2024-08-25 16:36:57 +00:00
|
|
|
name: 'get-ca-cert'
|
|
|
|
description: 'Github action to retrieve root ca certificate from cfssl PKI API'
|
2024-08-25 15:34:25 +00:00
|
|
|
branding:
|
2024-08-25 16:36:57 +00:00
|
|
|
icon: anchor
|
|
|
|
color: green
|
2024-08-25 15:34:25 +00:00
|
|
|
inputs:
|
2024-08-25 16:36:57 +00:00
|
|
|
pki-address:
|
|
|
|
description: 'cfssl pki API address'
|
|
|
|
default: 'pki.localdomain'
|
2024-08-25 15:34:25 +00:00
|
|
|
required: false
|
2024-08-25 16:36:57 +00:00
|
|
|
pki-port:
|
|
|
|
description: 'cfssl pki API port'
|
|
|
|
default: '444'
|
|
|
|
required: false
|
|
|
|
outputs:
|
|
|
|
ca-cert:
|
|
|
|
value: "${{ steps.retrieve-ca-cert.outputs.ca-cert }}"
|
|
|
|
description: Root ca certificate in x509 format
|
|
|
|
ca-cert-base64:
|
|
|
|
value: "${{ steps.retrieve-ca-cert.outputs.ca-cert-base64 }}"
|
|
|
|
description: x509 formated root ca certificate encoded in base64
|
2024-08-25 15:34:25 +00:00
|
|
|
runs:
|
|
|
|
using: "composite"
|
|
|
|
steps:
|
2024-08-25 16:36:57 +00:00
|
|
|
- name: Get root ca certificate from cfssl PKI API
|
|
|
|
id: retrieve-ca-cert
|
2024-08-25 15:34:25 +00:00
|
|
|
shell: bash
|
|
|
|
run: |
|
2024-08-25 16:36:57 +00:00
|
|
|
ca_cert=$(curl -sSL -d '{"label": "primary"}' ${{ inputs.pki-address }}:${{ inputs.pki-port }}/api/v1/cfssl/info |jq -r '.result.certificate')
|
|
|
|
ca_cert_base64=$(echo "$ca_cert" | base64 -w 0)
|
|
|
|
|
|
|
|
echo "ca-cert<<EOF" >> "$GITHUB_OUTPUT"
|
|
|
|
echo "$ca_cert" >> "$GITHUB_OUTPUT"
|
|
|
|
echo "EOF" >> "$GITHUB_OUTPUT"
|
|
|
|
|
|
|
|
echo "ca-cert-base64=$ca_cert_base64" >> "$GITHUB_OUTPUT"
|