52 lines
1.4 KiB
Bash
52 lines
1.4 KiB
Bash
#!/bin/sh
|
|
# Copyright 2023, Georg Pfuetzenreuter
|
|
#
|
|
# Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European Commission - subsequent versions of the EUPL (the "Licence").
|
|
# You may not use this work except in compliance with the Licence.
|
|
# An English copy of the Licence is shipped in a file called LICENSE along with this applications source code.
|
|
# You may obtain copies of the Licence in any of the official languages at https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12.
|
|
#
|
|
# ---
|
|
#
|
|
# This program helps with accepting Salt minion keys by asking for a key to compare with first. Intended to be run on a Salt master.
|
|
|
|
set -Ceu
|
|
|
|
minion="${1:-null}"
|
|
NOCOLOR="$(tput sgr0)"
|
|
|
|
if [ "$minion" = 'null' ]
|
|
then
|
|
printf 'Please specify the minion to diff against.\n'
|
|
exit 1
|
|
fi
|
|
|
|
if ! command -v jq >/dev/null || ! command -v salt-key >/dev/null
|
|
then
|
|
printf 'Please ensure jq and salt-key are available.\n'
|
|
exit 1
|
|
fi
|
|
|
|
key_salt="$(salt-key --out json -f $minion | jq --arg minion $minion -r '.minions_pre[$minion]')"
|
|
|
|
if [ "$key_salt" = 'null' ]
|
|
then
|
|
printf 'No pending keys for %s.\n' "$minion"
|
|
exit 2
|
|
fi
|
|
|
|
printf 'Enter fingerprint to diff against\n'
|
|
read key_user
|
|
|
|
if [ "$key_salt" = "$key_user" ]
|
|
then
|
|
GREEN="$(tput setaf 2)"
|
|
printf '%sMatches%s\n' "$GREEN" "$NOCOLOR"
|
|
salt-key --out=yaml -a "$minion"
|
|
elif [ ! "$key_salt" = "$key_user" ]
|
|
then
|
|
RED="$(tput setaf 1)"
|
|
printf '%sMismatch%s\n' "$RED" "$NOCOLOR"
|
|
exit 2
|
|
fi
|