Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update the way that the certificate bundle is generated #1428

Merged
merged 2 commits into from
Apr 26, 2022
Merged

Update the way that the certificate bundle is generated #1428

merged 2 commits into from
Apr 26, 2022

Conversation

benashz
Copy link
Contributor

@benashz benashz commented Apr 25, 2022

De-duplicate all certs from a PEM bundle by first decoding all blocks.

  • update all related unit tests so that they are passing again.

Community Note

  • Please vote on this pull request by adding a 馃憤 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

Relates OR Closes #0000

Release note for CHANGELOG:

Output from acceptance testing:

$ make testacc TESTARGS='-v -test.run TestPkiSecretBackendCert*'                

==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test -v -v -test.run TestPkiSecretBackendCert* -timeout 30m ./...

ok      github.com/hashicorp/terraform-provider-vault/util      0.473s [no tests to run]
=== RUN   TestPkiSecretBackendCert_basic
--- PASS: TestPkiSecretBackendCert_basic (5.80s)
=== RUN   TestPkiSecretBackendCert_revoke
--- PASS: TestPkiSecretBackendCert_revoke (5.60s)
=== RUN   TestPkiSecretBackendCert_renew
--- PASS: TestPkiSecretBackendCert_renew (11.81s)
PASS
ok      github.com/hashicorp/terraform-provider-vault/vault     24.317s

=== RUN   Test_setCAChain
=== RUN   Test_setCAChain/empty-ca-chain-pem
=== RUN   Test_setCAChain/empty-ca-chain-pem-bundle
=== RUN   Test_setCAChain/empty-ca-chain-2-pem
=== RUN   Test_setCAChain/empty-ca-chain-2-duplicate-pem
=== RUN   Test_setCAChain/empty-ca-chain-2-pem-bundle
=== RUN   Test_setCAChain/empty-ca-chain-2-duplicate-pem-bundle
=== RUN   Test_setCAChain/empty-ca-chain-der
=== RUN   Test_setCAChain/absent-ca-chain-der
=== RUN   Test_setCAChain/populated-ca-chain
=== RUN   Test_setCAChain/invalid-ca-chain-type
=== RUN   Test_setCAChain/missing-intermediate-cert
=== RUN   Test_setCAChain/missing-issuing-ca
--- PASS: Test_setCAChain (0.00s)
    --- PASS: Test_setCAChain/empty-ca-chain-pem (0.00s)
    --- PASS: Test_setCAChain/empty-ca-chain-pem-bundle (0.00s)
    --- PASS: Test_setCAChain/empty-ca-chain-2-pem (0.00s)
    --- PASS: Test_setCAChain/empty-ca-chain-2-duplicate-pem (0.00s)
    --- PASS: Test_setCAChain/empty-ca-chain-2-pem-bundle (0.00s)
    --- PASS: Test_setCAChain/empty-ca-chain-2-duplicate-pem-bundle (0.00s)
    --- PASS: Test_setCAChain/empty-ca-chain-der (0.00s)
    --- PASS: Test_setCAChain/absent-ca-chain-der (0.00s)
    --- PASS: Test_setCAChain/populated-ca-chain (0.00s)
    --- PASS: Test_setCAChain/invalid-ca-chain-type (0.00s)
    --- PASS: Test_setCAChain/missing-intermediate-cert (0.00s)
    --- PASS: Test_setCAChain/missing-issuing-ca (0.00s)
PASS
ok      github.com/hashicorp/terraform-provider-vault/vault     0.670s

=== RUN   Test_pkiSecretRootSignIntermediateRUpgradeV0
=== RUN   Test_pkiSecretRootSignIntermediateRUpgradeV0/basic
=== RUN   Test_pkiSecretRootSignIntermediateRUpgradeV0/invalid-no-issuing-ca
=== RUN   Test_pkiSecretRootSignIntermediateRUpgradeV0/invalid-no-certificate
--- PASS: Test_pkiSecretRootSignIntermediateRUpgradeV0 (0.00s)
    --- PASS: Test_pkiSecretRootSignIntermediateRUpgradeV0/basic (0.00s)
    --- PASS: Test_pkiSecretRootSignIntermediateRUpgradeV0/invalid-no-issuing-ca (0.00s)
    --- PASS: Test_pkiSecretRootSignIntermediateRUpgradeV0/invalid-no-certificate (0.00s)
PASS
ok      github.com/hashicorp/terraform-provider-vault/vault     1.732s

@benashz benashz force-pushed the VAULT-5425/refine-generation-of-cert-bundle branch from 83a4184 to a780424 Compare April 25, 2022 21:20
@benashz
Update the way that the certificate bundle is generated
8ec0f23 
De-duplicate all certs from a PEM bundle.

- update all related unit tests so that they are passing again.
@benashz benashz force-pushed the VAULT-5425/refine-generation-of-cert-bundle branch from a780424 to 8ec0f23 Compare April 25, 2022 21:45
vinay-gopalan
vinay-gopalan approved these changes Apr 26, 2022
View reviewed changes
Copy link
Contributor

@vinay-gopalan vinay-gopalan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great!

@benashz benashz merged commit b56a2f2 into main Apr 26, 2022
@benashz benashz deleted the VAULT-5425/refine-generation-of-cert-bundle branch April 26, 2022 20:13
@benashz benashz added this to the 3.6.0 milestone May 18, 2022
marcboudreau pushed a commit to marcboudreau/terraform-provider-vault that referenced this pull request Nov 6, 2022
@benashz
Update the way that the certificate bundle is generated (hashicorp#1428)
28b425e 
De-duplicate all certs from a PEM bundle.

- update all related unit tests so that they are passing again.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vinay-gopalan vinay-gopalan vinay-gopalan approved these changes

Assignees
No one assigned
Labels
size/XL
Projects
None yet
Milestone
3.6.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@benashz @vinay-gopalan