-
Notifications
You must be signed in to change notification settings - Fork 171
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add an update step to replace digicert with onecert #3867
Conversation
13f0c62
to
c60a2b4
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Need to add a unit test and the code path could be simplified a little here.
86b52af
to
0c37e6f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, will approve after the PR is tested in an applicable environment to ensure it behaves as expected.
/azp run |
Commenter does not have sufficient privileges for PR 3867 in repo Azure/ARO-RP |
/azp run |
Azure Pipelines successfully started running 2 pipeline(s). |
/azp run |
/azp run e2e |
Azure Pipelines successfully started running 1 pipeline(s). |
/azp run e2e |
Azure Pipelines successfully started running 1 pipeline(s). |
/azp run e2e |
Azure Pipelines successfully started running 1 pipeline(s). |
Dismissing my approval because E2E is failing with valid failures that we need to address
/azp run ci |
Azure Pipelines successfully started running 1 pipeline(s). |
/azp run ci, e2e |
Azure Pipelines successfully started running 2 pipeline(s). |
This allows upgrades to 4.16 to proceed. These upgrades were being blocked by the SHA-1 signing algorithm used by DigiCert, which is incompatible with 4.16
b6ba416
to
b5dbda1
Compare
/azp run ci,e2e |
Azure Pipelines successfully started running 2 pipeline(s). |
Which issue this PR addresses:
Fixes ARO-10309
What this PR does / why we need it:
This allows upgrades to 4.16 to proceed. These upgrades were being blocked by the SHA-1 signing algorithm used by DigiCert, which is incompatible with 4.16
Test plan for issue:
I'm not sure how to test this. It will need to be deployed somewhere with access to an affected cluster
Is there any documentation that needs to be updated for this PR?
No, it's mitigation for an incident
How do you know this will function as expected in production?
The new step is limited to affected clusters only