From 7a379dd75cd8056bc986e7d341f47bfeeb69008a Mon Sep 17 00:00:00 2001 From: Ricardo Carrillo Cruz Date: Sat, 18 Apr 2015 23:08:51 +0200 Subject: [PATCH] Refactor generate_hiera_common Generate both private and public keys for hiera. Fix an issue with StringIO, was reusing it in the loop causing keys being appended one after each other. --- .../files/generate_hiera_common.py | 21 +++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/roles/deploy_hiera/files/generate_hiera_common.py b/roles/deploy_hiera/files/generate_hiera_common.py index 7873995..2b9b9c3 100644 --- a/roles/deploy_hiera/files/generate_hiera_common.py +++ b/roles/deploy_hiera/files/generate_hiera_common.py @@ -1,20 +1,33 @@ #!/usr/bin/env python -import yaml import paramiko +import random +import string import StringIO +import yaml KEY_LENGTH = 2048 -HIERA_SSH_PARAMS = ['puppetmaster_root_rsa_key'] +HIERA_SSH_PARAMS = [('puppetmaster_root_rsa_key', 'puppetmaster_root_rsa_pub_key'), + ('jenkins_ssh_private_key', 'jenkins_ssh_public_key'), + ('zuul_ssh_private_key_contents', 'zuul_ssh_public_key_contents'), + ('gerrit_ssh_rsa_key_contents', 'gerrit_ssh_rsa_pubkey_contents'), + ('gerrit_ssh_project_rsa_key_contents', 'gerrit_ssh_project_rsa_pubkey_contents')] +HIERA_PASSWORD_PARAMS = ['jenkins_jobs_password', 'gerrit_mysql_password'] HIERA_COMMON_YAML_FILE = '/etc/puppet/hieradata/production/common.yaml' -out = StringIO.StringIO() d = {} for h in HIERA_SSH_PARAMS: + out = StringIO.StringIO() k = paramiko.RSAKey.generate(KEY_LENGTH) k.write_private_key(out) - d[h] = out.getvalue() + d[h[0]] = out.getvalue() + d[h[1]] = k.get_name() + ' ' + k.get_base64() + out.close() + +for h in HIERA_PASSWORD_PARAMS: + d[h] = ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(12)) + with open(HIERA_COMMON_YAML_FILE, "w") as f: yaml.safe_dump(d, f, explicit_start=True, default_flow_style=False)