[ISO] DO NOT MERGE Custom cookbook to unblock build-image with custom CA bundle.

Author: gmarciani

cookbooks/aws-parallelcluster-platform/files/isolated/iso-ca-bundle-config.sh

@@ -9,15 +9,15 @@ function get_instance_region {
 
 REGION="$(get_instance_region)"
 
-CA_BUNDLE="/etc/pki/${REGION}/certs/ca-bundle.pem"
+CA_BUNDLE="/etc/pki/tls/${REGION}/certs/ca-bundle.pem"
 
-echo "export AWS_CA_BUNDLE=/etc/pki/${REGION}/certs/ca-bundle.pem" >> /etc/profile.d/aws-cli-default-config.sh
+echo "export AWS_CA_BUNDLE=${CA_BUNDLE}" >> /etc/profile.d/aws-cli-default-config.sh
 
 echo "export AWS_DEFAULT_REGION=${REGION}" >> /etc/profile.d/aws-cli-default-config.sh
 
-echo "export REQUESTS_CA_BUNDLE=${AWS_CA_BUNDLE}" >> /etc/profile.d/aws-cli-default-config.sh
+echo "export REQUESTS_CA_BUNDLE=${CA_BUNDLE}" >> /etc/profile.d/aws-cli-default-config.sh
 
-echo "export SSL_CERT_FILE=${AWS_CA_BUNDLE}" >> /etc/profile.d/aws-cli-default-config.sh
+echo "export SSL_CERT_FILE=${CA_BUNDLE}" >> /etc/profile.d/aws-cli-default-config.sh
 
 echo "Defaults env_keep += \"AWS_DEFAULT_REGION AWS_CA_BUNDLE REQUESTS_CA_BUNDLE SSL_CERT_FILE\"" > /etc/sudoers.d/pcluster-aws-cli-envkeep
 

cookbooks/aws-parallelcluster-platform/recipes/config/supervisord_config.rb

@@ -23,7 +23,7 @@
   mode '0644'
   variables(
     region: region,
-    aws_ca_bundle: region.start_with?('us-iso') ? "/etc/pki/#{region}/certs/ca-bundle.pem" : '',
+    aws_ca_bundle: region.start_with?('us-iso') ? "/etc/pki/tls/#{region}/certs/ca-bundle.pem" : '',
     dcv_configured: (node['cluster']['dcv_enabled'] == "head_node" ||
                     node['cluster']['dcv_enabled'] == "login_node") &&
                     dcv_installed?,