mirror of
https://github.com/super-linter/super-linter.git
synced 2024-12-22 04:32:16 -05:00
chore: simplify updateSSL (#5130)
Run command directly instead of checking their exit code afterwards.
This commit is contained in:
parent
05009f2816
commit
9bab4a90e8
4 changed files with 63 additions and 71 deletions
14
Makefile
14
Makefile
|
@ -4,7 +4,7 @@
|
|||
all: info docker test ## Run all targets.
|
||||
|
||||
.PHONY: test
|
||||
test: info validate-container-image-labels test-lib inspec lint-codebase test-default-config-files test-find lint-subset-files test-non-default-workdir test-git-flags test-linters ## Run the test suite
|
||||
test: info validate-container-image-labels test-lib inspec lint-codebase test-default-config-files test-find lint-subset-files test-custom-ssl-cert test-non-default-workdir test-git-flags test-linters ## Run the test suite
|
||||
|
||||
# if this session isn't interactive, then we don't want to allocate a
|
||||
# TTY, which would fail, but if it is interactive, we do want to attach
|
||||
|
@ -259,6 +259,18 @@ test-default-config-files: ## Test default configuration files loading
|
|||
-v "$(CURDIR)/docs":/tmp/lint \
|
||||
$(SUPER_LINTER_TEST_CONTAINER_URL)
|
||||
|
||||
.phony: test-custom-ssl-cert
|
||||
test-custom-ssl-cert: ## Test the configuration of a custom SSL/TLS certificate
|
||||
docker run \
|
||||
-e RUN_LOCAL=true \
|
||||
-e ACTIONS_RUNNER_DEBUG=true \
|
||||
-e ENABLE_GITHUB_ACTIONS_GROUP_TITLE=true \
|
||||
-e DEFAULT_BRANCH=main \
|
||||
-e USE_FIND_ALGORITHM=true \
|
||||
-e SSL_CERT_SECRET="$(shell cat test/data/ssl-certificate/rootCA-test.crt)" \
|
||||
-v "$(CURDIR)/docs":/tmp/lint \
|
||||
$(SUPER_LINTER_TEST_CONTAINER_URL)
|
||||
|
||||
.phony: test-linters
|
||||
test-linters: ## Run the linters test suite
|
||||
docker run \
|
||||
|
|
|
@ -1,14 +1,5 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
################################################################################
|
||||
################################################################################
|
||||
########### Super-Linter linting Functions #####################################
|
||||
################################################################################
|
||||
################################################################################
|
||||
########################## FUNCTION CALLS BELOW ################################
|
||||
################################################################################
|
||||
################################################################################
|
||||
#### Function SetupSshAgent ####################################################
|
||||
function SetupSshAgent() {
|
||||
# Check to see if a SSH_KEY_SECRET was passed
|
||||
if [ -n "${SSH_KEY}" ]; then
|
||||
|
@ -19,8 +10,7 @@ function SetupSshAgent() {
|
|||
ssh-add - <<<"${SSH_KEY}" 2>/dev/null
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
#### Function SetupGithubComSshKeys ############################################
|
||||
|
||||
function SetupGithubComSshKeys() {
|
||||
if [[ -n "${SSH_KEY}" || "${SSH_SETUP_GITHUB}" == "true" ]]; then
|
||||
info "Adding github.com SSH keys"
|
||||
|
@ -41,4 +31,3 @@ function SetupGithubComSshKeys() {
|
|||
fi
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
|
|
|
@ -1,79 +1,39 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
################################################################################
|
||||
################################################################################
|
||||
########### Super-Linter linting Functions @admiralawkbar ######################
|
||||
################################################################################
|
||||
################################################################################
|
||||
########################## FUNCTION CALLS BELOW ################################
|
||||
################################################################################
|
||||
################################################################################
|
||||
#### Function CheckSSLCert #####################################################
|
||||
function CheckSSLCert() {
|
||||
if [ -z "${SSL_CERT_SECRET}" ]; then
|
||||
# No cert was passed
|
||||
debug "User did not provide a SSL secret, moving on..."
