This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -e -o pipefail; [[ -n "$DEBUG" ]] && set -x | |
| CERT_DIR="${CERT_DIR:-"/usr/local/share/ca-certificates"}" | |
| function usage() { | |
| echo "Usage: $(basename "$0") [-n name] certflie ..." >&2 | |
| } | |
| while getopts n: OPT; do | |
| case $OPT in | |
| n) name="$OPTARG" | |
| ;; | |
| *) usage | |
| exit 1 | |
| ;; | |
| esac | |
| done | |
| shift "$((OPTIND - 1))" | |
| name="${name:-"kind"}" | |
| if [[ $# -eq 0 ]]; then | |
| usage | |
| exit 1 | |
| fi | |
| containers="$(kind get nodes --name="$name" 2>/dev/null)" | |
| if [[ "$containers" == "" ]]; then | |
| echo "No kind nodes found for cluster \"$name\"" >&2 | |
| exit 1 | |
| fi | |
| while IFS= read -r container; do | |
| for certfile in "$@"; do | |
| echo "Copying ${certfile} to ${container}:${CERT_DIR}" | |
| docker cp "$certfile" "${container}:${CERT_DIR}" | |
| done | |
| echo "Updating CA certificates in ${container}..." | |
| docker exec "$container" update-ca-certificates | |
| echo "Restarting containerd" | |
| docker exec "$container" systemctl restart containerd | |
| done <<< "$containers" | |
| # vim: ai ts=2 sw=2 et sts=2 ft=sh |
@jrobison153 Thanks for the suggestion. I changed it like that
Hi,
First, Bravo for the script and I also vote for kind supporting this feature.
While I was struggling with certs, I fell on https://askubuntu.com/a/1159454 and I experienced exactly what is described: you must update /etc/ca-certificates.conf to make update-ca-certificates success. My 2 cents...
Best regards
This is what I need!!! Thanks a lot!!
Thanks, this script has been helping me a lot
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Great script, saved me a bunch of leg work. One thing though, I ran into an issue with the for loop on line 35. This loop isn't splitting the newline separated list of container names correctly. I had to modify it to the following and all was well