handle non pem input when openssl does not autodetect certificate inform
All checks were successful
test / Linting (push) Successful in 29s
test / Molecule tests (default, debian12) (push) Successful in 1m4s
test / Molecule tests (default, debian11) (push) Successful in 1m24s
test / Molecule tests (default, ubuntu2004) (push) Successful in 1m24s
test / Molecule tests (default, ubuntu2204) (push) Successful in 1m0s
test / Molecule tests (with_custom_ca, debian11) (push) Successful in 44s
test / Molecule tests (with_custom_ca, debian12) (push) Successful in 1m1s
test / Molecule tests (with_custom_ca, ubuntu2204) (push) Successful in 1m5s
test / Molecule tests (with_custom_ca, ubuntu2004) (push) Successful in 1m12s
All checks were successful
test / Linting (push) Successful in 29s
test / Molecule tests (default, debian12) (push) Successful in 1m4s
test / Molecule tests (default, debian11) (push) Successful in 1m24s
test / Molecule tests (default, ubuntu2004) (push) Successful in 1m24s
test / Molecule tests (default, ubuntu2204) (push) Successful in 1m0s
test / Molecule tests (with_custom_ca, debian11) (push) Successful in 44s
test / Molecule tests (with_custom_ca, debian12) (push) Successful in 1m1s
test / Molecule tests (with_custom_ca, ubuntu2204) (push) Successful in 1m5s
test / Molecule tests (with_custom_ca, ubuntu2004) (push) Successful in 1m12s
This commit is contained in:
parent
891015013b
commit
263da6e7ab
@ -8,11 +8,22 @@
|
||||
dest: "/tmp/{{ item.cert_name }}.tmp"
|
||||
mode: '0644'
|
||||
loop: "{{ import_vault_root_ca_certificate_list }}"
|
||||
register: download_results
|
||||
|
||||
- name: "Check certificate format"
|
||||
ansible.builtin.command: >
|
||||
openssl x509 -inform PEM -noout -in {{ item.dest }}
|
||||
loop: "{{ download_results.results }}"
|
||||
register: cert_format_results
|
||||
changed_when: false
|
||||
failed_when: false
|
||||
|
||||
- name: "Make sure certificate is in PEM format"
|
||||
ansible.builtin.command:
|
||||
cmd: "openssl x509 -in /tmp/{{ item.cert_name }}.tmp -out {{ import_vault_root_ca_cert_dir }}/{{ item.cert_name }}.crt -outform pem"
|
||||
creates: "{{ import_vault_root_ca_cert_dir }}/{{ item.cert_name }}.crt"
|
||||
loop: "{{ import_vault_root_ca_certificate_list }}"
|
||||
cmd: openssl x509 -inform {{ 'PEM' if item.rc == 0 else 'DER' }} -in {{ item.item.dest }} -out {{ import_vault_root_ca_cert_dir }}/{{ item.item.item.cert_name }}.crt -outform pem
|
||||
creates: "{{ import_vault_root_ca_cert_dir }}/{{ item.item.item.cert_name }}.crt"
|
||||
loop: "{{ cert_format_results.results }}"
|
||||
notify:
|
||||
- update-ca-certificates
|
||||
# loop_control:
|
||||
# loop_var: item
|
||||
|
Loading…
Reference in New Issue
Block a user