diff options
| author |  Tim Emiola <temiola@google.com> | 2015-01-27 05:08:06 -0800 |
|---|---|---|
| committer | Tim Emiola <temiola@google.com> | 2015-01-27 05:08:06 -0800 |
| commit | c3aabdd121f4ffe6ed7e88aebfbee7cc714c1627 (patch) | |
| tree | 29b4fc46bf4fc40dad8eee9784d6ebdb34404869 /tools/gce_setup/shared_startup_funcs.sh | |
| parent | 83182941b523b653e40cf8dfc07d3158ffb2ffd0 (diff) | |
Adds a func for installing the Googles's roots.pem
roots.pem is not added to source control, but is instead saved on GCS.
The func copies roots.pem to docker host, to a location that can referenced by
Dockerfiles using the ADD directive
Diffstat (limited to 'tools/gce_setup/shared_startup_funcs.sh')
| -rwxr-xr-x | tools/gce_setup/shared_startup_funcs.sh | 38 |
1 files changed, 35 insertions, 3 deletions
diff --git a/tools/gce_setup/shared_startup_funcs.sh b/tools/gce_setup/shared_startup_funcs.sh index f1dbca9a2e..69f6ba8cc0 100755 --- a/tools/gce_setup/shared_startup_funcs.sh +++ b/tools/gce_setup/shared_startup_funcs.sh @@ -405,14 +405,18 @@ grpc_dockerfile_install() { # For specific base images, sync the ssh key into the .ssh dir in the dockerfile context [[ $image_label == "grpc/base" ]] && { - grpc_docker_sync_github_key $dockerfile_dir/.ssh 'base_ssh_key'|| return 1; + grpc_docker_sync_github_key $dockerfile_dir/.ssh 'base_ssh_key' || return 1; } [[ $image_label == "grpc/go" ]] && { - grpc_docker_sync_github_key $dockerfile_dir/.ssh 'go_ssh_key'|| return 1; + grpc_docker_sync_github_key $dockerfile_dir/.ssh 'go_ssh_key' || return 1; } [[ $image_label == "grpc/java_base" ]] && { - grpc_docker_sync_github_key $dockerfile_dir/.ssh 'java_base_ssh_key'|| return 1; + grpc_docker_sync_github_key $dockerfile_dir/.ssh 'java_base_ssh_key' || return 1; } + [[ $image_label == "grpc/ruby" ]] && { + grpc_docker_sync_roots_pem $dockerfile_dir/cacerts || return 1; + } + # TODO(temiola): maybe make cache/no-cache a func option? sudo docker build $cache_opt -t $image_label $dockerfile_dir || { @@ -471,3 +475,31 @@ grpc_docker_sync_github_key() { } gsutil cp $src $gcs_key_path $local_key_path } + +# grpc_docker_sync_roots_pem. +# +# Copies the root pems from GCS to the target dir +# +# call-seq: +# grpc_docker_sync_roots_pem <target_dir> +grpc_docker_sync_roots_pem() { + local target_dir=$1 + [[ -n $target_dir ]] || { echo "$FUNCNAME: missing arg: target_dir" >&2; return 1; } + + # determine the admin root; the parent of the dockerfile root, + local gs_dockerfile_root=$(load_metadata "attributes/gs_dockerfile_root") + [[ -n $gs_dockerfile_root ]] || { + echo "$FUNCNAME: missing metadata: gs_dockerfile_root" >&2 + return 1 + } + local gcs_admin_root=$(dirname $gs_dockerfile_root) + + # cp the file from gsutil to a known local area + local gcs_certs_path=$gcs_admin_root/cacerts/roots.pem + local local_certs_path=$target_dir/roots.pem + mkdir -p $target_dir || { + echo "$FUNCNAME: could not create dir: $target_dir" 1>&2 + return 1 + } + gsutil cp $src $gcs_certs_path $local_certs_path +} |