lak

luke@syringe $ md5sum /tmp/baz
e31be87da5b8002afc983eecd1e29223  /tmp/baz
luke@syringe $ echo asdfasdf >> ~/etc/puppet/modules/mymod/files/myfile 
luke@syringe $ puppet agent --verbose --test  --server localhost
info: Caching catalog for localhost
info: Applying configuration version '1302126831'
--- /tmp/baz	2011-04-06 14:51:40.000000000 -0700
+++ /var/folders/8B/8BmBDildHw40ZzYiLHHQuk+++TI/-Tmp-/puppet-file20110406-29205-xza4j7-0	2011-04-06 14:53:52.000000000 -0700
@@ -1,2 +1,4 @@
 mainfile

lak

#!/usr/bin/env ruby

require File.expand_path(File.dirname(__FILE__) + '/../../spec_helper.rb')
require 'puppet/ssl/certificate_status'

describe Puppet::SSL::CertificateStatus do
  before do
    @status = Puppet::SSL::CertificateStatus.new("mysigner")
    Puppet::SSL::CertificateAuthority.stubs(:ca?).returns true
  end

lak

class Puppet::SSL::CertificateStatus
  extend Puppet::Indirector

  indirects :certificate_status, :terminus_class => :file

  attr_accessor :name, :fingerprint, :message
  attr_reader :state

  CERT_STATES = %w{requested signed invoked invalid}

lak

#!/usr/bin/env ruby

require File.expand_path(File.dirname(__FILE__) + '/../../spec_helper.rb')
require 'puppet/application/certificate'

describe Puppet::Application::Certificate do
  it "should be a subclass of Puppet::Application::IndirectionBase" do
    Puppet::Application::Certificate.superclass.should equal(
      Puppet::Application::IndirectionBase
    )

lak

#!/usr/bin/env

# Because Puppet has supported "solo" mode since 2005
exec puppet $@

lak

Puppet::Type.newtype(:iptables) do
  ...
  def generate
    self.class.new(:name => "last")
  end

  def autorequire(:iptables)
    return unless name == "last"
    self.catalog.resources.collect { |r| r.type == :iptables }
  end

lak

# The first run fails because there is no 'importantserver' placeholder resource.
frontend1(~) % puppet apply --storeconfigs --config ./puppet.conf pull.pp
Could not find dependency Placeholder[importantserver] for File[/tmp/y] at /home/jordan/pull.pp:12

# Have another server export this resource
ops(~/pp) % puppet apply --storeconfigs --config ./puppet.conf push.pp

# Try again, which works because the exported resource is found.
frontend1(~) !1! % puppet apply --storeconfigs --config ./puppet.conf pull.pp
notice: /Stage[main]/Bar/File[/tmp/y]/content: content changed '{md5}5a2f711ba4198f0db5e6b9e38a8f2d64' to '{md5}53cadf1c93f077aae3747e6507d7aa8e'

lak

require 'openssl'
require 'puppet'
require 'puppet/ssl'
require 'xmlrpc/server'

# Much of this was taken from QuickCert:
#   http://segment7.net/projects/ruby/QuickCert/

class Puppet::Network::Handler::CA < Handler
    desc "Provides an interface for signing CSRs.  Accepts a CSR and returns

lak

diff --git a/lib/puppet/indirector/certificate_request/ca.rb b/lib/puppet/indirector/certificate_request/ca.rb
index e90f43a..6c41e6a 100644
--- a/lib/puppet/indirector/certificate_request/ca.rb
+++ b/lib/puppet/indirector/certificate_request/ca.rb
@@ -9,6 +9,15 @@ class Puppet::SSL::CertificateRequest::Ca < Puppet::Indirector::SslFile
     def save(request)
         result = super
         Puppet.notice "%s has a waiting certificate request" % request.key
+        if cert = Puppet::SSL::Certificate.find(request.key)
+            we_would_autosign = ["true",true].include?(Puppet[:autosign]) or Puppet::Network::AuthStore.new(Puppet[:autosign]).allowed?(host)

lak

#!/usr/bin/ruby

require 'puppet'
require 'puppet/util/log'
require 'puppet/util/logging'
require 'puppet/transaction/report'

report = Puppet::Transaction::Report.new
Puppet::Util::Log.newdestination report