summaryrefslogtreecommitdiff
path: root/cloudinit
diff options
context:
space:
mode:
Diffstat (limited to 'cloudinit')
-rw-r--r--cloudinit/CloudConfig/cc_ca_certs.py21
1 files changed, 17 insertions, 4 deletions
diff --git a/cloudinit/CloudConfig/cc_ca_certs.py b/cloudinit/CloudConfig/cc_ca_certs.py
index 1c866f12..e2110890 100644
--- a/cloudinit/CloudConfig/cc_ca_certs.py
+++ b/cloudinit/CloudConfig/cc_ca_certs.py
@@ -23,8 +23,20 @@ import ConfigParser
import cloudinit.CloudConfig as cc
import cloudinit.util as util
+CERT_FILENAME = "/usr/share/ca-certificates/cloud-init-provided.crt"
+
+def write_file(filename, contents, owner, group, mode):
+ raise Exception()
+
def handle(name, cfg, cloud, log, args):
- # If there isn't a chef key in the configuration don't do anything
+ """
+ @param name: The module name "ca-cert" from cloud.cfg
+ @param cfg: A nested dict containing the entire cloud config contents.
+ @param cloud: The L{CloudInit} object in use
+ @param log: Pre-initialized Python logger object to use for logging
+ @param args: Any module arguments from cloud.cfg
+ """
+ # If there isn't a ca-certs section in the configuration don't do anything
if not cfg.has_key('ca-certs'):
return
ca_cert_cfg = cfg['ca-certs']
@@ -33,6 +45,7 @@ def handle(name, cfg, cloud, log, args):
# or 'validation_cert'. In the case where both exist, 'validation_key'
# takes precedence
if ca_cert_cfg.has_key('trusted'):
- trusted_certs = util.get_cfg_option_str(chef_cfg, 'trusted')
- with open('/etc/cert.pem', 'w') as cert_file:
- cert_file.write(trusted_certs)
+ trusted_certs = util.get_cfg_option_list_or_str(ca_cert_cfg, 'trusted')
+ if trusted_certs:
+ cert_file_contents = "\n".join(trusted_certs)
+ write_file(CERT_FILENAME, cert_file_contents, "root", "root", "644")