-
Notifications
You must be signed in to change notification settings - Fork 820
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding pre- and post-hook #898
Conversation
This comment has been minimized.
This comment has been minimized.
Resolves: #333 |
@TreeN0de thanks for the PR, for this to be merged it'll need:
Optionally but ideally it should also work both globally when set on the acme-companion container or per proxied container when set on them, with priority given to the per-container setting over the global setting when both are set. I know tests are painful to write with the half assed test suite I contributed a few years ago, but they're the only way for me to have some confidence in the fact that feature X, Y or Z should work when someone opens an issue. |
Hello, this is my first time to make a PR. I agree the feature should be available for each proxied container. This could be the next step. I keep you posted. |
@buchdag I managed to find a workaround be using global variables. Therefore I made changes in the test-suit. I modified the function In my opinion this could only be a temporary solution. I think a better way is to modify the handling of parameter in the function run_le_container What do you suggest? |
Use single quotes within the double quotes to give the ENV a space separated value assignment: I don't have familiarity with boulder/pebble, if this is for providing a local PKI (ACME CA endpoint) for testing, I would suggest adopting Smallstep's one which is great and AFAIK easier to work with. They have an image available on DockerHub that can be used too at I've used it for provisioning certs locally, and intend to add it to the test suite of a project I am a maintainer of, Not sure if it'd be any better than your current approach with boulder/pebble though. |
Thanks for your answer but that’s not the Problem I meant. With your solution the environment variable is a string not a command. But the function splits the parameter at the blanks. No matter what quotes I tried. |
How are you calling the value? (I haven't reviewed/looked at the PR sorry) I think something like this would run it: Alternatively you could instead take the path to a shell script file, and call that instead? |
Hey, the reason I couldn’t get the test suit running properly is, that I used the version of the time I created my branch. But since than there were changes to get the test suit running. I wasn’t able to find a away to pass the needed values into the function Unfortunately I wasn’t able to get the Github workflow test running. On the local tests it passes. My test case didn’t make any output when it passes, but the workflow says unexpected output. |
After the rebase and just recreating the |
@buchdag Now I am working on setting the hooks in the proxied container. Therefor I started a new branch “pre/post-hook-proxied“ in my fork.
What is the next step for the PR? |
@TreeN0de sorry I haven't had the time to look at all your work yet, I'll do it asap but probably no earlier than next week. Looks very promising 👍 |
Squashing the commits together into a small number of meaningful commits grouped by type and/or scope, ideally using Conventional Commits but I can probably handle that (both the commit squashing and renaming), don't bother before I take a look at the full PR. |
Squashing commits for merge is pretty good. I noticed this repo merges all commit history into master/main, which seems prone to noisy history with some PRs. With squash merge you don't have to request the contributor to cleanup commits or handle that yourself if it's regarding the merged history since you can have a single conventional commit merged instead and refer to the PR commit history when necessary. |
@TreeN0de I've reworked this PR to fix things like commit squash, shell linting, using conventional commits and some docs rewording, is it ok if I force push to your branch ? You can check what I've done here. It should be almost ready to merge, the only thing bothering me is this line in the reworked parameter handling of cli_args_arr+=("$(echo "${cli_args_arr_tmp[@]:1}")") #Tail It's triggering ShellCheck's SC2116 and I have a hard time figuring if we absolutely need to use |
7b12209
to
b4ccbf1
Compare
I took the liberty to force push to I've fixed the caveat I had with the unnecessary use of echo triggering SC2116 and more importantly I added per-container hooks, with tests and documentation. |
Exposing the pre-hook and the post-hook of acme.sh through the variable PRE_HOOK and POST_HOOK. Therefor it is possible to trigger actions just before and after a certificate is issued (see https://github.com/acmesh-official/acme.sh/wiki/Using-pre-hook-post-hook-renew-hook-reloadcmd)
For example you can change some firewallrules