Convert function api_fetch to new format

Ericsson · Feb 20, 2024 · 18c49f4 · 18c49f4
1 parent 0c3c31c
commit 18c49f4
Show file tree

Hide file tree

Showing 7 changed files with 392 additions and 368 deletions.
diff --git a/REFERENCE.md b/REFERENCE.md
diff --git a/lib/puppet/functions/vas/api_fetch.rb b/lib/puppet/functions/vas/api_fetch.rb
@@ -0,0 +1,48 @@
+# Query a remote HTTP-based service for entries to be added to users_allow.
+Puppet::Functions.create_function(:'vas::api_fetch') do
+  require 'net/http'
+  require 'net/https'
+  require 'openssl'
+  # @param url URL to connect to
+  # @param token Token used for authentication
+  # @return [Stdlib::Http::Status, Array[String]] If a valid response and contains entries
+  # @return [Stdlib::Http::Status, Array[nil]] If a valid response, but no entries
+  # @return [Stdlib::Http::Status, nil] If response is not of SUCCESS status code
+  # @return [0, String] If the query is unable to reach server or other error
+  # @example Calling the function
+  #   vas::api_fetch("https://host.domain.tld/api/${facts['trusted.certname']}")
+  dispatch :api_fetch do
+    param 'Stdlib::HTTPUrl', :url
+    param 'String[1]', :token
+  end
+
+  def api_fetch(url, token)
+    uri = URI.parse(url)
+
+    req = Net::HTTP::Get.new(uri.to_s)
+    req['Authorization'] = "Bearer #{token}"
+    req['Accept'] = 'text/plain'
+
+    https = Net::HTTP.new(uri.host, uri.port)
+    https.use_ssl = true
+    https.verify_mode = OpenSSL::SSL::VERIFY_NONE
+    https.open_timeout = 2
+    https.read_timeout = 2
+
+    begin
+      response = https.start do |cx|
+        cx.request(req)
+      end
+
+      case response
+      when Net::HTTPSuccess
+        return response.code, response.body.split("\n") unless response.body.to_s.empty?
+        [response.code, []]
+      else
+        [response.code, nil]
+      end
+    rescue => error
+      [0, error.message]
+    end
+  end
+end
diff --git a/lib/puppet/parser/functions/api_fetch.rb b/lib/puppet/parser/functions/api_fetch.rb
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -673,7 +673,7 @@
   if $api_enable == true and ($api_users_allow_url == undef or $api_token == undef) {
     fail('vas::api_enable is set to true but required parameters vas::api_users_allow_url and/or vas::api_token missing')
   } elsif $api_enable == true {
-    $api_users_allow_data = api_fetch($api_users_allow_url, $api_token)
+    $api_users_allow_data = vas::api_fetch($api_users_allow_url, $api_token)
 
     case $api_users_allow_data[0] {
       200,'200': { # api_fetch() returns integer in Puppet 3 and string in Puppet 6

diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
@@ -317,7 +317,7 @@
             context 'and returns 200' do
               context 'without data' do
                 let(:pre_condition) do
-                  'function api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
+                  'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
                 end
 
                 users_allow_api_nodata_content = <<-END.gsub(%r{^\s+\|}, '')
@@ -355,7 +355,7 @@
 
               context 'with data' do
                 let(:pre_condition) do
-                  'function api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@example.com\'] }'
+                  'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@example.com\'] }'
                 end
 
                 users_allow_api_data_content = <<-END.gsub(%r{^\s+\|}, '')
@@ -394,7 +394,7 @@
 
             context 'and return non-200 code' do
               let(:pre_condition) do
-                'function api_fetch($api_users_allow_url, $api_token) { return [0, undef] }'
+                'function vas::api_fetch($api_users_allow_url, $api_token) { return [0, undef] }'
               end
 
               it {

diff --git a/spec/classes/parameter_spec.rb b/spec/classes/parameter_spec.rb
@@ -918,7 +918,7 @@
           }
         end
         let(:pre_condition) do
-          'function api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
+          'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
         end
 
         it do
@@ -935,7 +935,7 @@
           }
         end
         let(:pre_condition) do
-          'function api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@test.ing\'] }'
+          'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@test.ing\'] }'
         end
 
         it do
@@ -953,7 +953,7 @@
           }
         end
         let(:pre_condition) do
-          'function api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
+          'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
         end
 
         it do
@@ -971,7 +971,7 @@
           }
         end
         let(:pre_condition) do
-          'function api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@test.ing\'] }'
+          'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@test.ing\'] }'
         end
 
         it do
@@ -1007,7 +1007,7 @@
           }
         end
         let(:pre_condition) do
-          'function api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
+          'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, undef] }'
         end
 
         it do
@@ -1024,7 +1024,7 @@
           }
         end
         let(:pre_condition) do
-          'function api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@test.ing\'] }'
+          'function vas::api_fetch($api_users_allow_url, $api_token) { return [200, \'apiuser@test.ing\'] }'
         end
 
         it do

diff --git a/spec/functions/api_fetch_spec.rb b/spec/functions/api_fetch_spec.rb
@@ -3,7 +3,7 @@
 require 'spec_helper'
 require 'webmock/rspec'
 
-describe 'api_fetch' do
+describe 'vas::api_fetch' do
   headers = {
     'Accept' => 'text/plain',
     'Accept-Encoding' => 'gzip;q=1.0,deflate;q=0.6,identity;q=0.3',
@@ -18,15 +18,15 @@
       it do
         is_expected.to run
           .with_params
-          .and_raise_error(Puppet::ParseError, 'api_fetch(): Wrong number of arguments given (0 for 2)')
+          .and_raise_error(ArgumentError, '\'vas::api_fetch\' expects 2 arguments, got none')
       end
     end
 
     describe 'token argument is missing' do
       it do
         is_expected.to run
           .with_params(url)
-          .and_raise_error(Puppet::ParseError, 'api_fetch(): Wrong number of arguments given (1 for 2)')
+          .and_raise_error(ArgumentError, '\'vas::api_fetch\' expects 2 arguments, got 1')
       end
     end
   end
@@ -35,15 +35,15 @@
     it do
       is_expected.to run
         .with_params(1, 'somesecret')
-        .and_raise_error(%r{Argument must be a string})
+        .and_raise_error(ArgumentError, %r{'vas::api_fetch' parameter 'url' expects a match for Stdlib::HTTPUrl.* got Integer})
     end
   end
 
   describe 'raises an error when token argument is not a string' do
     it do
       is_expected.to run
         .with_params(url, 1)
-        .and_raise_error(%r{Argument must be a string})
+        .and_raise_error(ArgumentError, '\'vas::api_fetch\' parameter \'token\' expects a String value, got Integer')
     end
   end