Learning to write a foreman plugin

Hi All,
I'm afraid I'm new to ruby, rails, puppet and foreman but I've been tasked
with writing a foreman plugin which must work under foreman 1.12.x.

The specification I have been given is as follows:

This should be a Foreman plugin that:

  1. adds "clean cert" to the host "edit" pulldown menu, under "hosts" (a
    new "controller").
    2. adds the "clean cert" behavior to the API (a second new
    3. adds the ability to clean multiple certs through the UI (select
    several servers, add option to the "actions" pulldown menu), with a
    confirmation warning (a "view") when doing so.
    4. Documentation for the plugin
    5. A new repo for the plugin (this CANNOT co-mingle with our other
    6. The plugin must be presented in the form of a gem to ease foreman
    installation require Foreman 1.12 or greater
    7. The plugin should use the ACLs related to editing a host when
    deciding if the user can revoke a cert.


This does not address the CRL-copy functionality, that is a separate

I've pushed my current code to https://github.com/dscoular/cert-reaper
(apologies for my poor
understanding of ruby style etc).

This is based on the example foreman plugin template code found at: https://github.com/theforeman/foreman_plugin_template
my_plugin <https://github.com/theforeman/foreman_plugin_template my_plugin>


I've partially implemented 1, 4, 5 and 6.

I managed to use deface to add the "Clean Certificate…" menu item to the
host rows menu in the Hosts view. I've also managed to add a "Clear Cert"
button in the Host Details view implemented as a helper extension using
concerns to add another action to title_actions() and this successfully
calls my hosts controller's clear_cert(certname) action.

I had hoped to use a similar controller extension via concerns to handle
the multiple host selection muliple_actions() but I cannot seem to figure
out how to get my controller, defined here:


to make use of my controller extension concerns, defined here:


I haven't even begun to look at developing ACLs to determine which users or
roles can see my "Clear Certificate" menus or buttons.

I've no idea if I'm going about this in the correct way or not so I thought
I'd better start asking this group for help before I got too far down a rat

Please don't hesitate to tell me if this is not the appropriate group for
such questions.

Any help hugely appreciated.