- puppet now automatically trusts vault certs for some clients - ensure build job can access vault certs, or use client.* in .config/incus
This commit is contained in:
@@ -21,8 +21,16 @@ define vault_env
|
||||
mkdir -p $$INCUS_CONFIG_DIR/servercerts && \
|
||||
printf '%s\n' "$$INCUS_CONF_INCUSIMAGES_CERT" > $$INCUS_CONFIG_DIR/servercerts/incus-images.crt && \
|
||||
printf '%s\n' "$$INCUS_CONF_CONFIG_YAML" > $$INCUS_CONFIG_DIR/config.yaml && \
|
||||
printf '%s\n' "$$INCUS_CLIENT_CRT" > $$INCUS_CONFIG_DIR/client.crt && \
|
||||
printf '%s\n' "$$INCUS_CLIENT_KEY" > $$INCUS_CONFIG_DIR/client.key
|
||||
if [ -f /etc/pki/tls/vault/certificate.crt ] && [ -f /etc/pki/tls/vault/private.key ]; then \
|
||||
cp /etc/pki/tls/vault/certificate.crt $$INCUS_CONFIG_DIR/client.crt && \
|
||||
cp /etc/pki/tls/vault/private.key $$INCUS_CONFIG_DIR/client.key; \
|
||||
elif [ -f $$HOME/.config/incus/client.crt ] && [ -f $$HOME/.config/incus/client.key ]; then \
|
||||
cp $$HOME/.config/incus/client.crt $$INCUS_CONFIG_DIR/client.crt && \
|
||||
cp $$HOME/.config/incus/client.key $$INCUS_CONFIG_DIR/client.key; \
|
||||
else \
|
||||
printf '%s\n' "$$INCUS_CLIENT_CRT" > $$INCUS_CONFIG_DIR/client.crt && \
|
||||
printf '%s\n' "$$INCUS_CLIENT_KEY" > $$INCUS_CONFIG_DIR/client.key; \
|
||||
fi
|
||||
endef
|
||||
|
||||
clean:
|
||||
|
||||
Reference in New Issue
Block a user