There is a REST api available for managing the puppet master's CA [1]. You must present a trusted certificate and modify the auth.conf [2] file on the master to allow your node to mange the CA.
Once that is done, you can make 2 http calls, 1 to revoke the certificate, and a second to delete it from the master. This doesnt help directly with the vagrant part of your question, but perhaps you can roll a quick script to do this cleanup for you. -Adam [1] http://docs.puppetlabs.com/guides/rest_api.html#certificate-status [2] http://docs.puppetlabs.com/guides/rest_auth_conf.html On Sun, Feb 2, 2014 at 3:48 PM, Wolf Noble <[email protected]> wrote: > Is there any further on this? I'm looking to come up with the cleanest way > to nuke a node's certs from a vagrant (and sometimes from a non-vagrant) > controlled puppetmaster when destroying the node... it seems like this > would be the best way to implement this, but after several searches on this > list and elsewhere (perhaps my search-fu needs help) I'm not finding > definitive answers on if this is a problem already solved through a > different/better/cleaner way. > > Thanks in advance for the input > > Wolf Noble > > > > On Tuesday, October 8, 2013 10:47:03 PM UTC-5, Joe Maller wrote: >> >> What is the syntax to define a provisioner cleanup task? >> >> The release notes for 1.3.0 mentioned a provisioner cleanup option was >> added but there doesn't seem to be any documentation and I've had no luck >> trying to figure out the syntax. The most relevant file appears to >> lib/vagrant/action/builtin/provisioner_cleanup.rb<https://github.com/mitchellh/vagrant/blob/master/lib/vagrant/action/builtin/provisioner_cleanup.rb> >> >> >>> >>> 1.3.0 (September 5, 2013) >>> >>> - >>> - Provisioners can now define "cleanup" tasks that are executed on >>> vagrant >>> destroy. [GH-1302] >>> >>> >> Thanks, >> >> joe >> > -- > You received this message because you are subscribed to the Google Groups > "Vagrant" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "Vagrant" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
