feature: protect ca addition from duplicate

2024-08-25 20:37:19 +02:00 · 2024-08-25 20:37:19 +02:00 · 901abd15d0
commit 901abd15d0
parent 5ef6c848ad
1 changed files with 11 additions and 2 deletions
--- a/action.yml
+++ b/action.yml
@ -8,7 +8,7 @@ inputs:
    description: 'root certificate to add to the truststore'
    required: true
  alias-name:
-    description: "alias name of the new added certificate"
+    description: "alias name of the new added certificate, if not provided a random name is generate, beware with random name generated certificate is always inserted even if it already exist"
    required: false
    default: ""
  store-path:
@ -49,5 +49,14 @@ runs:
    - name: Add certificate ${{ steps.generate-alias-name.outputs.alias-name }} to truststore
      shell: bash
      env:
        does_not_exist_message: "does not exist"
      run: |
-        echo "${{ inputs.ca-cert }}" | keytool -import -noprompt -trustcacerts -alias ${{ steps.generate-alias-name.outputs.alias-name }} -keystore ${{ inputs.store-path }} -storepass ${{ inputs.store-password }}
+        already_exists=$(keytool -list -alias ${{ steps.generate-alias-name.outputs.alias-name }} -keystore ${{ inputs.store-path }} -storepass ${{ inputs.store-password }} 2>/dev/null | grep "${{ env.does_not_exist_message }}" || true)
        if [ ! -z "$already_exists" ];
        then
          echo "${{ inputs.ca-cert }}" | keytool -import -noprompt -trustcacerts -alias ${{ steps.generate-alias-name.outputs.alias-name }} -keystore ${{ inputs.store-path }} -storepass ${{ inputs.store-password }};
        else
          echo "Certificate ${{ steps.generate-alias-name.outputs.alias-name }} already contained in the truststore";
        fi