Add ability to inject internal CA Cert

DOCS.md

@@ -4,6 +4,7 @@ Use the Terraform plugin to apply the infrastructure configuration contained wit
 * `remote` - contains the configuration for the Terraform remote state tracking.
   * `backend` - the Terraform remote state backend to use.
   * `config` - a map of configuration parameters for the remote state backend. Each value is passed as a `-backend-config=<key>=<value>` option.
+  * `ca_cert` - ca cert to add to your environment to allow terraform to use internal/private resources
 * `vars` - a map of variables to pass to the Terraform `plan` and `apply` commands. Each value is passed as a `-var <key>=<value>` option.
 
 The following is a sample Terraform configuration in your .drone.yml file:
@@ -14,6 +15,11 @@ deploy:
     plan: false
     remote:
       backend: S3
+      ca_cert: |
+        -----BEGIN CERTIFICATE-----
+        asdfsadf
+        asdfsadf
+        -----END CERTIFICATE-----
       config:
         bucket: my-terraform-config-bucket
         key: tf-states/my-project

main.go

@@ -5,6 +5,7 @@ import (
 	"os"
 	"os/exec"
 	"strings"
+	"io/ioutil"
 
 	"github.com/drone/drone-plugin-go/plugin"
 )
@@ -18,6 +19,7 @@ type terraform struct {
 type remote struct {
 	Backend string            `json:"backend"`
 	Config  map[string]string `json:"config"`
+	Cacert  string            `json:"ca_cert"`
 }
 
 func main() {
@@ -31,6 +33,9 @@ func main() {
 
 	var commands []*exec.Cmd
 	remote := vargs.Remote
+	if remote.Cacert != "" {
+		commands = append(commands, installCaCert(remote.Cacert))
+	}
 	if remote.Backend != "" {
 		commands = append(commands, remoteConfigCommand(remote))
 	}
@@ -57,6 +62,13 @@ func main() {
 
 }
 
+func installCaCert(cacert string) *exec.Cmd {
+	ioutil.WriteFile("/usr/local/share/ca-certificates/ca_cert.crt", []byte(cacert), 0644)
+	return exec.Command(
+		"update-ca-certificates",
+	)
+}
+
 func remoteConfigCommand(config remote) *exec.Cmd {
 	args := []string{
 		"remote",