feature: trust a root certificate in an existing java truststore
This commit is contained in:
parent
9c90a34579
commit
5ef6c848ad
44
README.md
44
README.md
@ -1,2 +1,42 @@
|
||||
# action-template
|
||||
github action template
|
||||
# Add root certificate to java truststore
|
||||
|
||||
Github action to add a root certificate in x509 format to an existing java truststore.
|
||||
|
||||
usage example
|
||||
|
||||
```yaml
|
||||
name: Main
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: runner
|
||||
steps:
|
||||
- name: Retrieve root ca certificate
|
||||
id: get-ca-cert
|
||||
uses: RouxAntoine/get-ca-cert@master
|
||||
|
||||
- run: |
|
||||
echo "${{ steps.get-ca-cert.outputs.ca-cert }}"
|
||||
|
||||
- uses: actions/setup-java@v4
|
||||
id: java
|
||||
with:
|
||||
distribution: 'temurin'
|
||||
java-version: '21'
|
||||
|
||||
- name: Add root certificate to java truststore
|
||||
uses: RouxAntoine/add-ca-truststore@master
|
||||
id: add-ca-to-truststore
|
||||
with:
|
||||
ca-cert: "${{ steps.get-ca-cert.outputs.ca-cert }}"
|
||||
store-path: "${{ steps.java.outputs.path }}/lib/security/cacerts"
|
||||
|
||||
- run: |
|
||||
echo "Auto generated alias name: ${{ steps.add-ca-to-truststore.outputs.certificate-alias }}"
|
||||
keytool -list -cacerts
|
||||
```
|
||||
|
64
action.yml
64
action.yml
@ -1,33 +1,53 @@
|
||||
name: 'Action-template'
|
||||
description: 'Github action template'
|
||||
name: "add-ca-truststore"
|
||||
description: 'Github action to add a root certificate to a java truststore'
|
||||
branding:
|
||||
icon: file
|
||||
color: orange
|
||||
icon: upload
|
||||
color: blue
|
||||
inputs:
|
||||
sample-input:
|
||||
description: 'input example'
|
||||
default: 'default-value'
|
||||
ca-cert:
|
||||
description: 'root certificate to add to the truststore'
|
||||
required: true
|
||||
alias-name:
|
||||
description: "alias name of the new added certificate"
|
||||
required: false
|
||||
default: ""
|
||||
store-path:
|
||||
description: "java store path usually end with /cacert"
|
||||
required: true
|
||||
store-password:
|
||||
description: "java store password"
|
||||
required: false
|
||||
default: "changeit"
|
||||
outputs:
|
||||
certificate-alias:
|
||||
value: ${{ steps.generate-alias-name.outputs.alias-name }}
|
||||
description: "alias name of added certificate, generated if not provided as input"
|
||||
|
||||
runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- name: Set GitHub Path example
|
||||
run: echo "$GITHUB_ACTION_PATH" >> $GITHUB_PATH
|
||||
shell: bash
|
||||
env:
|
||||
GITHUB_ACTION_PATH: ${{ github.action_path }}
|
||||
|
||||
- name: Set Github secret output result example
|
||||
id: sets-a-secret
|
||||
- name: Generate random pet name
|
||||
if: ${{ inputs.alias-name == '' }}
|
||||
id: generate-pet-name
|
||||
shell: bash
|
||||
run: |
|
||||
the_secret=$((RANDOM))
|
||||
echo "::add-mask::$the_secret"
|
||||
echo "secret-number=$the_secret" >> "$GITHUB_OUTPUT"
|
||||
apt update
|
||||
apt-get install -y golang-petname
|
||||
pet_name=$(golang-petname)
|
||||
|
||||
- name: Set Github output result example
|
||||
id: sets-output
|
||||
echo "pet-name=$pet_name" >> "$GITHUB_OUTPUT"
|
||||
|
||||
- name: Defined alias name
|
||||
id: generate-alias-name
|
||||
shell: bash
|
||||
run: |
|
||||
output_number=$((RANDOM))
|
||||
echo "output-number=$output_number" >> "$GITHUB_OUTPUT"
|
||||
if [ "T${{ inputs.alias-name }}T" == "TT" ]; then
|
||||
echo "alias-name=${{ steps.generate-pet-name.outputs.pet-name }}" >> "$GITHUB_OUTPUT"
|
||||
else
|
||||
echo "alias-name=${{ inputs.alias-name }}" >> "$GITHUB_OUTPUT"
|
||||
fi
|
||||
|
||||
- name: Add certificate ${{ steps.generate-alias-name.outputs.alias-name }} to truststore
|
||||
shell: bash
|
||||
run: |
|
||||
echo "${{ inputs.ca-cert }}" | keytool -import -noprompt -trustcacerts -alias ${{ steps.generate-alias-name.outputs.alias-name }} -keystore ${{ inputs.store-path }} -storepass ${{ inputs.store-password }}
|
Loading…
Reference in New Issue
Block a user