name: "add-ca-truststore"
description: 'Github action to add a root certificate to a java truststore'
branding:
  icon: upload
  color: blue
inputs:
  ca-cert:
    description: 'root certificate to add to the truststore'
    required: true
  alias-name:
    description: "alias name of the new added certificate"
    required: false
    default: ""
  store-path:
    description: "java store path usually end with /cacert"
    required: true
  store-password:
    description: "java store password"
    required: false
    default: "changeit"
outputs:
  certificate-alias:
    value: ${{ steps.generate-alias-name.outputs.alias-name }}
    description: "alias name of added certificate, generated if not provided as input"

runs:
  using: "composite"
  steps:
    - name: Generate random pet name
      if: ${{ inputs.alias-name == '' }}
      id: generate-pet-name
      shell: bash
      run: |
        apt update
        apt-get install -y golang-petname
        pet_name=$(golang-petname)
        
        echo "pet-name=$pet_name" >> "$GITHUB_OUTPUT"

    - name: Defined alias name
      id: generate-alias-name
      shell: bash
      run: |
        if [ "T${{ inputs.alias-name }}T" == "TT" ]; then
          echo "alias-name=${{ steps.generate-pet-name.outputs.pet-name }}" >> "$GITHUB_OUTPUT"
        else
          echo "alias-name=${{ inputs.alias-name }}" >> "$GITHUB_OUTPUT"
        fi

    - name: Add certificate ${{ steps.generate-alias-name.outputs.alias-name }} to truststore
      shell: bash
      run: |
        echo "${{ inputs.ca-cert }}" | keytool -import -noprompt -trustcacerts -alias ${{ steps.generate-alias-name.outputs.alias-name }} -keystore ${{ inputs.store-path }} -storepass ${{ inputs.store-password }}