Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

RSS

ssl_cacert_hack (1) Versions 0.1.0

Installs/Configures ssl_cacert_hack

Berkshelf
Policyfile
Knife
cookbook 'ssl_cacert_hack', '~> 0.1.0'
cookbook 'ssl_cacert_hack', '~> 0.1.0', :supermarket
knife supermarket install ssl_cacert_hack
knife supermarket download ssl_cacert_hack
README
Dependencies
Changelog
Quality 63%

Build Status

ssl_cacert_hack

This cookbook updates CA Bundles that are included with other software.

There are better ways to add trusted certificates to your system CA store, such as the trusted_certificate cookbook. You should probably be using one of those. This cookbook is a sledge hammer approach.

You have been warned.

Requirements

Platforms

  • Debian/Ubuntu
  • RHEL 6+

Chef

  • Chef 13+

Cookbooks

  • none

Usage

This cookbook provides both a recipe and resource. You probably want the resource.

Recipe

default

The ssl_cacert_hack::default recipe is really intended for testing purposes only. The included ca-bundle.crt is the ca-cert from the centos-7 kitchen dokken image.

Nevertheless you may include the recipe:

include_recipe 'ssl_cacert_hack::default'`

Resource

By default the ssl_cacert_hack resource should handle common locations on CentOS, Debian, and Ubuntu.

ssl_cacert_hack 'something relevant' do
  action :create
end

(actually, since the :create action is default, it can be omitted as well)

By default, this expects your cookbook to have a files/default/ca-bundle.crt included. This can be overridden with the ca_source attribute.

This would expect a files/default/foo.pem bundled with your cookbook.

ssl_cacert_hack 'internal certs' do
  ca_source 'foo.pem'
  action :create
end

Resource Attributes

  • ca_source: Name of the file bundled with your cookbook.
  • ca_bundle: On CentOS systems, path to the "system" ca_bundle, this will be linked to the root_cabundle
  • root_cabundle: Path to the actual cabundle on the system.
  • certs_glob: Array passed to Dir.glob to search for files. This works similar to SH expansion.

Default Values:

ssl_cacert_hack 'demo' do
  ca_source 'ca-bundle.crt'
  ca_bundle '/etc/pki/tls/certs/ca-bundle.crt'
  certs_glob ['/opt/**/cacert{,s}.pem', '/hab/**/cacert{,s}.pem']

  case node['platform']
  when 'ubuntu', 'debian'
    root_cabundle '/etc/ssl/certs/ca-certificates.crt'
  else
    root_cabundle '/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem'
  end

  action :create
end

License & Authors

Author: QubitRenegade

Copyright: 2019, QubitRenegade

The MIT License (MIT)

Copyright (c) 2019 QubitRenegade

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

ssl_cacert_hack CHANGELOG

This file is used to list changes made in each version of the ssl_cacert_hack cookbook.

0.1.0

Initial release.

  • change 0
  • change 1

Collaborator Number Metric
            

0.1.0 failed this metric

Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.

Contributing File Metric
            

0.1.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file

Foodcritic Metric
            

0.1.0 passed this metric

No Binaries Metric
            

0.1.0 passed this metric

Publish Metric
            

0.1.0 passed this metric

Supported Platforms Metric
            

0.1.0 passed this metric

Testing File Metric
            

0.1.0 failed this metric

Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file

Version Tag Metric
            

0.1.0 passed this metric