Browse Source

Update to support Kong-v0.10.x

The previous one is for Kong-v0.9.x only.

This change will allow it to work with v0.10.x.

More info at:
4f960abe33/UPGRADE.md (upgrade-to-010x)
https://getkong.org/docs/0.10.x/admin-api/#add-certificate
pull/809/head
thecantero 8 years ago
committed by GitHub
parent
commit
0138e167e9
  1. 39
      deploy/kong.sh

39
deploy/kong.sh

@ -31,14 +31,15 @@ kong_deploy() {
_debug _cca "$_cca" _debug _cca "$_cca"
_debug _cfullchain "$_cfullchain" _debug _cfullchain "$_cfullchain"
#Get uuid linked to the domain
uuid=$(_get "$KONG_URL/apis?request_host=$_cdomain" | _normalizeJson | _egrep_o '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}')
if [ -z "$uuid" ]; then
_err "Unable to get Kong uuid for domain $_cdomain"
_err "Make sure that KONG_URL is correctly configured"
_err "Make sure that a Kong api request_host match the domain"
_err "Kong url: $KONG_URL"
return 1
#Get ssl_uuid linked to the domain
ssl_uuid=$(_get "$KONG_URL/certificates/$_cdomain" | _normalizeJson | _egrep_o '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}')
if [ -z "$ssl_uuid" ]; then
_debug "Unable to get Kong ssl_uuid for domain $_cdomain"
_debug "Make sure that KONG_URL is correctly configured"
_debug "Make sure that a Kong certificate match the sni"
_debug "Kong url: $KONG_URL"
_info "No existing certificate, creating..."
#return 1
fi fi
#Save kong url if it's succesful (First run case) #Save kong url if it's succesful (First run case)
_saveaccountconf KONG_URL "$KONG_URL" _saveaccountconf KONG_URL "$KONG_URL"
@ -48,12 +49,15 @@ kong_deploy() {
#Set Header #Set Header
_H1="Content-Type: multipart/form-data; boundary=$delim" _H1="Content-Type: multipart/form-data; boundary=$delim"
#Generate data for request (Multipart/form-data with mixed content) #Generate data for request (Multipart/form-data with mixed content)
#set name to ssl
content="--$delim${nl}Content-Disposition: form-data; name=\"name\"${nl}${nl}ssl"
content="--$delim${nl}"
if [ -z "$ssl_uuid" ]; then
#set sni to domain
content="$content{nl}Content-Disposition: form-data; name=\"snis\"${nl}${nl}$_cdomain"
fi
#add key #add key
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"config.key\"; filename=\"$(basename "$_ckey")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_ckey")"
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"key\"; filename=\"$(basename "$_ckey")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_ckey")"
#Add cert #Add cert
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"config.cert\"; filename=\"$(basename "$_cfullchain")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_cfullchain")"
content="$content${nl}--$delim${nl}Content-Disposition: form-data; name=\"cert\"; filename=\"$(basename "$_cfullchain")\"${nl}Content-Type: application/octet-stream${nl}${nl}$(cat "$_cfullchain")"
#Close multipart #Close multipart
content="$content${nl}--$delim--${nl}" content="$content${nl}--$delim--${nl}"
#Convert CRLF #Convert CRLF
@ -61,17 +65,16 @@ kong_deploy() {
#DEBUG #DEBUG
_debug header "$_H1" _debug header "$_H1"
_debug content "$content" _debug content "$content"
#Check if ssl plugins is aready enabled (if not => POST else => PATCH)
ssl_uuid=$(_get "$KONG_URL/apis/$uuid/plugins" | _egrep_o '"id":"[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"[a-zA-Z0-9\-\,\"_\:]*"name":"ssl"' | _egrep_o '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}')
_debug ssl_uuid "$ssl_uuid"
#Check if sslcreated (if not => POST else => PATCH)
if [ -z "$ssl_uuid" ]; then if [ -z "$ssl_uuid" ]; then
#Post certificate to Kong #Post certificate to Kong
response=$(_post "$content" "$KONG_URL/apis/$uuid/plugins" "" "POST")
response=$(_post "$content" "$KONG_URL/certificates" "" "POST")
else else
#patch #patch
response=$(_post "$content" "$KONG_URL/apis/$uuid/plugins/$ssl_uuid" "" "PATCH")
response=$(_post "$content" "$KONG_URL/certificates/$ssl_uuid" "" "PATCH")
fi fi
if ! [ "$(echo "$response" | _egrep_o "ssl")" = "ssl" ]; then
if ! [ "$(echo "$response" | _egrep_o "created_at")" = "created_at" ]; then
_err "An error occurred with cert upload. Check response:" _err "An error occurred with cert upload. Check response:"
_err "$response" _err "$response"
return 1 return 1

Loading…
Cancel
Save