+
+# Common
+if node['concourse-ci']['docker-compose']['import_ca']
+ ::Chef::Recipe.send(:include, SSLCert::Helper)
+
+ node['concourse-ci']['ssl_cert']['ca_names'].each {|ca_name|
+ append_ca_name(ca_name)
+ ca_cert_vol = "#{ca_cert_path(ca_name)}:/usr/share/ca-certificates/#{ca_name}.crt:ro"
+ web_vols.push(ca_cert_vol)
+ worker_vols.push(ca_cert_vol)
+ }
+ include_recipe 'ssl_cert::ca_certs'
+
+ import_ca_script = '/usr/local/bin/concourse_import_ca'
+ template "#{bin_dir}/concourse_import_ca" do
+ source 'opt/docker-compose/app/concourse/bin/concourse_import_ca'
+ owner 'root'
+ group 'root'
+ mode '0755'
+ action :create
+ end
+ import_ca_script_vol = "#{bin_dir}/concourse_import_ca:#{import_ca_script}:ro"
+ web_vols.push(import_ca_script_vol)
+ worker_vols.push(import_ca_script_vol)
+
+ image_entrypoint = node['concourse-ci']['docker-image']['entrypoint']
+ override_config_srvs['concourse-web']['entrypoint'] \
+ = "/bin/sh -c \"#{import_ca_script} && #{image_entrypoint} web\""
+ override_config_srvs['concourse-worker']['entrypoint'] \
+ = "/bin/sh -c \"#{import_ca_script} && #{image_entrypoint} worker\""
+ if config_format_version.to_i == 2
+ node.rm('concourse-ci', 'docker-compose', 'config', 'services', 'concourse-web', 'command')
+ node.rm('concourse-ci', 'docker-compose', 'config', 'services', 'concourse-worker', 'command')
+ else
+ node.rm('concourse-ci', 'docker-compose', 'config', 'concourse-web', 'command')
+ node.rm('concourse-ci', 'docker-compose', 'config', 'concourse-worker', 'command')
+ end
+end
+
+# merge environment hash
+force_override_config_srvs['concourse-web']['environment'] = web_envs unless web_envs.empty?