adding trusted certs back fixes #118

hooks/blueprint

@@ -23,7 +23,8 @@ merge=( bosh-deployment/bosh.yml
         bosh-deployment/credhub.yml
         bosh-deployment/misc/dns.yml
         bosh-deployment/misc/ntp.yml
-        bosh-deployment/misc/proxy.yml )
+        bosh-deployment/misc/proxy.yml
+        bosh-deployment/misc/trusted-certs.yml )
 
 # Check for ops features
 declare -a features
@@ -163,7 +164,7 @@ for want in ${GENESIS_REQUESTED_FEATURES}; do
     # when using warden we want the bosh-lite.yml to be merged
     # this will add and configure the garden deamon
     merge+=( bosh-deployment/bosh-lite.yml
-             "overlay/cpis/${want}.yml" 
+             "overlay/cpis/${want}.yml"
              overlay/no-proto.yml )
     ;;
 

overlay/base.yml

@@ -47,6 +47,7 @@ bosh-variables:
   http_proxy:  (( grab params.http_proxy  || "" ))
   https_proxy: (( grab params.https_proxy || "" ))
   no_proxy:    (( grab params.no_proxy    || "" ))
+  trusted_ca_cert: (( grab params.trusted_certs || "" ))
 
 params:
   bosh_hostname:  bosh

spec/results/all-addons-source.yml

@@ -324,6 +324,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/all-addons.yml

@@ -332,6 +332,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/all-params.yml

@@ -334,6 +334,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: test-trusted-certs
       user_management:
         provider: uaa
         uaa:

spec/results/aws-iam-profile-s3-blobstore-iam-profile.yml

@@ -296,6 +296,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/aws-iam-profile-s3-blobstore.yml

@@ -298,6 +298,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/aws-iam-profile.yml

@@ -311,6 +311,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/aws-s3-blobstore-iam-profile.yml

@@ -297,6 +297,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/aws-s3-blobstore.yml

@@ -299,6 +299,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/aws.yml

@@ -312,6 +312,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/azure.yml

@@ -317,6 +317,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/blacksmith-integration.yml

@@ -318,6 +318,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/external-db-no-tls.yml

@@ -310,6 +310,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/external-db.yml

@@ -324,6 +324,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/google.yml

@@ -306,6 +306,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/node-exporter.yml

@@ -310,6 +310,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/openstack.yml

@@ -306,6 +306,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/ops-override.yml

@@ -304,6 +304,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-all-params-aws.yml

@@ -347,6 +347,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-all-params-azure.yml

@@ -357,6 +357,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-all-params-google.yml

@@ -333,6 +333,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-all-params-source-vsphere.yml

@@ -341,6 +341,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-all-params-vsphere.yml

@@ -341,6 +341,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-aws-iam-profile-s3-blobstore-iam-profile.yml

@@ -330,6 +330,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-aws-iam-profile-s3-blobstore.yml

@@ -332,6 +332,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-aws-iam-profile.yml

@@ -345,6 +345,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-aws-s3-blobstore-iam-profile.yml

@@ -331,6 +331,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-aws-s3-blobstore.yml

@@ -331,6 +331,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-aws.yml

@@ -347,6 +347,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-azure.yml

@@ -357,6 +357,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-google.yml

@@ -333,6 +333,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-openstack.yml

@@ -343,6 +343,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/proto-vsphere.yml

@@ -341,6 +341,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/skip-op-users.yml

@@ -293,6 +293,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/upgrade.yml

@@ -345,6 +345,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/vault-credhub-proxy.yml

@@ -317,6 +317,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/vsphere-s3-blobstore.yml

@@ -291,6 +291,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/vsphere.yml

@@ -304,6 +304,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa:

spec/results/warden-vsphere.yml

@@ -320,6 +320,7 @@ instance_groups:
       ssl:
         cert: <!{meta.vault}/ssl/server:certificate!>
         key: <!{meta.vault}/ssl/server:key!>
+      trusted_certs: ""
       user_management:
         provider: uaa
         uaa: