import_and_load_root_ca.yml - Rudder - Issue Tracker

Bug #27167 » import_and_load_root_ca.yml

Félix DALLIDET, 2025-06-27 15:41

    
    id: import_and_load_root_ca

    name: Import and load Root CA

    version: '1.0'

    description: Import and load Root CA

    category: ncf_techniques

    params:

      - id: f589320e-f1b6-4dc6-93d6-546f0641b519

        name: certificate

        description: certificate

        documentation: ''

        constraints:

          allow_empty: false

      - id: 272a63bc-af0f-47fc-9725-4914b1222d44

        name: filename

        description: filename

        constraints:

          allow_empty: false

    items:

      - id: ec33b01e-3a5a-4f49-be90-f83a2f4c4cdd

        name: Install Root CA for debian family

        reporting:

          mode: weighted

        condition: debian

        items:

          - id: e70d24dc-ef27-497c-b335-504c64591651

            name: install ca-certificates

            method: package_present

            params:

              name: ca-certificates

              version: ''

              architecture: ''

              provider: ''

          - id: 0535b094-65dc-48d7-99c6-c9c7c8e62923

            name: install ca certificate

            method: file_content

            params:

              path: /usr/local/share/ca-certificates/${filename}

              lines: ${certificate}

              enforce: 'true'

          - id: 5ef3abbb-3508-4e54-b5d2-733701679b05

            name: Load ca_cert

            reporting:

              mode: disabled

            method: command_execution

            params:

              command: update-ca-certificates

      - id: 95560395-bb6a-45ed-bf3c-972c8f623c9d

        name: Install Root CA for redhat family

        reporting:

          mode: weighted

        condition: redhat

        items:

          - id: c5bd1f5e-258a-4a06-9520-bd7cf8f4bf9b

            name: install ca-certificates

            method: package_present

            params:

              name: ca-certificates

              version: ''

              architecture: ''

              provider: ''

          - id: c90c0864-5dff-4037-bba1-674ed156e745

            name: Ensure /etc/pki/ca-trust/source/whitelist/ is present

            method: directory_present

            params:

              path: /etc/pki/ca-trust/source/whitelist/

          - id: b2e3eacb-4eea-4c2b-9167-8c35261f5ed8

            name: install ca certificate

            method: file_content

            params:

              path: /etc/pki/ca-trust/source/whitelist/${filename}

              lines: ${certificate}

              enforce: 'true'

          - id: a2f4250b-3e35-4bf8-b208-c30848ff4923

            name: Load ca_cert

            reporting:

              mode: disabled

            method: command_execution

            params:

              command: update-ca-trust

(1-1/1)

Project

General

Profile

Rudder

Bug #27167 » import_and_load_root_ca.yml