Skip to content

Commit

Permalink
Add download of CA certificate
Browse files Browse the repository at this point in the history
  • Loading branch information
@WStechura
WStechura committed Sep 5, 2024
1 parent 3568372 commit eed05ef
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 1 deletion.
2 changes: 1 addition & 1 deletion .idea/misc.xml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

14 changes: 14 additions & 0 deletions roles/oneagent/tasks/provide-installer/signature-unix.yml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,23 @@
---
- name: Check if CA certificate exists
delegate_to: localhost
ansible.builtin.stat:
path: "{{ oneagent_ca_cert_src_path }}"
register: _oneagent_ca_cert_state

- name: Transfer CA certificate
ansible.builtin.copy:
src: "{{ oneagent_ca_cert_src_path }}"
dest: "{{ oneagent_ca_cert_dest_path }}"
mode: "0644"
when: _oneagent_ca_cert_state.stat.exists

- name: Download CA certificate
ansible.builtin.get_url:
url: "{{ oneagent_ca_cert_download_url }}"
dest: "{{ oneagent_ca_cert_dest_path }}"
mode: "0644"
when: not _oneagent_ca_cert_state.stat.exists

- name: Validate installer signature
ansible.builtin.shell: >
Expand Down
1 change: 1 addition & 0 deletions roles/oneagent/vars/aix.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ oneagent_uninstall_cmd: sh {{ oneagent_install_path }}/agent/uninstall.sh

oneagent_ca_cert_src_path: files/dt-root.cert.pem
oneagent_ca_cert_dest_path: "{{ oneagent_download_path }}/dt-root.cert.pem"
oneagent_ca_cert_download_url: https://ca.dynatrace.com/dt-root.cert.pem
oneagent_certificate_verification_header: >
"Content-Type: multipart/signed; protocol=\"application/x-pkcs7-signature\"; micalg=\"sha-256\"; boundary=\"--SIGNED-INSTALLER\"\
\n\n----SIGNED-INSTALLER\n"
Expand Down
1 change: 1 addition & 0 deletions roles/oneagent/vars/linux.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ oneagent_uninstall_cmd: sh {{ oneagent_install_path }}/agent/uninstall.sh

oneagent_ca_cert_src_path: files/dt-root.cert.pem
oneagent_ca_cert_dest_path: "{{ oneagent_download_path }}/dt-root.cert.pem"
oneagent_ca_cert_download_url: https://ca.dynatrace.com/dt-root.cert.pem
oneagent_certificate_verification_header: >
"Content-Type: multipart/signed; protocol=\"application/x-pkcs7-signature\"; micalg=\"sha-256\"; boundary=\"--SIGNED-INSTALLER\"\
\n\n----SIGNED-INSTALLER\n"
Expand Down

0 comments on commit eed05ef

Please sign in to comment.