particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Upload to HTTPS S3 - Support self signed certificate

Browse source 
API
---
Allow the user to pass the CA public certification or skip the verification

AWSCloud
--------
Restore the old version of newAwsFromCreds for access to AWS
Create a new method newAwsFromCredsWithEndpoint for Generic S3 which sets the endpoint and optionally overrides the CA Bundle or skips the SSL certificate verification

jobimpl-osbuild
---------------
Update with the new parameters

osbuild-upload-generic-s3
-------------------------
Add ca-bunlde and skip-ssl-verification flags

tests
-----
Split the tests into http, https with certificate and https skip certificate check
Create a new base test for S3 over HTTPS for secure and insecure
Move the generic S3 test to tools to reuse for secure and insecure connections
All S3 tests now use the aws cli tool
Update the libvirt test to be able to download over HTTPS
Update the RPM spec

Kill container with sudo
This commit is contained in:
Ygal Blum 2022-05-26 07:41:11 +03:00
parent cd49c932a2
commit 8407c97d96
15 changed files with 331 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

14
tools/libvirt_test.sh
View file

@ -2,7 +2,7 @@
set -euo pipefail
#
# tests that guest images are buildable using composer-cli and and verifies
# tests that guest images are buildable using composer-cli and and verifies
# they boot with cloud-init using libvirt
#
@ -19,6 +19,8 @@ IMAGE_TYPE=${1:-qcow2}
BOOT_TYPE=${2:-bios}
# Take the image from the url passes to the script or build it by default if nothing
LIBVIRT_IMAGE_URL=${3:-""}
# When downloading the image, if provided, use this CA bundle, or skip verification
LIBVIRT_IMAGE_URL_CA_BUNDLE=${4:-""}
# Select the file extension based on the image that we are building.
IMAGE_EXTENSION=$IMAGE_TYPE
@ -214,7 +216,15 @@ EOF
else
pushd "${BIG_TEMP_DIR}"
LIBVIRT_IMAGE_PATH=/var/lib/libvirt/images/${IMAGE_KEY}.${IMAGE_EXTENSION}
sudo curl -o "${LIBVIRT_IMAGE_PATH}" "${LIBVIRT_IMAGE_URL}"
if [ -n "${LIBVIRT_IMAGE_URL_CA_BUNDLE}" ]; then
if [ "${LIBVIRT_IMAGE_URL_CA_BUNDLE}" == "skip" ]; then
sudo curl -o "${LIBVIRT_IMAGE_PATH}" -k "${LIBVIRT_IMAGE_URL}"
else
sudo curl -o "${LIBVIRT_IMAGE_PATH}" --cacert "${LIBVIRT_IMAGE_URL_CA_BUNDLE}" "${LIBVIRT_IMAGE_URL}"
fi
else
sudo curl -o "${LIBVIRT_IMAGE_PATH}" "${LIBVIRT_IMAGE_URL}"
fi
popd
fi