cli: consul tls: create private keys with mode 0600 #11781
Conversation
This applies to consul tls ca create consul tls cert create -client consul tls cert create -server Closes: hashicorp#11741
|
Friendly ping @Amier3 :-) |
|
Thanks for the contribution @marco-m , it's much appreciated! We'll try to get this reviewed and merged as soon as we can, i'll note that their may be a bit of a delay due to the holidays. |
dnephin
added
backport/1.10
theme/cli
| if want, have := fs.FileMode(0600), fi.Mode().Perm(); want != have { | ||
| t.Fatalf("private key file %s: permissions: want: %o; have: %o", keyPath, want, have) | ||
| } |
There was a problem hiding this comment.
I generally we try to use require.Equal to match the other assertions, but this is ok too.
There was a problem hiding this comment.
Hello @dnephin, I had noticed that consul uses testify; I went with this style is because I am used to it and thought that I could not express the same with testify, but now that I think about it, I could have passed the two integers to require.Assert; on the other hand I wanted to put in the error message also the file path... I should have searched before if there was a way to do so with testify.
|
🍒 If backport labels were added before merging, cherry-picking will start automatically. To retroactively trigger a backport after merging, add backport labels and re-run https://circleci.com/gh/hashicorp/consul/535488. |
|
🍒✅ Cherry pick of commit 1eb3178 onto |
cli: consul tls: create private keys with mode 0600
|
🍒✅ Cherry pick of commit 1eb3178 onto |
cli: consul tls: create private keys with mode 0600
|
🍒✅ Cherry pick of commit 1eb3178 onto |
cli: consul tls: create private keys with mode 0600
This applies to
consul tls ca create
consul tls cert create -client
consul tls cert create -server
Closes: #11741