-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(authsign): store additional metadata/fields in
certdb
This is a major change in that the included DB migrations *must* be run before the new version of `cfssl` is deployed. This allows for clients (i.e. https://github.com/cloudflare/certmgr) to send some additional optional fields to `/api/v1/cfssl/authsign` to be stored in `certdb`. It also starts saving SANs, common name, and NotBefore from the issued certificates so that they can be queried without having to parse the PEM.
- Loading branch information
1 parent
2916a1f
commit 35f9d5c
Showing
8 changed files
with
115 additions
and
20 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
-- +goose Up | ||
-- SQL in section 'Up' is executed when this migration is applied | ||
ALTER TABLE certificates | ||
ADD COLUMN issued_at timestamp DEFAULT '0000-00-00 00:00:00', | ||
ADD COLUMN not_before timestamp DEFAULT '0000-00-00 00:00:00', | ||
ADD COLUMN originating_host TEXT, | ||
ADD COLUMN sans TEXT, | ||
ADD COLUMN tags TEXT, | ||
ADD COLUMN common_name TEXT, | ||
ADD COLUMN filename TEXT, | ||
ADD COLUMN application_name TEXT; | ||
-- +goose Down | ||
-- SQL section 'Down' is executed when this migration is rolled back | ||
ALTER TABLE certificates DROP COLUMN issued_at, | ||
DROP COLUMN not_before, | ||
DROP COLUMN originating_host, | ||
DROP COLUMN sans, | ||
DROP COLUMN tags, | ||
DROP COLUMN common_name, | ||
DROP COLUMN filename, | ||
DROP COLUMN application_name; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
-- +goose Up | ||
-- SQL in section 'Up' is executed when this migration is applied | ||
ALTER TABLE certificates | ||
ADD COLUMN issued_at timestamptz, | ||
ADD COLUMN not_before timestamptz, | ||
ADD COLUMN originating_host TEXT, | ||
ADD COLUMN sans TEXT, | ||
ADD COLUMN tags TEXT, | ||
ADD COLUMN common_name TEXT, | ||
ADD COLUMN filename TEXT, | ||
ADD COLUMN application_name TEXT; | ||
-- +goose Down | ||
-- SQL section 'Down' is executed when this migration is rolled back | ||
ALTER TABLE certificates DROP COLUMN issued_at, | ||
DROP COLUMN not_before, | ||
DROP COLUMN originating_host, | ||
DROP COLUMN sans, | ||
DROP COLUMN tags, | ||
DROP COLUMN common_name, | ||
DROP COLUMN filename, | ||
DROP COLUMN application_name; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
16 changes: 16 additions & 0 deletions
16
certdb/sqlite/migrations/002_AddMetadataToCertificates.sql
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
-- +goose Up | ||
-- SQL in section 'Up' is executed when this migration is applied | ||
|
||
ALTER TABLE certificates ADD COLUMN "issued_at" timestamp; | ||
ALTER TABLE certificates ADD COLUMN "not_before" timestamp; | ||
ALTER TABLE certificates ADD COLUMN "originating_host" text; | ||
ALTER TABLE certificates ADD COLUMN "sans" text; | ||
ALTER TABLE certificates ADD COLUMN "tags" text; | ||
ALTER TABLE certificates ADD COLUMN "common_name" text; | ||
ALTER TABLE certificates ADD COLUMN "filename" text; | ||
ALTER TABLE certificates ADD COLUMN "application_name" text; | ||
|
||
-- +goose Down | ||
-- SQL section 'Down' is executed when this migration is rolled back | ||
|
||
-- can't drop columns in sqlite |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters