Uploaded image for project: 'Puppet Server'
  1. Puppet Server
  2. SERVER-2233

Allow for retrieving a list of agents with unsigned certificates through the API

    XMLWordPrintable

Details

    • Improvement
    • Status: Resolved
    • Normal
    • Resolution: Fixed
    • None
    • SERVER 6.13.0
    • None
    • Froyo
    • Enhancement
    • The `/puppet-ca/v1/certificate_statuses` endpoint now accepts a `state` parameter that will filter search results by the given certificate state. Accepted states are 'requested', 'signed', and 'revoked'.
    • Needs Assessment

    Description

      At one point it was possible to list out agents with unsigned certificates via GET /puppet-ca/v1/certificate_requests.  The documentation states that this endpoint is no longer supported.
      (This endpoint used to return the PEM files, which is probably not what we want here.)

      GET /puppet-ca/v1/certificate_statuses will list out all the certificates and statuses, but this is undesirable in the case where the payload is very large, and we really just want a list of agents requesting certs.

      Notes
      It makes sense to do this with a query param on the endpoint. If it's hard to allow filtering on status generally, we can just do the requested case for now and add the others later. The endpoint should continue to return all the certificate statuses if no query param is passed.

      Outcomes

      • Endpoint that can return at least all agents with requested certs (CSRs)
      • Documentation for the endpoint
      • tk-auth updates if needed (this might require changes in puppet_enterprise)
      • clojure level tests

      Attachments

        Issue Links

          Activity

            People

              molly.waggett Molly Waggett
              erik.hansen Erik Hansen
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support