|
||||
debug "User did not provide a SSL_CERT_SECRET"
|
||||
else
|
||||
# User has provided a cert file to upload
|
||||
debug "User passed SSL secret:[${SSL_CERT_SECRET}]"
|
||||
debug "User configured a SSL_CERT_SECRET"
|
||||
InstallSSLCert
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
#### Function InstallSSLCert ###################################################
|
||||
|
||||
function InstallSSLCert() {
|
||||
#############
|
||||
# Base Vars #
|
||||
#############
|
||||
local CERT_FILE
|
||||
CERT_FILE='/tmp/cert.crt'
|
||||
local CERT_ROOT
|
||||
CERT_ROOT='/usr/local/share/ca-certificates'
|
||||
local FILE_NAME
|
||||
FILE_NAME=$(basename "${CERT_FILE}" 2>&1)
|
||||
|
||||
#########################
|
||||
# Echo secret into file #
|
||||
#########################
|
||||
echo "${SSL_CERT_SECRET}" >>"${CERT_FILE}"
|
||||
|
||||
########################################
|
||||
# Put the cert in the correct location #
|
||||
########################################
|
||||
COPY_CMD=$(mv "${CERT_FILE}" "${CERT_ROOT}/${FILE_NAME}" 2>&1)
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ "${ERROR_CODE}" -ne 0 ]; then
|
||||
error "ERROR! Failed to move cert into location!"
|
||||
fatal "ERROR:[${COPY_CMD}]"
|
||||
else
|
||||
info "Moved cert into location, adding to trust store..."
|
||||
local CERT_DESTINATION
|
||||
CERT_DESTINATION="${CERT_ROOT}/${FILE_NAME}"
|
||||
info "Moving certificate to ${CERT_DESTINATION}"
|
||||
local COPY_CMD
|
||||
if ! COPY_CMD=$(mv -v "${CERT_FILE}" "${CERT_DESTINATION}" 2>&1); then
|
||||
fatal "Failed to move cert to ${CERT_DESTINATION}. Output: ${COPY_CMD}"
|
||||
fi
|
||||
debug "Move certificate output: ${COPY_CMD}"
|
||||
|
||||
##############################################
|
||||
# Update ca-certificates to pull in the cert #
|
||||
##############################################
|
||||
UPDATE_CMD=$(update-ca-certificates 2>&1)
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ "${ERROR_CODE}" -ne 0 ]; then
|
||||
# ERROR
|
||||
error "ERROR! Failed to add cert to trust store!"
|
||||
fatal "ERROR:[${UPDATE_CMD}]"
|
||||
else
|
||||
# Success
|
||||
info "Successfully added cert to trust store"
|
||||
info "Update cert store to consider the new certificate"
|
||||
local UPDATE_CMD
|
||||
if ! UPDATE_CMD=$(update-ca-certificates 2>&1); then
|
||||
fatal "Failed to add the certificate to the trust store. Output: ${UPDATE_CMD}"
|
||||
fi
|
||||
