Introducing auth parameter in puppet-uchiwa

This commit introduces the auth paramter, which can be used - starting from uchiwa 0.13.0 in order to specify a static RSA keypair for JWT signature validation.
Yelp · Dec 8, 2015 · 1f12108 · 1f12108
1 parent f4f0fa1
commit 1f12108
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 3 deletions.
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -113,6 +113,18 @@
 #     }]
 #     ```
 #
+#  [*auth*]
+#    Hash
+#    A hash containing the static public and private key paths for generating and
+#    validating JSON Web Token (JWT) signatures.
+#    Example:
+#    ```
+#    {
+#      'publickey'  => '/path/to/uchiwa.rsa.pub',
+#      'privatekey' => '/path/to/uchiwa.rsa'
+#    }
+#    ```
+#
 class uchiwa (
   $package_name         = $uchiwa::params::package_name,
   $service_name         = $uchiwa::params::service_name,
@@ -130,7 +142,8 @@
   $pass                 = $uchiwa::params::pass,
   $refresh              = $uchiwa::params::refresh,
   $sensu_api_endpoints  = $uchiwa::params::sensu_api_endpoints,
-  $users                = $uchiwa::params::users
+  $users                = $uchiwa::params::users,
+  $auth                 = $uchiwa::params::auth
 ) inherits uchiwa::params {
 
   # validate parameters here
@@ -151,6 +164,7 @@
   validate_integer($refresh)
   validate_array($sensu_api_endpoints)
   validate_array($users)
+  validate_hash($auth)
 
   anchor { 'uchiwa::begin': } ->
   class { 'uchiwa::install': } ->

diff --git a/manifests/params.pp b/manifests/params.pp
@@ -46,4 +46,5 @@
   $pass            =     ''
   $refresh         =     '5'
   $users           =     []
+  $auth            =     {}
 }
diff --git a/templates/etc/sensu/uchiwa.json.erb b/templates/etc/sensu/uchiwa.json.erb
@@ -20,7 +20,7 @@
     "port": <%= @port %>,
     "user": "<%= @user %>",
     "pass": "<%= @pass %>",
-    "refresh": <%= @refresh %><%= ',' if @users.size > 0 %>
+    "refresh": <%= @refresh %><%= ',' if @users.size > 0 or @auth.size == 2 %>
     <%- if @users.size > 0 -%>
     "users": [
     <%- @users.each_with_index do |user, i| -%>
@@ -32,7 +32,13 @@
         }
       }<%= ',' if i < (@users.size - 1) %>
     <%- end -%>
-    ]
+    ]<%= ',' if @auth.size == 2 %>
+  <%- end -%>
+  <%- if @auth.size == 2 -%>
+    "auth": {
+      "publickey": "<%= @auth['publickey']  %>",
+      "privatekey": "<%= @auth['privatekey']  %>"
+    }
   <%- end -%>
   }
 }