Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

enbable TLS for crypts APIs #270

Merged
merged 15 commits into from
Nov 8, 2023
Merged

enbable TLS for crypts APIs #270

merged 15 commits into from
Nov 8, 2023

Conversation

YZ775
Copy link
Contributor

@YZ775 YZ775 commented Sep 28, 2023

Signed-off-by: YZ775 yuzuki-mimura@cybozu.co.jp

@YZ775 YZ775 self-assigned this Sep 28, 2023
@YZ775 YZ775 marked this pull request as draft September 28, 2023 00:33
@YZ775 YZ775 changed the title enbable TLS [wip]enbable TLS Sep 28, 2023
@YZ775 YZ775 force-pushed the enable-tls branch 3 times, most recently from d1820cb to ec5203b Compare October 11, 2023 00:02
@YZ775 YZ775 force-pushed the enable-tls branch 5 times, most recently from 92ec553 to b079c8a Compare October 13, 2023 07:37
@YZ775 YZ775 changed the title [wip]enbable TLS enbable TLS for crypts APIs Oct 13, 2023
@YZ775 YZ775 marked this pull request as ready for review October 13, 2023 07:51
masa213f
masa213f requested changes Oct 16, 2023
View reviewed changes
pkg/sabakan/main.go Outdated Show resolved Hide resolved
docs/sabakan.md Show resolved Hide resolved
pkg/sabakan/main.go Outdated Show resolved Hide resolved
pkg/sabakan/main.go Outdated Show resolved Hide resolved
Makefile Outdated Show resolved Hide resolved
pkg/sabakan-cryptsetup/cmd/root.go Show resolved Hide resolved
web/server.go Outdated Show resolved Hide resolved
pkg/sabactl/cmd/root.go Outdated Show resolved Hide resolved
web/server.go Outdated Show resolved Hide resolved
docs/sabakan.md Outdated Show resolved Hide resolved
@masa213f masa213f self-requested a review October 19, 2023 08:21
masa213f
masa213f requested changes Oct 19, 2023
View reviewed changes
docs/sabakan.md Outdated Show resolved Hide resolved
pkg/sabakan/main.go Outdated Show resolved Hide resolved
pkg/sabakan/main.go Outdated Show resolved Hide resolved
mtest/host-ign.yml Outdated Show resolved Hide resolved
mtest/host-ign.yml Outdated Show resolved Hide resolved
pkg/sabactl/cmd/root.go Show resolved Hide resolved
pkg/sabakan-cryptsetup/cmd/root.go Show resolved Hide resolved
@YZ775 YZ775 force-pushed the enable-tls branch 4 times, most recently from 7e3a9ad to 3489253 Compare October 23, 2023 02:33
@YZ775 YZ775 requested a review from masa213f October 23, 2023 05:08
@YZ775
enbable TLS
294fd84 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>

add advertise-url-https

Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>

sabakan url

Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>

remove http crypts API endpoint

Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>

skip booting sabakan server when certs not exist

Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>

fix test

Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>

update sabactl

Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>

fix actions

Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>

fix ignition

Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>

rename ca cert

Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>

add advertise-url-https in test

Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>

rename TLSEnabled

Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>

add docs

Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
@YZ775
update
0d10aa2 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
@YZ775
update
6a02c10 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
@YZ775
fix mtest
d2b1db0 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
@YZ775
fix mtest
858b5ee 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
@YZ775
fix certs of mtest
38fb646 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
@YZ775
add check of sabakan-cryptsetup in mtest
b454b34 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
@YZ775
change CI job to use mtest's cert files
312e773 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
masa213f
masa213f requested changes Oct 30, 2023
View reviewed changes
Makefile Outdated Show resolved Hide resolved
Makefile Outdated Show resolved Hide resolved
mtest/certs/ca-csr.json Show resolved Hide resolved
mtest/host-ign.yml Outdated Show resolved Hide resolved
.github/workflows/main.yaml Outdated Show resolved Hide resolved
mtest/certs/ca-key.pem Outdated Show resolved Hide resolved
Makefile Outdated Show resolved Hide resolved
@YZ775
update
14a0bc7 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
@YZ775
update2
bd5fe3c 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
@YZ775 YZ775 force-pushed the enable-tls branch 6 times, most recently from 2b37d4f to 98c5448 Compare October 31, 2023 05:49
@YZ775
improve CI
de3f937 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
@YZ775
delete CI env
9a52a0b 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
@YZ775 YZ775 force-pushed the enable-tls branch 2 times, most recently from bcc5d09 to 06ac01f Compare November 2, 2023 06:23
@YZ775
change e2e to dynamically generate certs
4223554 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
@YZ775 YZ775 requested a review from masa213f November 2, 2023 06:31
masa213f
masa213f requested changes Nov 6, 2023
View reviewed changes
Copy link
Contributor

@masa213f masa213f left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please delete certs files in e2e/certs.

mtest/netboot_test.go Outdated Show resolved Hide resolved
Makefile Show resolved Hide resolved
mtest/Makefile Outdated

CERTS = \
$(OUTPUT)/certs/ca.crt \
$(OUTPUT)/certs/server.crt\
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
$(OUTPUT)/certs/server.crt\
$(OUTPUT)/certs/server.crt \

mtest/Makefile Outdated Show resolved Hide resolved
Makefile Outdated
E2E_OUTPUT=$(abspath ./e2e/output)
E2E_CERTS = \
$(E2E_OUTPUT)/certs/ca.crt \
$(E2E_OUTPUT)/certs/server.crt\
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
$(E2E_OUTPUT)/certs/server.crt\
$(E2E_OUTPUT)/certs/server.crt \

Makefile Outdated Show resolved Hide resolved
e2e/certs/gencerts.sh Outdated Show resolved Hide resolved
e2e/certs/gencerts.sh Outdated Show resolved Hide resolved
@YZ775
update Makefile
94e4ee8 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
@YZ775 YZ775 requested a review from masa213f November 6, 2023 07:19
@YZ775
fix actions
0ac48fe 
Signed-off-by: YZ775 <yuzuki-mimura@cybozu.co.jp>
masa213f
masa213f approved these changes Nov 7, 2023
View reviewed changes
Copy link
Contributor

@masa213f masa213f left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@YZ775 YZ775 merged commit 7b589f9 into main Nov 8, 2023
5 checks passed
@YZ775 YZ775 deleted the enable-tls branch November 8, 2023 02:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zoetrope zoetrope zoetrope approved these changes

@masa213f masa213f masa213f approved these changes

Assignees

@YZ775 YZ775

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@YZ775 @zoetrope @masa213f