Merge pull request #2946 from coreos-inc/fix-custom-cert-install

Fix the custom cert install process to install to the new certifi location, in addition to the old location
This commit is contained in:
josephschorr 2017-12-18 11:45:37 -05:00 committed by GitHub
commit a251373f11
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 2 deletions

View file

@ -17,6 +17,7 @@ if [ -d $QUAYCONF/stack/extra_ca_certs ]; then
echo "Installing extra certificates found in $QUAYCONF/stack/extra_ca_certs directory" echo "Installing extra certificates found in $QUAYCONF/stack/extra_ca_certs directory"
cp $QUAYCONF/stack/extra_ca_certs/* /usr/local/share/ca-certificates/ cp $QUAYCONF/stack/extra_ca_certs/* /usr/local/share/ca-certificates/
cat $QUAYCONF/stack/extra_ca_certs/* >> venv/lib/python2.7/site-packages/requests/cacert.pem cat $QUAYCONF/stack/extra_ca_certs/* >> venv/lib/python2.7/site-packages/requests/cacert.pem
cat $QUAYCONF/stack/extra_ca_certs/* >> venv/lib/python2.7/site-packages/certifi/cacert.pem
fi fi
fi fi
@ -25,6 +26,7 @@ if [ -f $QUAYCONF/stack/extra_ca_certs ]; then
echo "Installing extra certificates found in $QUAYCONF/stack/extra_ca_certs file" echo "Installing extra certificates found in $QUAYCONF/stack/extra_ca_certs file"
csplit -z -f /usr/local/share/ca-certificates/extra-ca- $QUAYCONF/stack/extra_ca_certs '/-----BEGIN CERTIFICATE-----/' '{*}' csplit -z -f /usr/local/share/ca-certificates/extra-ca- $QUAYCONF/stack/extra_ca_certs '/-----BEGIN CERTIFICATE-----/' '{*}'
cat $QUAYCONF/stack/extra_ca_certs >> venv/lib/python2.7/site-packages/requests/cacert.pem cat $QUAYCONF/stack/extra_ca_certs >> venv/lib/python2.7/site-packages/requests/cacert.pem
cat $QUAYCONF/stack/extra_ca_certs >> venv/lib/python2.7/site-packages/certifi/cacert.pem
fi fi
# Add extra trusted certificates (prefixed) # Add extra trusted certificates (prefixed)
@ -33,6 +35,7 @@ do
echo "Installing extra cert $f" echo "Installing extra cert $f"
cp "$f" /usr/local/share/ca-certificates/ cp "$f" /usr/local/share/ca-certificates/
cat "$f" >> venv/lib/python2.7/site-packages/requests/cacert.pem cat "$f" >> venv/lib/python2.7/site-packages/requests/cacert.pem
cat "$f" >> venv/lib/python2.7/site-packages/certifi/cacert.pem
done done
# Update all CA certificates. # Update all CA certificates.

View file

@ -25,7 +25,7 @@ blinker==1.4
boto==2.46.1 boto==2.46.1
boto3==1.4.7 boto3==1.4.7
cachetools==1.1.6 cachetools==1.1.6
certifi==2017.4.17 certifi==2017.11.5
cffi==1.10.0 cffi==1.10.0
click==6.7 click==6.7
contextlib2==0.5.4 contextlib2==0.5.4
@ -117,7 +117,7 @@ redis==2.10.5
redlock==1.2.0 redlock==1.2.0
reportlab==2.7 reportlab==2.7
requests-oauthlib==0.8.0 requests-oauthlib==0.8.0
requests[security]==2.13.0 requests[security]==2.18.4
rfc3986==0.4.1 rfc3986==0.4.1
semantic-version==2.6.0 semantic-version==2.6.0
six==1.10.0 six==1.10.0