feature: action allow to retrieve rot ca cert
This commit is contained in:
parent
8dcca2d1e5
commit
53467717df
GPG Key ID:
098FB66FC0475E70
27
README.md
27
README.md
@ -1,2 +1,25 @@
|
|||||||
# action-template
|
# get ca cert
|
||||||
github action template
|
|
||||||
|
Github action to retrieve root ca certificate from pki managed thanks to cfssl.
|
||||||
|
|
||||||
|
usage example
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
name: Main
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- main
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
build:
|
||||||
|
runs-on: runner
|
||||||
|
steps:
|
||||||
|
- name: Retrieve root ca certificate
|
||||||
|
id: get-ca-cert
|
||||||
|
uses: RouxAntoine/get-ca-cert@master
|
||||||
|
- run: |
|
||||||
|
echo "${{ steps.get-ca-cert.outputs.ca-cert }}"
|
||||||
|
echo "${{ steps.get-ca-cert.outputs.ca-cert-base64 }}"
|
||||||
|
```
|
||||||
|
|||||||
53
action.yml
53
action.yml
@ -1,33 +1,36 @@
|
|||||||
name: 'Action-template'
|
name: 'get-ca-cert'
|
||||||
description: 'Github action template'
|
description: 'Github action to retrieve root ca certificate from cfssl PKI API'
|
||||||
branding:
|
branding:
|
||||||
icon: file
|
icon: anchor
|
||||||
color: orange
|
color: green
|
||||||
inputs:
|
inputs:
|
||||||
sample-input:
|
pki-address:
|
||||||
description: 'input example'
|
description: 'cfssl pki API address'
|
||||||
default: 'default-value'
|
default: 'pki.localdomain'
|
||||||
required: false
|
required: false
|
||||||
|
pki-port:
|
||||||
|
description: 'cfssl pki API port'
|
||||||
|
default: '444'
|
||||||
|
required: false
|
||||||
|
outputs:
|
||||||
|
ca-cert:
|
||||||
|
value: "${{ steps.retrieve-ca-cert.outputs.ca-cert }}"
|
||||||
|
description: Root ca certificate in x509 format
|
||||||
|
ca-cert-base64:
|
||||||
|
value: "${{ steps.retrieve-ca-cert.outputs.ca-cert-base64 }}"
|
||||||
|
description: x509 formated root ca certificate encoded in base64
|
||||||
runs:
|
runs:
|
||||||
using: "composite"
|
using: "composite"
|
||||||
steps:
|
steps:
|
||||||
- name: Set GitHub Path example
|
- name: Get root ca certificate from cfssl PKI API
|
||||||
run: echo "$GITHUB_ACTION_PATH" >> $GITHUB_PATH
|
id: retrieve-ca-cert
|
||||||
shell: bash
|
|
||||||
env:
|
|
||||||
GITHUB_ACTION_PATH: ${{ github.action_path }}
|
|
||||||
|
|
||||||
- name: Set Github secret output result example
|
|
||||||
id: sets-a-secret
|
|
||||||
shell: bash
|
shell: bash
|
||||||
run: |
|
run: |
|
||||||
the_secret=$((RANDOM))
|
ca_cert=$(curl -sSL -d '{"label": "primary"}' ${{ inputs.pki-address }}:${{ inputs.pki-port }}/api/v1/cfssl/info |jq -r '.result.certificate')
|
||||||
echo "::add-mask::$the_secret"
|
ca_cert_base64=$(echo "$ca_cert" | base64 -w 0)
|
||||||
echo "secret-number=$the_secret" >> "$GITHUB_OUTPUT"
|
|
||||||
|
echo "ca-cert<<EOF" >> "$GITHUB_OUTPUT"
|
||||||
- name: Set Github output result example
|
echo "$ca_cert" >> "$GITHUB_OUTPUT"
|
||||||
id: sets-output
|
echo "EOF" >> "$GITHUB_OUTPUT"
|
||||||
shell: bash
|
|
||||||
run: |
|
echo "ca-cert-base64=$ca_cert_base64" >> "$GITHUB_OUTPUT"
|
||||||
output_number=$((RANDOM))
|
|
||||||
echo "output-number=$output_number" >> "$GITHUB_OUTPUT"
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user