diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml index d9af8c02ed..75a0dfb152 100644 --- a/.gitea/workflows/build.yml +++ b/.gitea/workflows/build.yml @@ -31,16 +31,12 @@ jobs: echo "Verifying certificate..." openssl x509 -in /tmp/ipa-ca.crt -subject -dates -noout - # Install to system trust store - sudo cp /tmp/ipa-ca.crt /usr/local/share/ca-certificates/ipa-ca.crt - sudo update-ca-certificates - - # Set NODE_EXTRA_CA_CERTS for Node.js-based actions + # Set NODE_EXTRA_CA_CERTS for Node.js-based actions (used by upload-artifact) echo "NODE_EXTRA_CA_CERTS=/tmp/ipa-ca.crt" >> $GITHUB_ENV - # Verify SSL connection to Gitea works + # Verify SSL connection to Gitea works with the CA cert echo "Testing SSL connection to Gitea..." - curl -fsSL https://gitea.kindred.internal/api/v1/version + curl -fsSL --cacert /tmp/ipa-ca.crt https://gitea.kindred.internal/api/v1/version echo "" echo "SSL certificate setup complete" diff --git a/.gitea/workflows/release.yml b/.gitea/workflows/release.yml index c3047fa971..674933509b 100644 --- a/.gitea/workflows/release.yml +++ b/.gitea/workflows/release.yml @@ -39,16 +39,12 @@ jobs: echo "Verifying certificate..." openssl x509 -in /tmp/ipa-ca.crt -subject -dates -noout - # Install to system trust store - sudo cp /tmp/ipa-ca.crt /usr/local/share/ca-certificates/ipa-ca.crt - sudo update-ca-certificates - - # Set NODE_EXTRA_CA_CERTS for Node.js-based actions + # Set NODE_EXTRA_CA_CERTS for Node.js-based actions (used by upload-artifact) echo "NODE_EXTRA_CA_CERTS=/tmp/ipa-ca.crt" >> $GITHUB_ENV - # Verify SSL connection to Gitea works + # Verify SSL connection to Gitea works with the CA cert echo "Testing SSL connection to Gitea..." - curl -fsSL https://gitea.kindred.internal/api/v1/version + curl -fsSL --cacert /tmp/ipa-ca.crt https://gitea.kindred.internal/api/v1/version echo "" echo "SSL certificate setup complete"