You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by as...@apache.org on 2021/03/30 17:20:48 UTC
[camel-k] 06/20: feat(build): Import root CA certificates into
custom truststore
This is an automated email from the ASF dual-hosted git repository.
astefanutti pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel-k.git
commit 1d665571aa0c94d4d7dca257b6ef7ffaf06996bb
Author: Antonin Stefanutti <an...@stefanutti.fr>
AuthorDate: Fri Mar 26 10:01:18 2021 +0100
feat(build): Import root CA certificates into custom truststore
---
pkg/util/jvm/keystore.go | 27 +++++++++++++++++++++++++--
1 file changed, 25 insertions(+), 2 deletions(-)
diff --git a/pkg/util/jvm/keystore.go b/pkg/util/jvm/keystore.go
index c1de152..60003d2 100644
--- a/pkg/util/jvm/keystore.go
+++ b/pkg/util/jvm/keystore.go
@@ -35,11 +35,34 @@ func GenerateJavaKeystore(ctx context.Context, keystoreDir, keystoreName string,
}
defer os.Remove(path.Join(keystoreDir, tmpFile))
- args := strings.Fields(fmt.Sprintf("-importcert -alias maven -file %s -keystore %s", tmpFile, keystoreName))
+ args := strings.Fields(fmt.Sprintf("-importcert -noprompt -alias maven -file %s -keystore %s", tmpFile, keystoreName))
cmd := exec.CommandContext(ctx, "keytool", args...)
cmd.Dir = keystoreDir
cmd.Stderr = os.Stderr
cmd.Stdout = os.Stdout
- return cmd.Run()
+ err := cmd.Run()
+ if err != nil {
+ return err
+ }
+
+ // Try to locale root CA certificates truststore, in order to import them
+ // into the newly created truststore. It avoids tempering the system-wide
+ // JVM truststore.
+ javaHome, ok := os.LookupEnv("JAVA_HOME")
+ if ok {
+ caCertsPath := path.Join(javaHome, "lib/security/cacerts")
+ args := strings.Fields(fmt.Sprintf("-importkeystore -noprompt -srckeystore %s -srcstorepass %s -destkeystore %s", caCertsPath, "changeit", keystoreName))
+ cmd := exec.CommandContext(ctx, "keytool", args...)
+ cmd.Dir = keystoreDir
+ cmd.Stderr = os.Stderr
+ cmd.Stdout = os.Stdout
+
+ err := cmd.Run()
+ if err != nil {
+ return err
+ }
+ }
+
+ return nil
}