Skip to content

Instantly share code, notes, and snippets.

Last active August 29, 2015 13:55
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jbouse/8763661 to your computer and use it in GitHub Desktop.
Save jbouse/8763661 to your computer and use it in GitHub Desktop.
#!/usr/bin/env ruby
# Copyright 2014 Jeremy T. Bouse
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# See the License for the specific language governing permissions and
# limitations under the License.
require 'fog'
require 'puppet'
require 'puppet/ssl/certificate_request'
clientcert = ARGV.pop
csr = Puppet::SSL::CertificateRequest.from_s(
pp_instance_id = csr.request_extensions.find { |a| a['oid'] == 'pp_instance_id' }
pp_image_name = csr.request_extensions.find { |a| a['oid'] == 'pp_image_name' }
instance_id = pp_instance_id['value']
image_id = pp_image_name['value']
retcode = 0
ec2 = => :aws)
server = ec2.servers.find { |s| == instance_id }
if != clientcert
retcode = 1
elsif not server
retcode = 2
elsif server.state != 'running'
retcode = 3
elsif pp_image_id and server.image_id != image_id
retcode = 4
exit retcode
Copy link

Hey, Adrien Thebo pointed this out to me a while ago, just wanted to give you a heads up I got a minimal version of it working and made a module to deploy this for PE:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment