Have JI validate journalist key is valid #7035
Merged
Commits on Oct 26, 2023
-
Have JI validate journalist key is valid
During the Sequoia migration, we need to export the journalist public key from the GPG keyring into a file on disk. We also needed to validate the key was usable by Sequoia (e.g. no SHA-1 binding signatures). Previously the plan was to validate it during the postinst and error out if it wasn't valid, but if validation fails for whatever reason, then we abort, which interrupts the postinst, so, e.g. database upgrades won't be applied. In retrospect having the validation fail at package install time is bad, because it requires even more manual work to get an instance in a working state since you need to manually apply the updates after doing a key rotation. Now we validate the journalist key during startup of the Journalist Interface, printing and logging an error if it doesn't validate and then exiting. This should bring attention to journalists and therefore the admin that the instance needs manual attention. We will also include information about this change in the pre-release and release announcements. Fixes #7030.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.