debug "Cert store update output: ${UPDATE_CMD}"
|
||||
}
|
||||
################################################################################
|
||||
|
|
31
test/data/ssl-certificate/rootCA-test.crt
Normal file
31
test/data/ssl-certificate/rootCA-test.crt
Normal file
|
@ -0,0 +1,31 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIFWTCCA0GgAwIBAgIUOC6jhUoFsZnjjBW2PprtWU42pSUwDQYJKoZIhvcNAQEL
|
||||
BQAwOzEUMBIGA1UEAwwLZXhhbXBsZS5jb20xCzAJBgNVBAYTAlVTMRYwFAYDVQQH
|
||||
DA1TYW4gRnJhbnNpc2NvMCAXDTI0MDExMjEzMzc0OFoYDzIxMjEwNzAyMTMzNzQ4
|
||||
WjA7MRQwEgYDVQQDDAtleGFtcGxlLmNvbTELMAkGA1UEBhMCVVMxFjAUBgNVBAcM
|
||||
DVNhbiBGcmFuc2lzY28wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDO
|
||||
dOCh1uuHtwmrdfyhn+nZo+znIOVqMc6WTEfiSMjEzyu2aoRs6g33Ri+hA3eb7FJO
|
||||
yMheG6m9b/kLawoEVrww0686+nr7d383jYRbuk56odh2B3oQ0w7m2s+YmQd6zY9Q
|
||||
NVUovc2KC8/QAJtc5B66WNIo9ALsRoAke0h/F3j5W4JlZRxm/5Dy+91ZDhugzy8s
|
||||
HzkFc1FS15CKDUKiSISwzR1UFEhKbxSA7Q6vMOK69hCOzxfPwpU8FutKa9LDWsqL
|
||||
m43arZx6pn/suyqTwXanWtMRa2YwGDWtHIt9L4anNCtpc343ZGZ0Rg3pD8o1Rf/t
|
||||
ylwgRDyJeeAhB291zhuw/XH/XS7tSfYL8/M+TjuPSn5s0d+2uzoKibYAv6xecEd+
|
||||
BudhyQ6R0zbutsijPa/qE5geTtuQGK0KgrUO+OSI0uMrg49NFup5QUxgxVujq9ON
|
||||
3CRHLZ15zoh+6AHzGeKjT+mvYCpfN3Psy1Ew1zQRaaVvgjrTAWegmJ/ohDUUsK/C
|
||||
ECWvXu8OWoYJ9Oj6T4vimY+H/ayiqAeysK9X4Xl16VXMwkEBIGEQf/C+HLoCZKlb
|
||||
BmD8OFPvhJbojcsla6FKh6PFfSLVSdej6z072SP+wbAttPfp69G7GfsagFZGjkZk
|
||||
4oHRfn+9/2K22HutTILLb7USg5pgI85Nmm/2v/djFwIDAQABo1MwUTAdBgNVHQ4E
|
||||
FgQUG9oBvDO9pINtlc0rGG6/8OUSBRwwHwYDVR0jBBgwFoAUG9oBvDO9pINtlc0r
|
||||
GG6/8OUSBRwwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAwT7/
|
||||
25oTM0Tx86XmfIQ4zSSWxRhJxuOqlTIIehQ/UsOOiDCsdCxFwd+MkhfWlVLtDeTC
|
||||
GDYgdX8C+FbpqodUDZrd48qZa+G0Z+WFGwPghGB5bCPpfWJSmKtL3sRGTUTxma6U
|
||||
A8s1E/LOdVZRoHJJTxT+ktKzjlNbcBmcKRdMdAuEJtS39GBdtpph+iqC/pIFCyvs
|
||||
Zq/mwqY33O7EP7Xv3NTQQSz2svcHzNidFSJAMUXGDF0uyjv+eDHRHl7cHHJ8HwII
|
||||
fyGOOshcBF+KOZOkmPjJmVqXG+SAsEQVsaawTmXYZpYzBE3Rr10ND7vtu9eieqk/
|
||||
L72dxb6f0iRB5fdxC7JtqGwec3EOeka4bzlats6711f7wszNp2xWOss0wnPpgdIy
|
||||
WgtGZu2D1GyUD3lbQd/HLfpPguY2SolTMtLTqoBWKk8/5KKU0bykMjABuV+CtTQw
|
||||
9PVTovUurZa1lY7Ox/qZ2bMmfw8ekvlzJTPMeVyCGSkJPeXpiY5M3ACJX6ne72v8
|
||||
KqfNxNKBK74XjpjsL/iUjy8XttzrtIL40qfvMcz22MriPe9Q9GDywGkGbrXgblXX
|
||||
RsufAamGRmvTM9mcDpPlf4qDEKMP/c23jKqSBFqqAUepiTpzveeRKAD2KOsLNpud
|
||||
wKsysjuZvP0P5740pCSeSjvh8ZnIt5bdninHRYg=
|
||||
-----END CERTIFICATE-----
|
Loading…
Reference in a new issue