Skip to content

Add new APT and RPM signing keys #890

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Jun 29, 2023
Merged

Add new APT and RPM signing keys #890

merged 7 commits into from
Jun 29, 2023

Conversation

@chouetz
Copy link
Member

@chouetz chouetz commented May 30, 2023
edited
Loading

What does this PR do?

Addition of the new key for signing rotation process

Motivation

Regular signing key rotation process

Additional Notes

Possible Drawbacks / Trade-offs

Describe how to test/QA your changes

Install the agent packages pushed on trial repository

Reviewer's Checklist

@chouetz chouetz requested a review from a team as a code owner May 30, 2023 12:36
@chouetz chouetz added this to the Triage milestone May 30, 2023
@chouetz chouetz added hold/no-merge dependencies Pull requests that update a dependency file labels May 30, 2023
@chouetz chouetz changed the title Upgrade to new signing keys [AP-2102] Upgrade to new signing keys Jun 9, 2023
@chouetz chouetz force-pushed the nschweitzer/signing branch from d907526 to ffff3b7 Compare June 13, 2023 12:16
KevinFairise2
KevinFairise2 approved these changes Jun 14, 2023
View reviewed changes
Copy link
Member

@KevinFairise2 KevinFairise2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just leave a small question, otherwise looks good to me!

spec/repository_spec.rb

expect(chef_run.remote_file('remote_file_DATADOG_APT_KEY_CURRENT.public')).to notify(
'execute[import apt datadog key DATADOG_APT_KEY_CURRENT.public]').to(:run).immediately
expect(chef_run.remote_file('remote_file_5F1E256061D813B125E156E8E6266D4AC0962C7D')).to notify(
Copy link
Member

@KevinFairise2 KevinFairise2 Jun 14, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just out of curiosity, shouldn't the new key become the current key ? Or we must wait before switching ?

Copy link

@bkabrda bkabrda Jun 20, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It will become the current key when we actually start using it (we're not using it yet).

@chouetz chouetz requested a review from bkabrda June 19, 2023 08:23
bkabrda
bkabrda reviewed Jun 20, 2023
View reviewed changes
bkabrda
bkabrda reviewed Jun 20, 2023
View reviewed changes
@chouetz chouetz force-pushed the nschweitzer/signing branch from a7a12be to 2086953 Compare June 29, 2023 07:27
@chouetz chouetz changed the title [AP-2102] Upgrade to new signing keys Add new APT and RPM signing keys Jun 29, 2023
@chouetz chouetz merged commit 5d01e11 into main Jun 29, 2023
@chouetz chouetz deleted the nschweitzer/signing branch June 29, 2023 08:17
@chouetz chouetz mentioned this pull request Jul 4, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@KevinFairise2 KevinFairise2 KevinFairise2 approved these changes

+1 more reviewer

@bkabrda bkabrda bkabrda approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file hold/no-merge

Projects

None yet

Milestone

Triage

Development

Successfully merging this pull request may close these issues.

4 participants

@chouetz @bkabrda @KevinFairise2