fix: update ENC script CA certificate path #62

Merged
unkinben merged 1 commits from benvin/fix-enc-ca-cert into main 2026-03-20 23:05:36 +11:00
3 changed files with 13 additions and 1 deletions
@@ -96,6 +96,9 @@ spec:
readOnly: true
- mountPath: /opt/bin/
name: puppet-shared-bins
- mountPath: /opt/vault-ca-cert.crt
name: vault-ca-cert
subPath: ca.crt
initContainers:
- name: copy-configmaps
image: busybox:1.35
@@ -229,5 +232,8 @@ spec:
- name: puppet-shared-bins
persistentVolumeClaim:
claimName: puppet-shared-bins
- name: vault-ca-cert
secret:
secretName: vault-ca-cert
strategy:
type: RollingUpdate
@@ -95,6 +95,9 @@ spec:
readOnly: true
- mountPath: /opt/bin/
name: puppet-shared-bins
- mountPath: /opt/vault-ca-cert.crt
name: vault-ca-cert
subPath: ca.crt
initContainers:
- args:
- mkdir -p /etc/puppetlabs/puppet/eyaml/keys;
@@ -168,3 +171,6 @@ spec:
- name: puppet-shared-bins
persistentVolumeClaim:
claimName: puppet-shared-bins
- name: vault-ca-cert
secret:
secretName: vault-ca-cert
+1 -1
View File
@@ -20,7 +20,7 @@ def fetch_enc_data(cobbler_url: str, hostname: str) -> str:
"""
url = f"{cobbler_url}/cblr/svc/op/puppet/hostname/{hostname}"
try:
response = requests.get(url, verify='/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem')
response = requests.get(url, verify='/opt/vault-ca-cert.crt')
response.raise_for_status()
except requests.RequestException as e:
sys.exit(f"Request failed: {e}")