Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add an update step to replace digicert with onecert #3867

Merged
merged 8 commits into from
Oct 30, 2024
Merged

Conversation

yithian
Copy link
Collaborator

@yithian yithian commented Sep 27, 2024

Which issue this PR addresses:

Fixes ARO-10309

What this PR does / why we need it:

This allows upgrades to 4.16 to proceed. These upgrades were being blocked by the SHA-1 signing algorithm used by DigiCert, which is incompatible with 4.16

Test plan for issue:

I'm not sure how to test this. It will need to be deployed somewhere with access to an affected cluster

Is there any documentation that needs to be updated for this PR?

No, it's mitigation for an incident

How do you know this will function as expected in production?

The new step is limited to affected clusters only

Copy link
Collaborator

@lranjbar lranjbar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need to add a unit test and the code path could be simplified a little here.

pkg/cluster/replacedigicert.go Outdated Show resolved Hide resolved
pkg/cluster/replacedigicert.go Outdated Show resolved Hide resolved
Copy link
Collaborator

@tsatam tsatam left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, will approve after the PR is tested in an applicable environment to ensure it behaves as expected.

@lranjbar
Copy link
Collaborator

lranjbar commented Oct 1, 2024

/azp run

Copy link

Commenter does not have sufficient privileges for PR 3867 in repo Azure/ARO-RP

@yithian
Copy link
Collaborator Author

yithian commented Oct 1, 2024

/azp run

Copy link

Azure Pipelines successfully started running 2 pipeline(s).

@fahlmant
Copy link
Collaborator

fahlmant commented Oct 1, 2024

/azp run

@fahlmant
Copy link
Collaborator

/azp run e2e

Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@yithian
Copy link
Collaborator Author

yithian commented Oct 28, 2024

/azp run e2e

Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@fahlmant
Copy link
Collaborator

/azp run e2e

Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@kimorris27 kimorris27 dismissed their stale review October 29, 2024 14:49

Dismissing my approval because E2E is failing with valid failures that we need to address

@hlipsig hlipsig added ready-for-review next-release To be included in the next RP release rollout labels Oct 29, 2024
@hlipsig
Copy link
Contributor

hlipsig commented Oct 29, 2024

/azp run ci

Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@kimorris27
Copy link
Contributor

/azp run ci, e2e

Copy link

Azure Pipelines successfully started running 2 pipeline(s).

@cadenmarchese
Copy link
Collaborator

/azp run ci,e2e

Copy link

Azure Pipelines successfully started running 2 pipeline(s).

@fahlmant fahlmant merged commit cf5d4b9 into master Oct 30, 2024
20 checks passed
@yithian yithian deleted the yithian/ARO-10309 branch October 30, 2024 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
next-release To be included in the next RP release rollout ready-for-review
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants