class Chef::EncryptedAttribute::RemoteNodes
Helpers to search nodes remotely and get it's public keys.
Public Class Methods
Remote nodes search results cache.
You can disable it setting it's size to zero:
“`ruby Chef::EncryptedAttribute::RemoteNodes.cache
.max_size(0) “`
@return [CacheLru] Remote nodes LRU cache.
# File lib/chef/encrypted_attribute/remote_nodes.rb, line 40 def self.cache @@cache ||= Chef::EncryptedAttribute::CacheLru.new end
Gets remote node public key.
It first tries to read the key from the `node` attribute.
If the `“public_key”` attribute does not exist, it tries to read the node client key directly using the Chef
API
(this require admin privileges).
@param node [Chef::Node] Chef
node object. @return [String] Chef
client public key as string. @raise [InsufficientPrivileges] if you lack enoght privileges to read
the keys from the Chef Server.
@raise [ClientNotFound] if client does not exist. @raise [Net::HTTPServerException] for Chef
Server HTTP errors.
# File lib/chef/encrypted_attribute/remote_nodes.rb, line 58 def self.get_public_key(node) return node['public_key'] unless node['public_key'].nil? RemoteClients.get_public_key(node['name']) rescue Net::HTTPServerException => e raise e unless e.response.code == '403' raise InsufficientPrivileges, "You cannot read #{node['name']} client key. Consider including "\ 'the encrypted_attributes::expose_key recipe in the '\ "#{node['name']} node run list." end
Searches for node client public keys.
It first tries to read the key from the `node` attribute.
If the `“public_key”` attribute does not exist, it tries to read the node client key directly using the Chef
API
(this require admin privileges).
@param search [Array<String>, String] search queries to perform, the
query result will be *OR*-ed.
@param rows [Integer] maximum number of rows to return in searches. @param partial_search [Boolean] whether to use partial search. @return [Array<String>] list of public keys. @raise [InsufficientPrivileges] if you lack enough privileges to read
the keys from the Chef Server.
@raise [ClientNotFound] if client does not exist. @raise [Net::HTTPServerException] for Chef
Server HTTP errors. @raise [SearchFailure] if there is a Chef
search error. @raise [SearchFatalError] if the Chef
search response is wrong. @raise [InvalidSearchKeys] if search keys structure is wrong.
# File lib/chef/encrypted_attribute/remote_nodes.rb, line 89 def self.search_public_keys( search = '*:*', rows = 1000, partial_search = true ) escaped_query = escape_query(search) return cache[escaped_query] if cache.key?(escaped_query) cache[escaped_query] = search( :node, search, { 'name' => %w(name), 'public_key' => %w(public_key) }, rows, partial_search ).map { |node| get_public_key(node) }.compact end