Class: Puppet::Provider::ElasticUserCommand

Inherits:

Puppet::Provider

• Object
• Puppet::Provider
• Puppet::Provider::ElasticUserCommand

Defined in:

lib/puppet/provider/elastic_user_command.rb

Overview

Parent provider for Elasticsearch Shield/X-Pack file-based user management tools.

Instance Attribute Summary

• #homedir ⇒ Object

  Returns the value of attribute homedir.

Class Method Summary

• .command_with_path(args, configdir = nil) ⇒ Object

  Run the user management command with specified tool arguments.

• .fetch_users ⇒ Object

  Gather local file-based users into an array of Hash objects.

• .homedir ⇒ Object

  Elasticsearch’s home directory.

• .instances ⇒ Object

  Fetch an array of provider objects from the the list of local users.

• .prefetch(resources) ⇒ Object

  Generic prefetch boilerplate.

Instance Method Summary

• #create ⇒ Object

  Set this provider’s ‘:ensure` property to `:present`.

• #destroy ⇒ Object

  Set this provider’s ‘:ensure` property to `:absent`.

• #exists? ⇒ Boolean
• #flush ⇒ Object

  Enforce the desired state for this user on-disk.

• #initialize(value = {}) ⇒ ElasticUserCommand constructor

  A new instance of ElasticUserCommand.

• #passwd ⇒ Object

  Manually set this user’s password.

Constructor Details

#initialize(value = {}) ⇒ ElasticUserCommand

Returns a new instance of ElasticUserCommand.

# File 'lib/puppet/provider/elastic_user_command.rb', line 81

def initialize(value = {})
  super(value)
  @property_flush = {}
end

Instance Attribute Details

#homedir ⇒ Object

Returns the value of attribute homedir.

# File 'lib/puppet/provider/elastic_user_command.rb', line 6

def homedir
  @homedir
end

Class Method Details

.command_with_path(args, configdir = nil) ⇒ Object

Run the user management command with specified tool arguments.

# File 'lib/puppet/provider/elastic_user_command.rb', line 21

def self.command_with_path(args, configdir = nil)
  options = {
    combine: true,
    custom_environment: {
      'ES_PATH_CONF' => configdir || '/etc/elasticsearch'
    },
    failonfail: true
  }

  execute(
    [command(:users_cli)] + (args.is_a?(Array) ? args : [args]),
    options
  )
end

.fetch_users ⇒ Object

Gather local file-based users into an array of Hash objects.

# File 'lib/puppet/provider/elastic_user_command.rb', line 37

def self.fetch_users
  begin
    output = command_with_path('list')
  rescue Puppet::ExecutionFailure => e
    debug("#fetch_users had an error: #{e.inspect}")
    return nil
  end

  debug("Raw command output: #{output}")
  matching_lines = output.split("\n").select do |u|
    # Keep only expected "user : role1,role2" formatted lines
    u[%r{^[^:]+:\s+\S+$}]
  end

  users = matching_lines.map do |u|
    # Break into ["user ", " role1,role2"]
    u.split(':').first.strip
  end

  users.map do |user|
    {
      name: user,
      ensure: :present,
      provider: name
    }
  end
end

.homedir ⇒ Object

Elasticsearch’s home directory.

Returns:

• String

# File 'lib/puppet/provider/elastic_user_command.rb', line 11

def self.homedir
  @homedir ||= case Facter.value('osfamily')
               when 'OpenBSD'
                 '/usr/local/elasticsearch'
               else
                 '/usr/share/elasticsearch'
               end
end

.instances ⇒ Object

Fetch an array of provider objects from the the list of local users.

# File 'lib/puppet/provider/elastic_user_command.rb', line 66

def self.instances
  fetch_users.map do |user|
    new user
  end
end

.prefetch(resources) ⇒ Object

Generic prefetch boilerplate.

# File 'lib/puppet/provider/elastic_user_command.rb', line 73

def self.prefetch(resources)
  instances.each do |prov|
    if (resource = resources[prov.name])
      resource.provider = prov
    end
  end
end

Instance Method Details

#create ⇒ Object

Set this provider’s ‘:ensure` property to `:present`.

# File 'lib/puppet/provider/elastic_user_command.rb', line 107

def create
  @property_flush[:ensure] = :present
end

#destroy ⇒ Object

Set this provider’s ‘:ensure` property to `:absent`.

# File 'lib/puppet/provider/elastic_user_command.rb', line 116

def destroy
  @property_flush[:ensure] = :absent
end

#exists? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/puppet/provider/elastic_user_command.rb', line 111

def exists?
  @property_hash[:ensure] == :present
end

#flush ⇒ Object

Enforce the desired state for this user on-disk.

# File 'lib/puppet/provider/elastic_user_command.rb', line 87

def flush
  arguments = []

  case @property_flush[:ensure]
  when :absent
    arguments << 'userdel'
    arguments << resource[:name]
  else
    arguments << 'useradd'
    arguments << resource[:name]
    arguments << '-p' << resource[:password]
  end

  self.class.command_with_path(arguments, resource[:configdir])
  @property_hash = self.class.fetch_users.find do |u|
    u[:name] == resource[:name]
  end
end

#passwd ⇒ Object

Manually set this user’s password.

# File 'lib/puppet/provider/elastic_user_command.rb', line 121

def passwd
  self.class.command_with_path(
    [
      'passwd',
      resource[:name],
      '-p', resource[:password]
    ],
    resource[:configdir]
  )
end