reidmv/get-matching-nodes.rb

## get-matching-nodes.rb
#!/opt/puppetlabs/puppet/bin/ruby

require 'json'
require 'net/http'
require 'etc'

def http(uri:, body: {}, request_class: Net::HTTP::Get)
  token_file = File.join(Etc.getpwuid.dir, '.puppetlabs', 'token')
  token = File.read(token_file)

  parsed_uri = URI.parse(uri)

  nethttp = Net::HTTP.new(parsed_uri.host, parsed_uri.port)
  nethttp.use_ssl = true
  nethttp.verify_mode = OpenSSL::SSL::VERIFY_NONE
  request = request_class.new(parsed_uri.request_uri)

  request['Content-Type'] = 'application/json'
  request['X-Authentication'] = token
  request.body = body.to_json

  response = nethttp.request(request)
  JSON.parse(response.body)
end

def and_group_rules(group, groups, rules = [])
  if group['id'] == '00000000-0000-4000-8000-000000000000'
    ['and', *rules]
  else
    parent_group = groups.find { |g| g['id'] == group['parent'] }
    and_group_rules(parent_group, groups, [group['rule'], *rules].compact)
  end
end

def matching_nodes(group_id, groups)
  group = groups.find { |g| g['id'] == group_id }
  anded_rule = and_group_rules(group, groups)

  pdbquery = http(uri: 'https://localhost:4433/classifier-api/v1/rules/translate',
                  body: anded_rule,
                  request_class: Net::HTTP::Post)

  members = http(uri: 'http://localhost:8081/pdb/query/v4/nodes',
                 body: pdbquery,
                 request_class: Net::HTTP::Post)
rescue JSON::ParserError
  # Unable to determine group members. Probably "all", doesn't have a rule.
  [{'certname' => 'UNKNOWN'}]
end

groups = http(uri: 'https://localhost:4433/classifier-api/v1/groups')
unless group = groups.find { |g| g['name'] == ARGV[0] }
  puts "Didn't find any group with the name #{ARGV[0]}"
  exit 1
end

puts matching_nodes(group['id'], groups).map { |n| n['certname'] }
	#!/opt/puppetlabs/puppet/bin/ruby

	require 'json'
	require 'net/http'
	require 'etc'

	def http(uri:, body: {}, request_class: Net::HTTP::Get)
	token_file = File.join(Etc.getpwuid.dir, '.puppetlabs', 'token')
	token = File.read(token_file)

	parsed_uri = URI.parse(uri)

	nethttp = Net::HTTP.new(parsed_uri.host, parsed_uri.port)
	nethttp.use_ssl = true
	nethttp.verify_mode = OpenSSL::SSL::VERIFY_NONE
	request = request_class.new(parsed_uri.request_uri)

	request['Content-Type'] = 'application/json'
	request['X-Authentication'] = token
	request.body = body.to_json

	response = nethttp.request(request)
	JSON.parse(response.body)
	end

	def and_group_rules(group, groups, rules = [])
	if group['id'] == '00000000-0000-4000-8000-000000000000'
	['and', *rules]
	else
	parent_group = groups.find { \|g\| g['id'] == group['parent'] }
	and_group_rules(parent_group, groups, [group['rule'], *rules].compact)
	end
	end

	def matching_nodes(group_id, groups)
	group = groups.find { \|g\| g['id'] == group_id }
	anded_rule = and_group_rules(group, groups)

	pdbquery = http(uri: 'https://localhost:4433/classifier-api/v1/rules/translate',
	body: anded_rule,
	request_class: Net::HTTP::Post)

	members = http(uri: 'http://localhost:8081/pdb/query/v4/nodes',
	body: pdbquery,
	request_class: Net::HTTP::Post)
	rescue JSON::ParserError
	# Unable to determine group members. Probably "all", doesn't have a rule.
	[{'certname' => 'UNKNOWN'}]
	end

	groups = http(uri: 'https://localhost:4433/classifier-api/v1/groups')
	unless group = groups.find { \|g\| g['name'] == ARGV[0] }
	puts "Didn't find any group with the name #{ARGV[0]}"
	exit 1
	end

	puts matching_nodes(group['id'], groups).map { \|n\| n['certname'] }