smallstep
Automatically install required dependencies on Linux
Hello! I'm working on an internal service at work that uses this. Would you be interested in a patch that implements support for some basic attempts to get the dependencies? For example, it would check if apt-get is in $PATH, and, if so, try to install relevant Debian packages.
Thank you
I think so, are you thinking on installing ca-certificates if it's not there yet?
Something like that, yes. I have a version of this working already, but sometimes it'll give me "platform not supported" errors - is there a list of hard deps anywhere, or are these all that are needed? https://github.com/smallstep/truststore/blob/master/truststore_linux.go#L29
- is there a list of hard deps anywhere, or are these all that are needed?
Not afaik, I created this based on https://github.com/FiloSottile/mkcert/blob/master/truststore_linux.go, but as a package that we can use in other places.
I'm thinking that it should try to detect the package manager, then install ca-certificates or whatever the equivalent is. After that, I can trial-and-error anything else that may be needed.
So, the steps taken by the code would be:
- determine what tool needs to be used based on FS structure (this is already done)
- if it's not available on the PATH, install it from whatever package manager seems to be available
- try again
- clean up afterwards
I've still been working on this. Ignoring SSL certs will be an option, for Alpine and Debian based systems. DNF makes it a pain to disable SSL checks for one-off commands.
Honestly, I don't think a check is even needed for RHEL-like systems after some testing. Even their minimal images include the required utilities, so I'm going to skip implementing it.