suricata acme_sync: improved http response code handling

main
Ricard Illa 2023-01-09 18:20:05 +01:00
parent 03f4582e86
commit adefdaf137
1 changed files with 11 additions and 14 deletions

View File

@ -62,31 +62,28 @@ $(JSON_SECRET): $(ACME_KEY_FILE) $(ACME_FULLCHAIN_FILE) $(ACME_KEY_FILE)
############################################################################### ###############################################################################
select_status_code = grep 'HTTP/' | awk '{printf $$2}'
define k8s_api define k8s_api
curl \ curl \
-i \ --include \
-X $(1) \ --request $(1) \
--write-out "%{http_code}" \
--output /dev/stderr \
--cacert "$(K8S_CA_FILE)" \ --cacert "$(K8S_CA_FILE)" \
-H "Authorization: Bearer $(K8S_TOKEN)" \ --header "Authorization: Bearer $(K8S_TOKEN)" \
-H 'Accept: application/json' \ --header 'Accept: application/json' \
-H "Content-Type: application/json" --header "Content-Type: application/json"
endef endef
define get_secret define get_secret
$(call k8s_api,GET) $(K8S_SECRERTS_URL)/$(SECRET_NAME) | \ $(call k8s_api,GET) $(K8S_SECRERTS_URL)/$(SECRET_NAME)
$(select_status_code)
endef endef
define post_secret define post_secret
$(call k8s_api,POST) $(K8S_SECRERTS_URL) --data @$(1) | \ $(call k8s_api,POST) $(K8S_SECRERTS_URL) --data @$(1)
$(select_status_code)
endef endef
define put_secret define put_secret
$(call k8s_api,PUT) $(K8S_SECRERTS_URL)/$(SECRET_NAME) --data @$(1) | \ $(call k8s_api,PUT) $(K8S_SECRERTS_URL)/$(SECRET_NAME) --data @$(1)
$(select_status_code)
endef endef
$(SECRET_UPDATED): $(JSON_SECRET) $(SECRET_UPDATED): $(JSON_SECRET)
@ -95,7 +92,7 @@ $(SECRET_UPDATED): $(JSON_SECRET)
if [ "$${GET_STATUS_CODE}" = "404" ]; then \ if [ "$${GET_STATUS_CODE}" = "404" ]; then \
echo "adding cert"; \ echo "adding cert"; \
POST_STATUS_CODE=$$($(call post_secret,$^)); \ POST_STATUS_CODE=$$($(call post_secret,$^)); \
[ "$${POST_STATUS_CODE}" = "200" ] && touch $@; \ [ "$${POST_STATUS_CODE}" = "201" ] && touch $@; \
elif [ "$${GET_STATUS_CODE}" = "200" ]; then \ elif [ "$${GET_STATUS_CODE}" = "200" ]; then \
echo "updating existing cert"; \ echo "updating existing cert"; \
PUT_STATUS_CODE=$$($(call put_secret,$^)); \ PUT_STATUS_CODE=$$($(call put_secret,$^)); \