Skip to content

Commit

Permalink
Clean up CA container test (part 2)
Browse files Browse the repository at this point in the history 
The CA container test has been updated to create the shared
folders earlier.
  • Loading branch information
@edewata
edewata committed May 17, 2024
1 parent 6bec07f commit d94d356
Showing 1 changed file with 29 additions and 42 deletions.
71 changes: 29 additions & 42 deletions .github/workflows/ca-container-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,11 @@ jobs:
- name: Create network
run: docker network create example

- name: Create shared folders
run: |
mkdir certs
mkdir data
- name: Set up client container
run: |
tests/bin/runner-init.sh client
Expand All @@ -43,17 +48,17 @@ jobs:
nss-cert-request \
--subject "CN=CA Signing Certificate" \
--ext /usr/share/pki/server/certs/ca_signing.conf \
--csr ca_signing.csr
--csr $SHARED/certs/ca_signing.csr
docker exec client pki \
nss-cert-issue \
--csr ca_signing.csr \
--csr $SHARED/certs/ca_signing.csr \
--ext /usr/share/pki/server/certs/ca_signing.conf \
--validity-length 1 \
--validity-unit year \
--cert ca_signing.crt
--cert $SHARED/certs/ca_signing.crt
docker exec client pki \
nss-cert-import \
--cert ca_signing.crt \
--cert $SHARED/certs/ca_signing.crt \
--trust CT,C,C \
ca_signing
docker exec client pki \
Expand All @@ -66,16 +71,16 @@ jobs:
nss-cert-request \
--subject "CN=OCSP Signing Certificate" \
--ext /usr/share/pki/server/certs/ocsp_signing.conf \
--csr ocsp_signing.csr
--csr $SHARED/certs/ocsp_signing.csr
docker exec client pki \
nss-cert-issue \
--issuer ca_signing \
--csr ocsp_signing.csr \
--csr $SHARED/certs/ocsp_signing.csr \
--ext /usr/share/pki/server/certs/ocsp_signing.conf \
--cert ocsp_signing.crt
--cert $SHARED/certs/ocsp_signing.crt
docker exec client pki \
nss-cert-import \
--cert ocsp_signing.crt \
--cert $SHARED/certs/ocsp_signing.crt \
ocsp_signing
docker exec client pki \
nss-cert-show \
Expand All @@ -87,16 +92,16 @@ jobs:
nss-cert-request \
--subject "CN=Audit Signing Certificate" \
--ext /usr/share/pki/server/certs/audit_signing.conf \
--csr audit_signing.csr
--csr $SHARED/certs/audit_signing.csr
docker exec client pki \
nss-cert-issue \
--issuer ca_signing \
--csr audit_signing.csr \
--csr $SHARED/certs/audit_signing.csr \
--ext /usr/share/pki/server/certs/audit_signing.conf \
--cert audit_signing.crt
--cert $SHARED/certs/audit_signing.crt
docker exec client pki \
nss-cert-import \
--cert audit_signing.crt \
--cert $SHARED/certs/audit_signing.crt \
--trust ,,P \
audit_signing
docker exec client pki \
Expand All @@ -109,16 +114,16 @@ jobs:
nss-cert-request \
--subject "CN=Subsystem Certificate" \
--ext /usr/share/pki/server/certs/subsystem.conf \
--csr subsystem.csr
--csr $SHARED/certs/subsystem.csr
docker exec client pki \
nss-cert-issue \
--issuer ca_signing \
--csr subsystem.csr \
--csr $SHARED/certs/subsystem.csr \
--ext /usr/share/pki/server/certs/subsystem.conf \
--cert subsystem.crt
--cert $SHARED/certs/subsystem.crt
docker exec client pki \
nss-cert-import \
--cert subsystem.crt \
--cert $SHARED/certs/subsystem.crt \
subsystem
docker exec client pki \
nss-cert-show \
Expand All @@ -130,16 +135,16 @@ jobs:
nss-cert-request \
--subject "CN=ca.example.com" \
--ext /usr/share/pki/server/certs/sslserver.conf \
--csr sslserver.csr
--csr $SHARED/certs/sslserver.csr
docker exec client pki \
nss-cert-issue \
--issuer ca_signing \
--csr sslserver.csr \
--csr $SHARED/certs/sslserver.csr \
--ext /usr/share/pki/server/certs/sslserver.conf \
--cert sslserver.crt
--cert $SHARED/certs/sslserver.crt
docker exec client pki \
nss-cert-import \
--cert sslserver.crt \
--cert $SHARED/certs/sslserver.crt \
sslserver
docker exec client pki \
nss-cert-show \
Expand All @@ -151,16 +156,16 @@ jobs:
nss-cert-request \
--subject "CN=Administrator" \
--ext /usr/share/pki/server/certs/admin.conf \
--csr admin.csr
--csr $SHARED/certs/admin.csr
docker exec client pki \
nss-cert-issue \
--issuer ca_signing \
--csr admin.csr \
--csr $SHARED/certs/admin.csr \
--ext /usr/share/pki/server/certs/admin.conf \
--cert admin.crt
--cert $SHARED/certs/admin.crt
docker exec client pki \
nss-cert-import \
--cert admin.crt \
--cert $SHARED/certs/admin.crt \
admin
docker exec client pki \
nss-cert-show \
Expand Down Expand Up @@ -192,24 +197,6 @@ jobs:
--pkcs12 $SHARED/certs/admin.p12 \
--password Secret.123 \
- name: Prepare certs folder
run: |
mkdir certs
docker cp client:server.p12 certs
docker cp client:admin.p12 certs
docker cp client:ca_signing.csr certs
docker cp client:ocsp_signing.csr certs
docker cp client:audit_signing.csr certs
docker cp client:subsystem.csr certs
docker cp client:sslserver.csr certs
docker cp client:admin.csr certs
ls -la certs
- name: Prepare data folder
run: |
mkdir data
ls -la data
- name: Set up CA container
run: |
docker run \
Expand Down

0 comments on commit d94d356

Please sign in to comment.