Skip to content

Commit

Permalink
Check to see if CA is actually required (#45)
Browse files Browse the repository at this point in the history 
Signed-off-by: Chris Kim <[email protected]>
  • Loading branch information
@Oats87
Oats87 authored Aug 12, 2021
1 parent cbfd684 commit 3f27401
Showing 1 changed file with 41 additions and 1 deletion.
42 changes: 41 additions & 1 deletion install.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -495,6 +495,45 @@ validate_rancher_connection() {
fi
}

validate_ca_required() {
CA_REQUIRED=false
if [ -n "${CATTLE_SERVER}" ] && [ "${CATTLE_REMOTE_ENABLED}" = "true" ]; then
i=1
while [ "${i}" -ne "${RETRYCOUNT}" ]; do
VERIFY_RESULT=$(curl --connect-timeout 60 --max-time 60 --write-out "%{ssl_verify_result}\n" ${CURL_LOG} -fL "${CATTLE_SERVER}/healthz" -o /dev/null 2>/dev/null)
CURL_EXIT="$?"
case "${CURL_EXIT}" in
0|60)
case "${VERIFY_RESULT}" in
0)
info "Determined CA is not necessary to connect to Rancher"
CA_REQUIRED=false
CATTLE_CA_CHECKSUM=""
break
;;
*)
i=$((i + 1))
if [ "${CURL_EXIT}" -eq "60" ]; then
info "Determined CA is necessary to connect to Rancher"
CA_REQUIRED=true
break
fi
error "Error received while testing necessity of CA. Sleeping for 5 seconds and trying again"
sleep 5
continue
;;
esac
;;
*)
error "Error while connecting to Rancher to verify CA necessity. Sleeping for 5 seconds and trying again."
sleep 5
continue
;;
esac
done
fi
}

retrieve_connection_info() {
if [ "${CATTLE_REMOTE_ENABLED}" = "true" ]; then
UMASK=$(umask)
Expand Down Expand Up @@ -584,8 +623,9 @@ do_install() {
verify_downloader curl || fatal "can not find curl for downloading files"

if [ -n "${CATTLE_CA_CHECKSUM}" ]; then
validate_ca_checksum
validate_ca_required
fi
validate_ca_checksum
validate_rancher_connection

ensure_systemd_service_stopped
Expand Down

0 comments on commit 3f27401

Please sign in to comment.