diff options
| author | Jacob Helwig <jacob@technosorcery.net> | 2018-06-21 14:45:50 -0700 |
|---|---|---|
| committer | Jacob Helwig <jacob@technosorcery.net> | 2018-06-21 14:45:50 -0700 |
| commit | b918a193de16f9b1c88687ccfab91664f975f1ab (patch) | |
| tree | 33e60b5b7f0e86d5c45af3f21942556ab31ae738 /lib/puppet/provider | |
| parent | d1719de1d77b9c139b1b5f5832330807c0fe11fe (diff) | |
| download | puppet-sshkeys_core-b918a193de16f9b1c88687ccfab91664f975f1ab.tar.gz puppet-sshkeys_core-b918a193de16f9b1c88687ccfab91664f975f1ab.tar.bz2 | |
Apply automatic PDK validation cleanup
Diffstat (limited to 'lib/puppet/provider')
| -rw-r--r-- | lib/puppet/provider/ssh_authorized_key/parsed.rb | 92 | ||||
| -rw-r--r-- | lib/puppet/provider/sshkey/parsed.rb | 47 |
2 files changed, 68 insertions, 71 deletions
diff --git a/lib/puppet/provider/ssh_authorized_key/parsed.rb b/lib/puppet/provider/ssh_authorized_key/parsed.rb index f7ac9f7..45ef649 100644 --- a/lib/puppet/provider/ssh_authorized_key/parsed.rb +++ b/lib/puppet/provider/ssh_authorized_key/parsed.rb @@ -2,44 +2,44 @@ require 'puppet/provider/parsedfile' Puppet::Type.type(:ssh_authorized_key).provide( :parsed, - :parent => Puppet::Provider::ParsedFile, - :filetype => :flat, - :default_target => '' + parent: Puppet::Provider::ParsedFile, + filetype: :flat, + default_target: '', ) do - desc "Parse and generate authorized_keys files for SSH." + desc 'Parse and generate authorized_keys files for SSH.' - text_line :comment, :match => /^\s*#/ - text_line :blank, :match => /^\s*$/ + text_line :comment, match: %r{^\s*#} + text_line :blank, match: %r{^\s*$} record_line :parsed, - :fields => %w{options type key name}, - :optional => %w{options}, - :rts => /^\s+/, - :match => Puppet::Type.type(:ssh_authorized_key).keyline_regex, - :post_parse => proc { |h| - h[:name] = "" if h[:name] == :absent - h[:options] ||= [:absent] - h[:options] = Puppet::Type::Ssh_authorized_key::ProviderParsed.parse_options(h[:options]) if h[:options].is_a? String - }, - :pre_gen => proc { |h| - # if this name was generated, don't write it back to disk - h[:name] = "" if h[:unnamed] - h[:options] = [] if h[:options].include?(:absent) - h[:options] = h[:options].join(',') - } + fields: ['options', 'type', 'key', 'name'], + optional: ['options'], + rts: %r{^\s+}, + match: Puppet::Type.type(:ssh_authorized_key).keyline_regex, + post_parse: proc { |h| + h[:name] = '' if h[:name] == :absent + h[:options] ||= [:absent] + h[:options] = Puppet::Type::Ssh_authorized_key::ProviderParsed.parse_options(h[:options]) if h[:options].is_a? String + }, + pre_gen: proc { |h| + # if this name was generated, don't write it back to disk + h[:name] = '' if h[:unnamed] + h[:options] = [] if h[:options].include?(:absent) + h[:options] = h[:options].join(',') + } record_line :key_v1, - :fields => %w{options bits exponent modulus name}, - :optional => %w{options}, - :rts => /^\s+/, - :match => /^(?:(.+) )?(\d+) (\d+) (\d+)(?: (.+))?$/ + fields: ['options', 'bits', 'exponent', 'modulus', 'name'], + optional: ['options'], + rts: %r{^\s+}, + match: %r{^(?:(.+) )?(\d+) (\d+) (\d+)(?: (.+))?$} def dir_perm - 0700 + 0o700 end def file_perm - 0600 + 0o600 end def user @@ -48,7 +48,7 @@ Puppet::Type.type(:ssh_authorized_key).provide( end def flush - raise Puppet::Error, "Cannot write SSH authorized keys without user" unless @resource.should(:user) + raise Puppet::Error, 'Cannot write SSH authorized keys without user' unless @resource.should(:user) raise Puppet::Error, "User '#{@resource.should(:user)}' does not exist" unless Puppet::Util.uid(@resource.should(:user)) # ParsedFile usually calls backup_target much later in the flush process, # but our SUID makes that fail to open filebucket files for writing. @@ -57,14 +57,14 @@ Puppet::Type.type(:ssh_authorized_key).provide( self.class.backup_target(target) Puppet::Util::SUIDManager.asuser(@resource.should(:user)) do - unless Puppet::FileSystem.exist?