forcing consistency in /root_ca/ directory naming

Author: alexlovelltroy

Dockerfile

@@ -6,7 +6,7 @@ ENV CONFIGPATH="/home/step/config/ca.json"
 ENV PWDPATH="/home/step/secrets/password"
 ENV STEPPATH="/home/step"
 
-RUN mkdir /root-ca
+RUN mkdir /root_ca
 RUN mkdir /root/.acme.sh
 
 VOLUME ["/home/step", "/root-ca"]

README.md

@@ -29,15 +29,15 @@ This container can be used with docker compose following this example:
       # Keeping the database in a volume improves performance.  I don't understand why.
       - step-ca-db:/home/step/db
       # Keeping the root CA in a volume allows us to back it up and restore it.
-      - step-root-ca:/root-ca/
+      - step-root-ca:/root_ca/
     environment:
       # To initialize your CA, modify these environment variables
       - STEPPATH=/home/step
       - DOCKER_STEPCA_INIT_NAME=OpenCHAMI
       - DOCKER_STEPCA_INIT_DNS_NAMES=localhost,step-ca
       - DOCKER_STEPCA_INIT_ACME=true
     healthcheck:
-      test: ["CMD", "step", "ca", "health", "--ca-url", "https://step-ca:9000", "--root", "/root-ca/root_ca.crt"]
+      test: ["CMD", "step", "ca", "health", "--ca-url", "https://step-ca:9000", "--root", "/root_ca/root_ca.crt"]
       interval: 10s
       timeout: 10s
       retries: 5
@@ -49,14 +49,14 @@ This container can be used with docker compose following this example:
       step-ca:
         condition: service_healthy
     environment:
-      - REQUESTS_CA_BUNDLE=/root-ca/root_ca.crt # This is the root CA certificate that we use to verify the local CA.
+      - REQUESTS_CA_BUNDLE=/root_ca/root_ca.crt # This is the root CA certificate that we use to verify the local CA.
     command: [ "certonly", "--webroot", "--server", "https://step-ca:9000/acme/acme/directory", "--webroot-path", "/var/www/html", "--agree-tos", "--email", "docker-compose@example.com", "-d", "openchami.bikeshack.dev", "-n" ]
     networks:
       - openchami-certs
     volumes:
       - local-certs:/etc/letsencrypt
       - certbot-challenges:/var/www/html/
-      - step-root-ca:/root-ca:ro
+      - step-root-ca:/root_ca:ro
 ```
 
 Build Status: [![build and publish containers](https://github.com/OpenCHAMI/local-ca/actions/workflows/build_containers.yml/badge.svg)](https://github.com/OpenCHAMI/local-ca/actions/workflows/build_containers.yml)

entrypoint.sh

@@ -81,17 +81,17 @@ function step_ca_init () {
 
     # Copy the CA certificates to a volume that can be shared for future interaction with the CA
     # First we put the root ca cert and intermediate cert in the easiest place to find it in the volume
-    cp /home/step/certs/root_ca.crt /root-ca/root_ca.crt
-    cp /home/step/certs/intermediate_ca.crt /root-ca/intermediate_ca.crt
-    chmod 444 /root-ca/*.crt
+    cp /home/step/certs/root_ca.crt /root_ca/root_ca.crt
+    cp /home/step/certs/intermediate_ca.crt /root_ca/intermediate_ca.crt
+    chmod 444 /root_ca/*.crt
     # Then we set up the files in the right place for the step client to find them
-    mkdir -p /root-ca/step/certs
-    cp /home/step/certs/root_ca.crt /root-ca/step/certs/root_ca.crt
-    cp /home/step/certs/intermediate_ca.crt /root-ca/step/certs/intermediate_ca.crt
+    mkdir -p /root_ca/step/certs
+    cp /home/step/certs/root_ca.crt /root_ca/step/certs/root_ca.crt
+    cp /home/step/certs/intermediate_ca.crt /root_ca/step/certs/intermediate_ca.crt
     # Finally, we copy the step config files to the volume without exposing any secrets
-    mkdir -p /root-ca/step/config
-    cp /home/step/config/ca.json /root-ca/step/config/ca.json
-    cp /home/step/config/defaults.json /root-ca/step/config/defaults.json
+    mkdir -p /root_ca/step/config
+    cp /home/step/config/ca.json /root_ca/step/config/ca.json
+    cp /home/step/config/defaults.json /root_ca/step/config/defaults.json
     echo "🔒 Your CA is ready to go!"
 }