fix: update ENC script CA certificate path #62
@@ -96,6 +96,9 @@ spec:
|
||||
readOnly: true
|
||||
- mountPath: /opt/bin/
|
||||
name: puppet-shared-bins
|
||||
- mountPath: /opt/vault-ca-cert.crt
|
||||
name: vault-ca-cert
|
||||
subPath: ca.crt
|
||||
initContainers:
|
||||
- name: copy-configmaps
|
||||
image: busybox:1.35
|
||||
@@ -229,5 +232,8 @@ spec:
|
||||
- name: puppet-shared-bins
|
||||
persistentVolumeClaim:
|
||||
claimName: puppet-shared-bins
|
||||
- name: vault-ca-cert
|
||||
secret:
|
||||
secretName: vault-ca-cert
|
||||
strategy:
|
||||
type: RollingUpdate
|
||||
|
||||
@@ -95,6 +95,9 @@ spec:
|
||||
readOnly: true
|
||||
- mountPath: /opt/bin/
|
||||
name: puppet-shared-bins
|
||||
- mountPath: /opt/vault-ca-cert.crt
|
||||
name: vault-ca-cert
|
||||
subPath: ca.crt
|
||||
initContainers:
|
||||
- args:
|
||||
- mkdir -p /etc/puppetlabs/puppet/eyaml/keys;
|
||||
@@ -168,3 +171,6 @@ spec:
|
||||
- name: puppet-shared-bins
|
||||
persistentVolumeClaim:
|
||||
claimName: puppet-shared-bins
|
||||
- name: vault-ca-cert
|
||||
secret:
|
||||
secretName: vault-ca-cert
|
||||
|
||||
@@ -20,7 +20,7 @@ def fetch_enc_data(cobbler_url: str, hostname: str) -> str:
|
||||
"""
|
||||
url = f"{cobbler_url}/cblr/svc/op/puppet/hostname/{hostname}"
|
||||
try:
|
||||
response = requests.get(url, verify='/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem')
|
||||
response = requests.get(url, verify='/opt/vault-ca-cert.crt')
|
||||
response.raise_for_status()
|
||||
except requests.RequestException as e:
|
||||
sys.exit(f"Request failed: {e}")
|
||||
|
||||
Reference in New Issue
Block a user