(dir = File.dirname(target)) - Puppet.debug "Creating #{dir} as #{@resource.should(:user)}" - Dir.mkdir(dir, dir_perm) - end + unless Puppet::FileSystem.exist?(dir = File.dirname(target)) + Puppet.debug "Creating #{dir} as #{@resource.should(:user)}" + Dir.mkdir(dir, dir_perm) + end - super + super - File.chmod(file_perm, target) + File.chmod(file_perm, target) end end @@ -73,17 +73,17 @@ Puppet::Type.type(:ssh_authorized_key).provide( def self.parse_options(options) result = [] scanner = StringScanner.new(options) - while !scanner.eos? - scanner.skip(/[ \t]*/) + until scanner.eos? + scanner.skip(%r{[ \t]*}) # scan a long option - if out = scanner.scan(/[-a-z0-9A-Z_]+=\".*?[^\\]\"/) or out = scanner.scan(/[-a-z0-9A-Z_]+/) + if (out = scanner.scan(%r{[-a-z0-9A-Z_]+=\".*?[^\\]\"})) || (out = scanner.scan(%r{[-a-z0-9A-Z_]+})) result << out else # found an unscannable token, let's abort break end # eat a comma - scanner.skip(/[ \t]*,[ \t]*/) + scanner.skip(%r{[ \t]*,[ \t]*}) end result end @@ -91,15 +91,13 @@ Puppet::Type.type(:ssh_authorized_key).provide( def self.prefetch_hook(records) name_index = 0 records.each do |record| - if record[:record_type] == :parsed && record[:name].empty? - record[:unnamed] = true - # Generate a unique ID for unnamed keys, in case they need purging. - # If you change this, you have to keep - # Puppet::Type::User#unknown_keys_in_file in sync! (PUP-3357) - record[:name] = "#{record[:target]}:unnamed-#{ name_index += 1 }" - Puppet.debug("generating name for on-disk ssh_authorized_key #{record[:key]}: #{record[:name]}") - end + next unless record[:record_type] == :parsed && record[:name].empty? + record[:unnamed] = true + # Generate a unique ID for unnamed keys, in case they need purging. + # If you change this, you have to keep + # Puppet::Type::User#unknown_keys_in_file in sync! (PUP-3357) + record[:name] = "#{record[:target]}:unnamed-#{name_index += 1}" + Puppet.debug("generating name for on-disk ssh_authorized_key #{record[:key]}: #{record[:name]}") end end end - diff --git a/lib/puppet/provider/sshkey/parsed.rb b/lib/puppet/provider/sshkey/parsed.rb index 1c42aeb..3713df1 100644 --- a/lib/puppet/provider/sshkey/parsed.rb +++ b/lib/puppet/provider/sshkey/parsed.rb @@ -2,49 +2,48 @@ require 'puppet/provider/parsedfile' Puppet::Type.type(:sshkey).provide( :parsed, - :parent => Puppet::Provider::ParsedFile, - :filetype => :flat + parent: Puppet::Provider::ParsedFile, + filetype: :flat, ) do - desc "Parse and generate host-wide known hosts files for SSH." + desc 'Parse and generate host-wide known hosts files for SSH.' - text_line :comment, :match => /^#/ - text_line :blank, :match => /^\s*$/ + text_line :comment, match: %r{^#} + text_line :blank, match: %r{^\s*$} - record_line :parsed, :fields => %w{name type key}, - :post_parse => proc { |hash| - names = hash[:name].split(",", -1) - hash[:name] = names.shift - hash[:host_aliases] = names - }, - :pre_gen => proc { |hash| - if hash[:host_aliases] - hash[:name] = [hash[:name], hash[:host_aliases]].flatten.join(",") - hash.delete(:host_aliases) - end - } + record_line :parsed, fields: ['name', 'type', 'key'], + post_parse: proc { |hash| + names = hash[:name].split(',', -1) + hash[:name] = names.shift + hash[:host_aliases] = names + }, + pre_gen: proc { |hash| + if hash[:host_aliases] + hash[:name] = [hash[:name], hash[:host_aliases]].flatten.join(',') + hash.delete(:host_aliases) + end + } # Make sure to use mode 644 if ssh_known_hosts is newly created def self.default_mode - 0644 + 0o644 end def self.default_target case Facter.value(:operatingsystem) - when "Darwin" + when 'Darwin' # Versions 10.11 and up use /etc/ssh/ssh_known_hosts version = Facter.value(:macosx_productversion_major) if version if Puppet::Util::Package.versioncmp(version, '10.11') >= 0 - "/etc/ssh/ssh_known_hosts" + '/etc/ssh/ssh_known_hosts' else - "/etc/ssh_known_hosts" + '/etc/ssh_known_hosts' end else - "/etc/ssh_known_hosts" + '/etc/ssh_known_hosts' end else - "/etc/ssh/ssh_known_hosts" + '/etc/ssh/ssh_known_hosts' end end end - |