feat: add incus auto-client certificate trust (#406)
- add fact to export vault public cert from agents - add fact to export list of trusted incus client certs - add method for incus clients to export their client cert to be trusted Reviewed-on: #406
This commit was merged in pull request #406.
This commit is contained in:
@@ -0,0 +1,28 @@
|
||||
# frozen_string_literal: true
|
||||
|
||||
# lib/facter/incus_trust_list.rb
|
||||
require 'json'
|
||||
|
||||
Facter.add(:incus_trust_list) do
|
||||
confine do
|
||||
# Only run on systems that have incus installed and running
|
||||
incus_path = Facter::Util::Resolution.which('incus')
|
||||
incus_path && File.exist?('/var/lib/incus/server.key')
|
||||
end
|
||||
|
||||
setcode do
|
||||
incus_path = Facter::Util::Resolution.which('incus')
|
||||
next {} unless incus_path
|
||||
|
||||
begin
|
||||
# Run incus config trust list --format=json
|
||||
trust_output = Facter::Core::Execution.execute("#{incus_path} config trust list --format=json")
|
||||
next {} if trust_output.empty?
|
||||
|
||||
# Parse the JSON output
|
||||
JSON.parse(trust_output)
|
||||
rescue StandardError
|
||||
{}
|
||||
end
|
||||
end
|
||||
end
|
||||
Reference in New Issue
Block a user