-
Notifications
You must be signed in to change notification settings - Fork 332
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use single Custodia instance in installers
Installers now pass a single CustodiaInstance object around, instead of creating new instances on demand. In case of replica promotion with CA, the instance gets all secrets from a master with CA present. Before, an installer created multiple instances and may have requested CA key material from a different machine than DM password hash. In case of Domain Level 1 and replica promotion, the CustodiaInstance no longer adds the keys to the local instance and waits for replication to other replica. Instead the installer directly uploads the new public keys to the remote 389-DS instance. Without promotion, new Custodia public keys are still added to local 389-DS over LDAPI. Fixes: https://pagure.io/freeipa/issue/7518 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Simo Sorce <ssorce@redhat.com>
- Loading branch information
Showing
8 changed files
with
155 additions
and
74 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.