Why not? Because. Don't ask. The Founding Fathers of Puppet decided so, and thou shall not dare question why.
The good news is that you can STILL iterate, sticking all your (homogeneous) resources in a hash (Puppet supports this very advanced concept of Hash, disregarding 30 years of Object Oriented programming technology... call it Time Travel).
#Where the .crt .key and .cer files are
$certsFolder = '/home/soa/jkstest/source/'
#where to create the JKS files
$targetJKSFolder = '/home/soa/jkstest/target/'
$trustPassword = '111111'
/* This is how a traditional java_ks invokation looks like
java_ks { "ca_nestle:trustDEV.jks" :
ensure => latest,
certificate => "${certsFolder}ACMECA.cer",
target => "${targetJKSFolder}/trustDEV.jks",
password => "${trustPassword}",
trustcacerts => true,
}
*/
$jksHash = {
trustDEV1 => {
ensure => latest,
certificate => "${certsFolder}ACMECA.cer",
target => "${targetJKSFolder}/trustDEV.jks",
password => "${trustPassword}",
trustcacerts => true,
},
trustDEV2 => {
ensure => latest,
certificate => "${certsFolder}ItalianSignCA.cer",
target => "${targetJKSFolder}/trustDEV.jks",
password => "${trustPassword}",
trustcacerts => true,
}
}
create_resources(java_ks, $jksHash)
This is how, in one go, I can add 2 certificates in a JKS store.
What can I say. It could be worse. It could be Maven.
No comments:
Post a Comment