diff options
| author | Claire McQuin <mcquin@users.noreply.github.com> | 2014-09-15 14:56:40 -0700 |
|---|---|---|
| committer | Claire McQuin <mcquin@users.noreply.github.com> | 2014-09-15 14:56:40 -0700 |
| commit | 49582c3db4e3b54674ecfb57fe82157720350274 (patch) | |
| tree | f83871612ac5d8cee68c51c32171fbbbd40d0684 /lib | |
| parent | cb61daebfb0d255cae928ca1a92db29b055755cf (diff) | |
| parent | e4ac353bebdc949cd2cd8ce69983a56b96917dfa (diff) | |
| download | chef-49582c3db4e3b54674ecfb57fe82157720350274.tar.gz | |
Merge pull request #2003 from opscode/mcquin/transfer_trusted_certs
Mcquin/transfer trusted certs
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/chef/knife/bootstrap/archlinux-gems.erb | 5 | ||||
| -rw-r--r-- | lib/chef/knife/bootstrap/chef-aix.erb | 5 | ||||
| -rw-r--r-- | lib/chef/knife/bootstrap/chef-full.erb | 5 | ||||
| -rw-r--r-- | lib/chef/knife/core/bootstrap_context.rb | 20 |
4 files changed, 35 insertions, 0 deletions
diff --git a/lib/chef/knife/bootstrap/archlinux-gems.erb b/lib/chef/knife/bootstrap/archlinux-gems.erb index bb84340c05..eb134b90d5 100644 --- a/lib/chef/knife/bootstrap/archlinux-gems.erb +++ b/lib/chef/knife/bootstrap/archlinux-gems.erb @@ -23,6 +23,11 @@ EOP chmod 0600 /etc/chef/encrypted_data_bag_secret <% end -%> +<% unless trusted_certs.empty? -%> +mkdir -p /etc/chef/trusted_certs +<%= trusted_certs %> +<% end -%> + <%# Generate Ohai Hints -%> <% unless @chef_config[:knife][:hints].nil? || @chef_config[:knife][:hints].empty? -%> mkdir -p /etc/chef/ohai/hints diff --git a/lib/chef/knife/bootstrap/chef-aix.erb b/lib/chef/knife/bootstrap/chef-aix.erb index 59993b478a..3a031ee738 100644 --- a/lib/chef/knife/bootstrap/chef-aix.erb +++ b/lib/chef/knife/bootstrap/chef-aix.erb @@ -36,6 +36,11 @@ EOP chmod 0600 /etc/chef/encrypted_data_bag_secret <% end -%> +<% unless trusted_certs.empty? -%> +mkdir -p /etc/chef/trusted_certs +<%= trusted_certs %> +<% end -%> + <%# Generate Ohai Hints -%> <% unless @chef_config[:knife][:hints].nil? || @chef_config[:knife][:hints].empty? -%> mkdir -p /etc/chef/ohai/hints diff --git a/lib/chef/knife/bootstrap/chef-full.erb b/lib/chef/knife/bootstrap/chef-full.erb index a4e85b9d67..6edb485f44 100644 --- a/lib/chef/knife/bootstrap/chef-full.erb +++ b/lib/chef/knife/bootstrap/chef-full.erb @@ -50,6 +50,11 @@ EOP chmod 0600 /etc/chef/encrypted_data_bag_secret <% end -%> +<% unless trusted_certs.empty? -%> +mkdir -p /etc/chef/trusted_certs +<%= trusted_certs %> +<% end -%> + <%# Generate Ohai Hints -%> <% unless @chef_config[:knife][:hints].nil? || @chef_config[:knife][:hints].empty? -%> mkdir -p /etc/chef/ohai/hints diff --git a/lib/chef/knife/core/bootstrap_context.rb b/lib/chef/knife/core/bootstrap_context.rb index 9fa6dcc46f..87c25ca160 100644 --- a/lib/chef/knife/core/bootstrap_context.rb +++ b/lib/chef/knife/core/bootstrap_context.rb @@ -54,6 +54,10 @@ class Chef end end + def trusted_certs + @trusted_certs ||= trusted_certs_content + end + def config_content client_rb = <<-CONFIG log_location STDOUT @@ -109,6 +113,10 @@ CONFIG client_rb << %Q{encrypted_data_bag_secret "/etc/chef/encrypted_data_bag_secret"\n} end + unless trusted_certs.empty? + client_rb << %Q{trusted_certs_dir "/etc/chef/trusted_certs"\n} + end + client_rb end @@ -155,6 +163,18 @@ CONFIG (@config[:first_boot_attributes] || {}).merge(:run_list => @run_list) end + private + def trusted_certs_content + content = "" + if @chef_config[:trusted_certs_dir] + Dir.glob(File.join(@chef_config[:trusted_certs_dir], "*.{crt,pem}")).each do |cert| + content << "cat > /etc/chef/trusted_certs/#{File.basename(cert)} <<'EOP'\n" + + IO.read(File.expand_path(cert)) + "\nEOP\n" + end + end + content + end + end end end |