Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(security): implement secrets-config proxy tls #2930

Merged
merged 5 commits into from
Dec 10, 2020
Merged

feat(security): implement secrets-config proxy tls #2930

merged 5 commits into from
Dec 10, 2020

Commits on Dec 8, 2020

  1. feat(security): implement secrets-config proxy tls 

    Add implementation for secrets-config: proxy tls subcommand
It uploads the user-provided Kong TLS certificate/key pair to proxy server.

Closes: edgexfoundry#2866
Signed-off-by: Jim Wang <yutsung.jim.wang@intel.com>
    @jim-wang-intel
    jim-wang-intel committed Dec 8, 2020
    Configuration menu
    Copy the full SHA
    dd9eef3 View commit details
    Browse the repository at this point in the history

  2. feat(security): Implement secrets-configure proxy tls 

    Add SNIS association with the user specified certificates.
Also addressed PR feedback.

Signed-off-by: Jim Wang <yutsung.jim.wang@intel.com>
    @jim-wang-intel
    jim-wang-intel committed Dec 8, 2020
    Configuration menu
    Copy the full SHA
    aab1748 View commit details
    Browse the repository at this point in the history

  3. docs(security): Update the secrets-config README 

    Add user's guide documentation for a new optional argument of proxy tls subcommand: --snis [list of names in comma separated]

Signed-off-by: Jim Wang <yutsung.jim.wang@intel.com>
    @jim-wang-intel
    jim-wang-intel committed Dec 8, 2020
    Configuration menu
    Copy the full SHA
    0f33407 View commit details
    Browse the repository at this point in the history

Commits on Dec 9, 2020

  1. feat(security): Change the list certificates algorithm 

    With Bryon's suggestion not using /certificates API, now it changes to /snis and only deletes those certificates associated with the snis names,
including the buitlin ones.

Signed-off-by: Jim Wang <yutsung.jim.wang@intel.com>
    @jim-wang-intel
    jim-wang-intel committed Dec 9, 2020
    Configuration menu
    Copy the full SHA
    35953d6 View commit details
    Browse the repository at this point in the history

  2. refactor(security): Use user-defined structs for json unmarshal 

    User-defined structs defined locally and are used to do json unmarshal so that only decoding once
Addressed per Lenny's request for changes.

Signed-off-by: Jim Wang <yutsung.jim.wang@intel.com>
    @jim-wang-intel
    jim-wang-intel committed Dec 9, 2020
    Configuration menu
    Copy the full SHA
    a41decd View commit details
    Browse the repository at this point in the history