Skip to content

Commit

Permalink
Add ds-cert-import.sh --input option
Browse files Browse the repository at this point in the history
  • Loading branch information
edewata committed Sep 6, 2024
1 parent d67d4d0 commit d78316d
Show file tree
Hide file tree
Showing 3 changed files with 61 additions and 26 deletions.
44 changes: 34 additions & 10 deletions .github/workflows/ca-clone-secure-ds-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -93,13 +93,25 @@ jobs:
run: |
docker exec primary pk12util \
-d /root/.dogtag/nssdb \
-o ds_server.p12 \
-o $SHARED/primaryds_server.p12 \
-W Secret.123 \
-n Server-Cert
docker cp primary:ds_server.p12 primaryds_server.p12
tests/bin/ds-certs-import.sh --image=pki-runner primaryds primaryds_server.p12
tests/bin/ds-stop.sh --image=pki-runner primaryds
tests/bin/ds-start.sh --image=pki-runner primaryds
sudo chmod go+r primaryds_server.p12
tests/bin/ds-certs-import.sh \
--image=pki-runner \
--input=primaryds_server.p12 \
--password=Secret.123 \
primaryds
tests/bin/ds-stop.sh \
--image=pki-runner \
primaryds
tests/bin/ds-start.sh \
--image=pki-runner \
primaryds
- name: Install CA in primary PKI container
run: |
Expand Down Expand Up @@ -205,13 +217,25 @@ jobs:
run: |
docker exec secondary pk12util \
-d /root/.dogtag/nssdb \
-o ds_server.p12 \
-o $SHARED/secondaryds_server.p12 \
-W Secret.123 \
-n Server-Cert
docker cp secondary:ds_server.p12 secondaryds_server.p12
tests/bin/ds-certs-import.sh --image=pki-runner secondaryds secondaryds_server.p12
tests/bin/ds-stop.sh --image=pki-runner secondaryds
tests/bin/ds-start.sh --image=pki-runner secondaryds
sudo chmod go+r secondaryds_server.p12
tests/bin/ds-certs-import.sh \
--image=pki-runner \
--input=secondaryds_server.p12 \
--password=Secret.123 \
secondaryds
tests/bin/ds-stop.sh \
--image=pki-runner \
secondaryds
tests/bin/ds-start.sh \
--image=pki-runner \
secondaryds
- name: Install CA in secondary PKI container
run: |
Expand Down
23 changes: 18 additions & 5 deletions .github/workflows/ca-secure-ds-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -92,13 +92,26 @@ jobs:
run: |
docker exec pki pk12util \
-d /root/.dogtag/nssdb \
-o ds_server.p12 \
-o $SHARED/ds_server.p12 \
-W Secret.123 \
-n Server-Cert
docker cp pki:ds_server.p12 ds_server.p12
tests/bin/ds-certs-import.sh --image=pki-runner ds ds_server.p12
tests/bin/ds-stop.sh --image=pki-runner ds
tests/bin/ds-start.sh --image=pki-runner ds
sudo chmod go+r ds_server.p12
tests/bin/ds-certs-import.sh \
--image=pki-runner \
--input=ds_server.p12 \
--password=Secret.123 \
--debug \
ds
tests/bin/ds-stop.sh \
--image=pki-runner \
ds
tests/bin/ds-start.sh \
--image=pki-runner \
ds
- name: Install CA
run: |
Expand Down
20 changes: 9 additions & 11 deletions tests/bin/ds-certs-import.sh
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,12 @@ VERBOSE=
DEBUG=

usage() {
echo "Usage: $SCRIPT_NAME [OPTIONS] <name> <input>"
echo "Usage: $SCRIPT_NAME [OPTIONS] <name>"
echo
echo "Options:"
echo " --image=<image> Container image (default: quay.io/389ds/dirsrv)"
echo " --password=<password> Directory Manager password"
echo " --input=<file> PKCS #12 file"
echo " --password=<password> PKCS #12 password"
echo " -v,--verbose Run in verbose mode."
echo " --debug Run in debug mode."
echo " --help Show help message."
Expand All @@ -32,6 +33,9 @@ while getopts v-: arg ; do
image=?*)
IMAGE="$LONG_OPTARG"
;;
input=?*)
INPUT="$LONG_OPTARG"
;;
password=?*)
PASSWORD="$LONG_OPTARG"
;;
Expand All @@ -49,7 +53,7 @@ while getopts v-: arg ; do
'')
break # "--" terminates argument processing
;;
image* | password*)
image* | input* | password*)
echo "ERROR: Missing argument for --$OPTARG option" >&2
exit 1
;;
Expand All @@ -76,17 +80,15 @@ then
exit 1
fi

INPUT=$2

if [ "$INPUT" == "" ]
then
echo "ERROR: Missing input file"
echo "ERROR: Missing PKCS #12 file"
exit 1
fi

if [ "$PASSWORD" == "" ]
then
PASSWORD=Secret.123
echo "ERROR: Missing PKCS #12 password"
fi

if [ "$IMAGE" = "" ]
Expand Down Expand Up @@ -125,10 +127,6 @@ import_certs_into_container() {

docker cp $INPUT $NAME:/tmp/certs.p12

echo "Fixing file ownership"

docker exec -u 0 $NAME chown dirsrv.dirsrv /tmp/certs.p12

echo "Exporting server cert into /data/tls/server.crt"

docker exec $NAME openssl pkcs12 \
Expand Down

0 comments on commit d78316d

Please sign in to comment.