom_data_bag['key_file_source']
  chain_file_source custom_data_bag['chain_file_source']
  data_bag_type 'custom'
end

I've also added a remove action to delete certificates

martinb3 commented 9 years ago

:+1: I like that you can how hand the resource a plain text cert from a string.

niven01 commented 9 years ago

I just want to add that I'm conscious this is essentially a rewrite I've just landed on your lap. That wasn't my goal when I set out (although its mostly your code just moved around a bit)

Anyway, I'm not precious about this PR and if you are not happy with the idea of HWRP or want this to perhaps be split into smaller PR's let me know.

But of course this depends on if you agree with the idea of a custom data bag type allowing the user to decide on data bag structure or to even pass it in in plain text if they want?

niven01 commented 9 years ago

After sleeping on this I've had a total rethink on this PR and decided It's over complicated for what I'm trying to achieve.

I've rewritten it and currently testing so will submit a new PR