Skip to content

Commit 9b636b9

Browse files
dajudgedajudge
committed
Add support for custom CA certificates
1 parent 4ba6717 commit 9b636b9

File tree

1 file changed

+19
-0
lines changed

1 file changed

+19
-0
lines changed

src/main/java/com/dajudge/kindcontainer/BaseKindContainer.java

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,8 @@
3232
import static java.nio.charset.StandardCharsets.UTF_8;
3333
import static java.time.Duration.ofSeconds;
3434
import static java.util.Arrays.asList;
35+
import static java.util.Collections.emptyList;
36+
import static java.util.Collections.singletonList;
3537
import static java.util.stream.Collectors.joining;
3638
import static java.util.stream.Collectors.toList;
3739
import static org.testcontainers.containers.BindMode.READ_ONLY;
@@ -44,6 +46,7 @@ public class BaseKindContainer<T extends BaseKindContainer<T>> extends GenericCo
4446
private static final String CONTAINTER_WORKDIR = "/kindcontainer";
4547
private String podSubnet = "10.244.0.0/16";
4648
private String serviceSubnet = "10.97.0.0/12";
49+
private List<String> certs = emptyList();
4750

4851
public BaseKindContainer() {
4952
this("kindest/node:v1.17.0");
@@ -70,6 +73,11 @@ public BaseKindContainer(final String image) {
7073
.withExposedPorts();
7174
}
7275

76+
public T withCaCerts(final Collection<String> certs) {
77+
this.certs = new ArrayList<>(certs);
78+
return self();
79+
}
80+
7381
@Override
7482
public T withExposedPorts(final Integer... ports) {
7583
final HashSet<Integer> exposedPorts = new HashSet<>(asList(ports));
@@ -85,6 +93,7 @@ public T waitingFor(final WaitStrategy waitStrategy) {
8593
@Override
8694
protected void containerIsStarting(final InspectContainerResponse containerInfo) {
8795
try {
96+
updateCaCertificates();
8897
final String containerInternalIpAddress = getInternalIpAddress(this);
8998
LOG.info("Container internal IP address: {}", containerInternalIpAddress);
9099
LOG.info("Container external IP address: {}", getContainerIpAddress());
@@ -111,6 +120,16 @@ protected void containerIsStarting(final InspectContainerResponse containerInfo)
111120
}
112121
}
113122

123+
private void updateCaCertificates() throws IOException, InterruptedException {
124+
if (certs.isEmpty()) {
125+
return;
126+
}
127+
for (int i = 0; i < certs.size(); i++) {
128+
writeContainerFile(certs.get(i), "/usr/local/share/ca-certificates/custom-cert-" + i + ".crt");
129+
}
130+
exec(singletonList("update-ca-certificates"));
131+
}
132+
114133
private void untaintNode() throws IOException, InterruptedException {
115134
kubectl("taint", "node", CONTAINER_NAME, "node-role.kubernetes.io/master:NoSchedule-");
116135
}

0 commit comments

Comments
 (0)