Defined Type: java::cacert

Defined in:
modules/java/manifests/cacert.pp

Overview

Parameters:

  • path (Stdlib::Unixpath)

    the location of the CA pem file to add to the truststore

  • storepass (String) (defaults to: 'changeit')

    the keystore password

  • ensure (Wmflib::Ensure) (defaults to: 'present') 


4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
 
# File 'modules/java/manifests/cacert.pp', line 4

define java::cacert (
    Stdlib::Unixpath $path,
    Wmflib::Ensure   $ensure    = 'present',
    String           $storepass = 'changeit',
) {
    include java
    $keystore = $java::default_java_package['version'] ? {
        '7'     => '-keystore /etc/ssl/certs/java/cacerts',
        '8'     => '-keystore /etc/ssl/certs/java/cacerts',
        default => '-cacerts',
    }
    $import_cmd = @("IMPORT"/L)
        /usr/bin/keytool -import -trustcacerts -noprompt ${keystore} \
            -file ${path} -storepass ${storepass} -alias ${title}
        | IMPORT
    $delete_cmd = "/usr/bin/keytool -delete ${keystore} -noprompt -storepass ${storepass} -alias ${title}"
    $validate_cmd = "/usr/bin/keytool -list ${keystore} -noprompt -storepass ${storepass} -alias ${title}"
    if $ensure == 'present' {
        exec {"java__cacert_${title}":
            command => $import_cmd,
            unless  => $validate_cmd,
        }
    } else {
        exec {"java__cacert_${title}":
            command => $delete_cmd,
            onlyif  => $validate_cmd,
        }
    }
}