Skip to content

DRAFT - Rotate self-signed certs on update (PROJQUAY-5879) #132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

DRAFT - Rotate self-signed certs on update (PROJQUAY-5879) #132

wants to merge 2 commits into from

Conversation

@HammerMeetNail
Copy link
Contributor

@HammerMeetNail HammerMeetNail commented Aug 15, 2023

First pass, needs some additional tests and checks, but I have verified a mirror registry created cert is updated.

  • upgrade now recreates the installed certificates if they were created by mirror registry
    • Checks the cert organization for the presence of quay
 PLAY RECAP ***********************************************************************************************************************************************
[email protected] : ok=46   changed=20   unreachable=0    failed=0    skipped=27   rescued=0    ignored=0

INFO[2023-08-15 22:02:04] Quay upgraded successfully
[doconnor@doconnor-omr-dev ~]$ openssl x509 -in quay-install/quay-rootCA/rootCA.pem -noout -text
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:a4:7b:65:17:03:13:dc:de:96:e3:d2:80:1b:9c:99:db:df:01:20
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, ST = VA, L = New York, O = Quay, OU = Division, CN = doconnor-omr-dev.c.quay-devel.internal
        Validity
            Not Before: Aug 15 22:01:23 2023 GMT
            Not After : Jun  4 22:01:23 2026 GMT

@HammerMeetNail HammerMeetNail added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label Aug 15, 2023
@HammerMeetNail HammerMeetNail changed the title Rotate self-signed certs on update(PROJQUAY-5879) Rotate self-signed certs on update (PROJQUAY-5879) Aug 15, 2023
@HammerMeetNail HammerMeetNail changed the title Rotate self-signed certs on update (PROJQUAY-5879) DRAFT - Rotate self-signed certs on update (PROJQUAY-5879) Oct 23, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

ok-to-test Indicates a non-member PR verified by an org member that is safe to test.

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@HammerMeetNail