Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Start container-based PKI ACME tests #20320

Merged
merged 2 commits into from
Apr 25, 2023
Merged

Start container-based PKI ACME tests #20320

merged 2 commits into from
Apr 25, 2023

Conversation

cipherboy
Copy link
Contributor

This spins up Vault in a container image to allow other containers (in this case, Certbot) to bidirectionally connect to/from Vault.

Based on top of #20247; will be rebased once that merges.

Ideally I'd like to spin up a DNS server that certbot has a plugin for and update our configuration to allow specifying custom DNS resolvers for all challenge types.

But we'll get there. For now, we use an /etc/host hack on the Vault container.

@cipherboy cipherboy added this to the 1.14 milestone Apr 24, 2023
@cipherboy cipherboy requested review from stevendpclark and a team April 24, 2023 16:34
@cipherboy cipherboy mentioned this pull request Apr 24, 2023
Merged
Base automatically changed from test-docker-vault to main April 24, 2023 18:25
@ncabatoff ncabatoff requested a review from a team April 24, 2023 18:25
@cipherboy cipherboy force-pushed the cipherboy-start-acme-docker-tests branch from f092663 to 4c52079 Compare April 24, 2023 20:34
@cipherboy cipherboy removed the request for review from a team April 24, 2023 20:34
@cipherboy cipherboy mentioned this pull request Apr 25, 2023
Merged
@cipherboy cipherboy force-pushed the cipherboy-start-acme-docker-tests branch 2 times, most recently from 3f058e6 to c3ca57d Compare April 25, 2023 15:03
stevendpclark
stevendpclark approved these changes Apr 25, 2023
View reviewed changes
Copy link
Contributor

@stevendpclark stevendpclark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only nit would be to update references to use/add the docker images to the HC mirror

@cipherboy
Start ACME containerized test suite
715b630 
This starts a containerized ACME test suite using containers, running
both Vault and Certbot (in standalone mode) in the container to ensure
we successfully issue certificates.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
@cipherboy
Switch to using hashicorp mirror
6b94524 
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
@cipherboy cipherboy force-pushed the cipherboy-start-acme-docker-tests branch from c3ca57d to 6b94524 Compare April 25, 2023 18:49
@cipherboy
Copy link
Contributor Author

Thanks! Added certbot to the mirror and pushed the update.

@cipherboy cipherboy enabled auto-merge (squash) April 25, 2023 18:49
@cipherboy cipherboy merged commit d00fbf8 into main Apr 25, 2023
@raskchanky raskchanky deleted the cipherboy-start-acme-docker-tests branch April 25, 2023 23:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stevendpclark stevendpclark stevendpclark approved these changes

Assignees
No one assigned
Labels
enhancement pr/no-changelog secret/pki
Projects
None yet
Milestone
1.14
Development

Successfully merging this pull request may close these issues.
2 participants
@cipherboy @stevendpclark