Skip to content

Commit

Permalink
Try getting the PKCS12 key from S3
Browse files Browse the repository at this point in the history
  • Loading branch information
TwistedTwigleg committed May 24, 2023
1 parent f64ab14 commit c8c4fb1
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 6 deletions.
5 changes: 1 addition & 4 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -331,10 +331,7 @@ jobs:
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pubsub_cfg.json
- name: run PKCS12 sample
run: |
cert=$(aws secretsmanager get-secret-value --region us-east-1 --secret-id "ci/PubSub/cert" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$cert" > /tmp/certificate.pem
key=$(aws secretsmanager get-secret-value --region us-east-1 --secret-id "ci/PubSub/key" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\") && echo -e "$key" > /tmp/privatekey.pem
pkcs12_password=$(aws secretsmanager get-secret-value --region us-east-1 --secret-id "ci/PubSub/key_pkcs12_password" --query "SecretString" | cut -f2 -d":" | cut -f2 -d\")
openssl pkcs12 -export -in /tmp/certificate.pem -inkey /tmp/privatekey.pem -out ./pkcs12-key.p12 -name PubSub_Thing_Alias -password pass:$pkcs12_password
aws s3 cp s3://iot-sdk-ci-bucket-us-east1/iot_pkcs12_key.p12 ./iot_pkcs12_key.p12
python3 ${{ env.CI_UTILS_FOLDER }}/run_sample_ci.py --file ${{ env.CI_SAMPLES_CFG_FOLDER }}/ci_run_pkcs12_connect_cfg.json
- name: configure AWS credentials (MQTT5)
uses: aws-actions/configure-aws-credentials@v1
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/ci_run_pkcs12_connect_cfg.json
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,11 @@
},
{
"name": "--pkcs12_file",
"data": "./pkcs12-key.p12"
"data": "./iot_pkcs12_key.p12"
},
{
"name": "--pkcs12_password",
"secret": "ci/PubSub/key_pkcs12_password"
"data": "PKCS12_KEY_PASSWORD"
}
]
}

0 comments on commit c8c4fb1

Please sign in to comment.