fix: add log to troubleshoot certificate issue (#45)

Signed-off-by: matttrach <matt.trachier@suse.com>
2024-11-11 22:41:39 -06:00 · 2024-11-11 22:41:39 -06:00 · ff1dfd9b69
parent 75bfed0dc3
commit ff1dfd9b69
3 changed files with 4 additions and 3 deletions
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@ -20,7 +20,7 @@ jobs:
      - name: Install Let's Encrypt Root Certificate
        run: |
          sudo apt-get update -y
-          sudo apt-get install -y ca-certificates wget
+          sudo apt-get install -y ca-certificates wget openssl libssl-dev
          wget -qO - https://letsencrypt.org/certs/isrgrootx1.pem.txt | sudo tee /usr/local/share/ca-certificates/isrgrootx1.crt > /dev/null
          sudo update-ca-certificates
      - name: Verify Lets Encrypt CA Functionality
--- a/.github/workflows/validate.yaml
+++ b/.github/workflows/validate.yaml
@ -175,7 +175,7 @@ jobs:
      - name: Install Let's Encrypt Root Certificate
        run: |
          sudo apt-get update -y
-          sudo apt-get install -y ca-certificates wget
+          sudo apt-get install -y ca-certificates wget openssl libssl-dev
          wget -qO - https://letsencrypt.org/certs/isrgrootx1.pem.txt | sudo tee /usr/local/share/ca-certificates/isrgrootx1.crt > /dev/null
          sudo update-ca-certificates
--- a/modules/rancher_bootstrap/rancher_externalTLS/main.tf
+++ b/modules/rancher_bootstrap/rancher_externalTLS/main.tf
@ -107,7 +107,8 @@ resource "terraform_data" "get_ping" {
  ]
  provisioner "local-exec" {
    command = <<-EOT
-    curl -vvv "https://${local.rancher_domain}/ping"
+    echo | openssl s_client -showcerts -servername ${local.rancher_domain} -connect "https://${local.rancher_domain}/ping" 2>/dev/null | openssl x509 -inform pem -noout -text || true
    curl --trace-ascii "-" -vvvv "https://${local.rancher_domain}/ping"
    EOT
  }
 }