2021-10-01 13:48:24 +02:00
|
|
|
package certutils
|
|
|
|
|
|
|
|
import (
|
|
|
|
"io/ioutil"
|
|
|
|
"net/http"
|
|
|
|
|
|
|
|
piperhttp "github.com/SAP/jenkins-library/pkg/http"
|
|
|
|
"github.com/SAP/jenkins-library/pkg/piperutils"
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
)
|
|
|
|
|
2022-01-31 11:45:40 +02:00
|
|
|
// CertificateUpdate adds certificates to the given truststore
|
2021-10-01 13:48:24 +02:00
|
|
|
func CertificateUpdate(certLinks []string, httpClient piperhttp.Sender, fileUtils piperutils.FileUtils, caCertsFile string) error {
|
2022-01-31 11:45:40 +02:00
|
|
|
// TODO this implementation doesn't work on non-linux machines, is not failsafe and should be implemented differently
|
|
|
|
|
|
|
|
if len(certLinks) == 0 {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2021-10-01 13:48:24 +02:00
|
|
|
caCerts, err := fileUtils.FileRead(caCertsFile)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrapf(err, "failed to load file '%v'", caCertsFile)
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, link := range certLinks {
|
|
|
|
response, err := httpClient.SendRequest(http.MethodGet, link, nil, nil, nil)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "failed to load certificate from url")
|
|
|
|
}
|
|
|
|
|
|
|
|
content, err := ioutil.ReadAll(response.Body)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "error reading response")
|
|
|
|
}
|
|
|
|
_ = response.Body.Close()
|
|
|
|
content = append(content, []byte("\n")...)
|
|
|
|
caCerts = append(caCerts, content...)
|
|
|
|
}
|
|
|
|
err = fileUtils.FileWrite(caCertsFile, caCerts, 0644)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrapf(err, "failed to update file '%v'", caCertsFile)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|