mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-28 21:25:55 +01:00
Merge pull request #12322 from heww/install-tls-ca
feat(certs): install internal tls ca from /etc/harbor/ssl dir
This commit is contained in:
commit
0474a2a040
@ -2,14 +2,26 @@
|
|||||||
|
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
|
if ! grep -q "Photon" /etc/lsb-release; then
|
||||||
|
echo "Current OS is not Photon, skip appending ca bundle"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
if [ ! -f ~/ca-bundle.crt.original ]; then
|
if [ ! -f ~/ca-bundle.crt.original ]; then
|
||||||
cp /etc/pki/tls/certs/ca-bundle.crt ~/ca-bundle.crt.original
|
cp /etc/pki/tls/certs/ca-bundle.crt ~/ca-bundle.crt.original
|
||||||
fi
|
fi
|
||||||
|
|
||||||
cp ~/ca-bundle.crt.original /etc/pki/tls/certs/ca-bundle.crt
|
cp ~/ca-bundle.crt.original /etc/pki/tls/certs/ca-bundle.crt
|
||||||
|
|
||||||
if [ "$(ls -A /harbor_cust_cert)" ]; then
|
# Install /etc/harbor/ssl/{component}/ca.crt to trust CA.
|
||||||
if grep -q "Photon" /etc/lsb-release; then
|
echo "Appending internal tls trust CA to ca-bundle ..."
|
||||||
|
for caFile in `find /etc/harbor/ssl -maxdepth 2 -name ca.crt`; do
|
||||||
|
cat $caFile >> /etc/pki/tls/certs/ca-bundle.crt
|
||||||
|
echo "Internal tls trust CA $caFile appended ..."
|
||||||
|
done
|
||||||
|
echo "Internal tls trust CA appending is Done."
|
||||||
|
|
||||||
|
if [[ -d /harbor_cust_cert && -n "$(ls -A /harbor_cust_cert)" ]]; then
|
||||||
echo "Appending trust CA to ca-bundle ..."
|
echo "Appending trust CA to ca-bundle ..."
|
||||||
for z in /harbor_cust_cert/*; do
|
for z in /harbor_cust_cert/*; do
|
||||||
case ${z} in
|
case ${z} in
|
||||||
@ -25,7 +37,4 @@ if [ "$(ls -A /harbor_cust_cert)" ]; then
|
|||||||
esac
|
esac
|
||||||
done
|
done
|
||||||
echo "CA appending is Done."
|
echo "CA appending is Done."
|
||||||
else
|
|
||||||
echo "Current OS is not Photon, skip appending ca bundle"
|
|
||||||
fi
|
|
||||||
fi
|
fi
|
||||||
|
Loading…
Reference in New Issue
Block a user