Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test cert setup #1053

Merged
merged 3 commits into from
Sep 5, 2024
Merged

Test cert setup #1053

merged 3 commits into from
Sep 5, 2024

Conversation

mdellweg
Copy link
Member

@mdellweg mdellweg commented Sep 1, 2024

No description provided.

@mdellweg mdellweg force-pushed the test_cert_setup branch 8 times, most recently from 7e8002c to f0ae07b Compare September 3, 2024 12:38
@github-actions github-actions bot removed the wip label Sep 3, 2024
@mdellweg mdellweg marked this pull request as ready for review September 3, 2024 12:53
@mdellweg mdellweg enabled auto-merge (rebase) September 5, 2024 07:06
@mdellweg
Use certificate authentication in the ssl test
5e0dc4d 
This sets up nginx to accept client certificates and provides a matching
client certificate with DN=admin.
gerrod3
gerrod3 reviewed Sep 5, 2024
View reviewed changes
Copy link
Contributor

@gerrod3 gerrod3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some questions before I approve.

.ci/run_container.sh
Comment on lines +64 to +67
python3 "${BASEPATH}/gen_certs.py" -d "${PULP_CLI_TEST_TMPDIR}/settings/certs"
export PULP_CA_BUNDLE="${PULP_CLI_TEST_TMPDIR}/settings/certs/ca.pem"
ln -fs server.pem "${PULP_CLI_TEST_TMPDIR}/settings/certs/pulp_webserver.crt"
ln -fs server.key "${PULP_CLI_TEST_TMPDIR}/settings/certs/pulp_webserver.key"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm confused on how these links find the right files. I though the server.pem and server.key are being stored in PULP_CLI_TEST_TMPDIR/settings/certs, what directory are the ln commands running from?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's confusing yes. But the first parameter is the relative path the link gets, so in the end the files and the links land in the same directory, while the PWD of the ln command can be anything.

.ci/settings/settings.py
@@ -1,4 +1,3 @@
ALLOWED_EXPORT_PATHS = ["/tmp"]
ORPHAN_PROTECTION_TIME = 0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are we sure this isn't going to break some tests?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure? Well we put it in a loooong time ago as a stop gap. I don't think we do that in the repositories CI anymore.

@mdellweg mdellweg merged commit 699ff57 into pulp:main Sep 5, 2024
17 checks passed
@mdellweg mdellweg deleted the test_cert_setup branch September 5, 2024 13:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gerrod3 gerrod3 gerrod3 approved these changes

Assignees
No one assigned
Labels
multi-commit no-changelog no-issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mdellweg @gerrod3