Fix the custom cert install process to install to the new certifi location, in addition to the old location

Also updates our requirements around requests
This commit is contained in:
Joseph Schorr 2017-12-15 17:26:44 -05:00
parent e06a83faf9
commit 6de96ee8a5
2 changed files with 5 additions and 2 deletions

View file

@ -17,6 +17,7 @@ if [ -d $QUAYCONF/stack/extra_ca_certs ]; then
echo "Installing extra certificates found in $QUAYCONF/stack/extra_ca_certs directory"
cp $QUAYCONF/stack/extra_ca_certs/* /usr/local/share/ca-certificates/
cat $QUAYCONF/stack/extra_ca_certs/* >> venv/lib/python2.7/site-packages/requests/cacert.pem
cat $QUAYCONF/stack/extra_ca_certs/* >> venv/lib/python2.7/site-packages/certifi/cacert.pem
fi
fi
@ -25,6 +26,7 @@ if [ -f $QUAYCONF/stack/extra_ca_certs ]; then
echo "Installing extra certificates found in $QUAYCONF/stack/extra_ca_certs file"
csplit -z -f /usr/local/share/ca-certificates/extra-ca- $QUAYCONF/stack/extra_ca_certs '/-----BEGIN CERTIFICATE-----/' '{*}'
cat $QUAYCONF/stack/extra_ca_certs >> venv/lib/python2.7/site-packages/requests/cacert.pem
cat $QUAYCONF/stack/extra_ca_certs >> venv/lib/python2.7/site-packages/certifi/cacert.pem
fi
# Add extra trusted certificates (prefixed)
@ -33,6 +35,7 @@ do
echo "Installing extra cert $f"
cp "$f" /usr/local/share/ca-certificates/
cat "$f" >> venv/lib/python2.7/site-packages/requests/cacert.pem
cat "$f" >> venv/lib/python2.7/site-packages/certifi/cacert.pem
done
# Update all CA certificates.

View file

@ -25,7 +25,7 @@ blinker==1.4
boto==2.46.1
boto3==1.4.7
cachetools==1.1.6
certifi==2017.4.17
certifi==2017.11.5
cffi==1.10.0
click==6.7
contextlib2==0.5.4
@ -117,7 +117,7 @@ redis==2.10.5
redlock==1.2.0
reportlab==2.7
requests-oauthlib==0.8.0
requests[security]==2.13.0
requests[security]==2.18.4
rfc3986==0.4.1
semantic-version==2.6.0
six==1.10.0