Defined Type: java::cacert
- Defined in:
- modules/java/manifests/cacert.pp
Summary
a define to add a certificate to the system java truststoreOverview
SPDX-License-Identifier: Apache-2.0 or to a custom one. the system one).
11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
# File 'modules/java/manifests/cacert.pp', line 11
define java::cacert (
Stdlib::Unixpath $path,
Wmflib::Ensure $ensure = 'present',
String $storepass = 'changeit',
String $owner = 'root',
String $group = 'root',
Optional[Stdlib::Unixpath] $keystore_path = undef,
) {
Class['java'] -> Java::Cacert<| |>
if $keystore_path != undef {
$keystore = "-keystore ${keystore_path}"
$trust_cacert = ''
} else {
$keystore = $java::default_java_package['version'] ? {
'7' => '-keystore /etc/ssl/certs/java/cacerts',
'8' => '-keystore /etc/ssl/certs/java/cacerts',
default => '-cacerts',
}
$trust_cacert = '-trustcacerts'
}
$import_cmd = @("IMPORT"/L)
/usr/bin/keytool -import ${trust_cacert} -noprompt ${keystore} \
-file ${path} -storepass ${storepass} -alias ${title}
| IMPORT
$delete_cmd = "/usr/bin/keytool -delete ${keystore} -noprompt -storepass ${storepass} -alias ${title}"
$validate_cmd = "/usr/bin/keytool -list ${keystore} -noprompt -storepass ${storepass} -alias ${title}"
if $ensure == 'present' {
exec {"java__cacert_${title}":
command => $import_cmd,
user => 'root',
group => 'root',
unless => $validate_cmd,
}
} else {
exec {"java__cacert_${title}":
command => $delete_cmd,
user => 'root',
group => 'root',
onlyif => $validate_cmd,
}
}
if $keystore_path {
ensure_resource('file', $keystore_path, {
ensure => stdlib::ensure($ensure, 'file'),
owner => $owner,
group => $group,
})
Exec["java__cacert_${title}"] {
before => File[$keystore_path]
}
}
}
|