Navigation Menu

Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Changing from no-cert to edge encryption should not panic #15550

Merged
merged 2 commits into from Jul 31, 2017
Merged

Changing from no-cert to edge encryption should not panic #15550

merged 2 commits into from Jul 31, 2017

Conversation

smarterclayton
Copy link
Contributor

A user who doesn't have permission to change from no cert to edge on an update should not be able to cause a panic. In addition, it should be possible for an unprivileged user to strip certificate info out of a previously valid route. Add better tests.

Fixes #15547

Also fixes the broken goversioninfo which prevented a 3.6.0 release build.

@openshift-merge-robot openshift-merge-robot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Jul 30, 2017
@openshift-merge-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: smarterclayton

Associated issue: 15547

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these OWNERS Files:

You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

@openshift-merge-robot openshift-merge-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 30, 2017
@smarterclayton smarterclayton mentioned this pull request Jul 30, 2017
Closed
@smarterclayton smarterclayton modified the milestone: 3.6.0 Jul 30, 2017
@smarterclayton
Changing from no cert to edge encryption should not panic
68feae6 
The new route permission checks were too aggressive, erroring out if the
user was attempting to clear route certificates, or panicking if setting
a new TLS struct. Fix the conditions to be clearer, and add a test to
guard the new edge cases.
@smarterclayton
Skip goversioninfo when it is not installed
c4dd4cf 
Release image does not contain this and an upstream bug is blocking
regeneration of the images due to bad tito dependencies.

Change the ordering of the makefile and the release image to make
failures easier to work around.
@smarterclayton
Copy link
Contributor Author

Merging to enable the 3.6.0 origin release. Will do follow ups in this and other branches.

@smarterclayton smarterclayton added the lgtm Indicates that a PR is ready to be merged. label Jul 31, 2017
@openshift-merge-robot
Copy link
Contributor

Automatic merge from submit-queue

@openshift-merge-robot openshift-merge-robot merged commit f6124b8 into openshift:release-3.6 Jul 31, 2017
@0xmichalis
Copy link
Contributor

lgtm

1 similar comment
@rajatchopra
Copy link
Contributor

lgtm

@smarterclayton
Copy link
Contributor Author

smarterclayton commented Jul 31, 2017 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@rajatchopra rajatchopra

@0xmichalis 0xmichalis

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
3.6.0
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@smarterclayton @openshift-merge-robot @0xmichalis @rajatchopra