Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update the CA certificate with a os environment #442

Merged
merged 2 commits into from
Apr 23, 2021
Merged

Update the CA certificate with a os environment #442

merged 2 commits into from
Apr 23, 2021

Conversation

pitakill
Copy link
Contributor

Description

The certs are going to expire, so if this is a parameter from the env, is going to be more resilient.

Link to any related issue(s):
https://jira.mongodb.org/browse/INTMDB-182

Type of change:

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update
  • Documentation fix/enhancement

Required Checklist:

  • I have signed the MongoDB CLA
  • I have read the Terraform contribution guidelines
  • I have added tests that prove my fix is effective or that my feature works per HashiCorp requirements
  • I have added any necessary documentation (if appropriate)
  • I have run make fmt and formatted my code

Further comments

The following ca.cert expires in 10 years, so maybe it works to be put in the Github Actions Secrets as an environment variable the name for that is: CA_CERT

-----BEGIN CERTIFICATE-----
MIID3DCCAsQCCQDKKcmKNr0a0DANBgkqhkiG9w0BAQsFADCBrzELMAkGA1UEBhMC
TVgxDTALBgNVBAgMBENETVgxFDASBgNVBAcMC01leGljbyBDaXR5MRYwFAYDVQQK
DA1EaWdpdGFsIE9uIFVzMRYwFAYDVQQLDA1Nb25nb2RiIEF0bGFzMRgwFgYDVQQD
DA9kaWdpdGFsb251cy5jb20xMTAvBgkqhkiG9w0BCQEWImxlb3BvbGRvLmNhYmFs
bGVyb0BkaWdpdGFsb251cy5jb20wHhcNMjEwNDIxMTgzNDI3WhcNMzEwNDE5MTgz
NDI3WjCBrzELMAkGA1UEBhMCTVgxDTALBgNVBAgMBENETVgxFDASBgNVBAcMC01l
eGljbyBDaXR5MRYwFAYDVQQKDA1EaWdpdGFsIE9uIFVzMRYwFAYDVQQLDA1Nb25n
b2RiIEF0bGFzMRgwFgYDVQQDDA9kaWdpdGFsb251cy5jb20xMTAvBgkqhkiG9w0B
CQEWImxlb3BvbGRvLmNhYmFsbGVyb0BkaWdpdGFsb251cy5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCYZ+Vxmv1ZCOJoWwqfIrbcjLtdW7Wissc
l2aKuZwe/rv5cTjCZhOnVzCgZx5obKwwhygiuZq/ngPLju1cO4c+KAXt/+2ZkGYV
ee8mBRcN16v5j3ZDFaxaWLBbhXjbEhmSPcqD+rThKxGyoO1rYm1rwRK27xLyiljt
sIa9FgPYfeo16fT9ghmofj6yE0Ueu9CWXoZ8HNeh6O3g1TP6qjf7g92HGuBXCmTG
mD6JtNfoa6RUSgVR09QQwmHtHRWIr+O4uIl5gW/m3CTBPZnx92eRUJPPcMEtz1wc
rtbXE0uEuVvyttx3HM9ZI26ETrRU8ypGfP9z3VhTJD3MA7KIT1cBAgMBAAEwDQYJ
KoZIhvcNAQELBQADggEBALgfqYfrO7TxDRq7fFW3RiM0NwQLFhQVDgzo0BbRdlNS
CTJsrYXjJgvPF0KzzCcdzNQTiEJ4JmU5LP+5BHFimu78nP/YznujLc6DU8nEo4CR
ZxIWkdd49jn9cybk+ZOz7CBxY06Brag/uR1zGgijXcYK+FxNutWiRxHSaCyNTrrD
ddAx/sg8oZ4NSJYlGzKYjnWKYqBUtHI8D/EvIISQj42Wc0xZMGzN1k1UkZQCrLZi
HJUBuTcVC902BJax74jn44bhx9M+pkeESf39u3AJgCe6iPnTzsQA8Gnscak67bCt
y0PfW1ba8mDUR3+K4SHW02OrCsH+XcCq7Gnr3vYmc9s=
-----END CERTIFICATE-----

@pitakill
Update the CA certificate with a os environment
97f74a0 
1. Why is this change necessary?
The certs are going to expire, so if this is a parameter from the env,
is going to be more resilient.

2. How does it address the issue?
These changes bring the CA certificate from an environment variable
(CA_CERT)

3. What side effects does this change have?
None, pure joy. :-)
@pitakill pitakill added the bug label Apr 22, 2021
@pitakill pitakill self-assigned this Apr 22, 2021
coderGo93
coderGo93 suggested changes Apr 22, 2021
View reviewed changes
Copy link
Contributor

@coderGo93 coderGo93 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you want to use Environment Variables for testing in github actions, you should add that variable inside of .github/workflows/automated-test-acceptances.yml in order to work @pitakill

themantissa
themantissa approved these changes Apr 22, 2021
View reviewed changes
Copy link
Collaborator

@themantissa themantissa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@pitakill
Update Github Actions variables
9d2d41f 
1. Why is this change necessary?
Github Actions needs a basic configuration on the repo to work

2. How does it address the issue?
Add the necessary info into the repo

3. What side effects does this change have?
None
@pitakill pitakill requested a review from coderGo93 April 23, 2021 00:13
@coderGo93
Copy link
Contributor

coderGo93 commented Apr 23, 2021
edited
Loading

LGTM but just before I can approve, I'd like to confirm if @themantissa has added the cert in secrets, if not, could you add the cert in secrets like suggested in further comments section, please? otherwise the automated acceptances test would fail, thank you !!

@themantissa
Copy link
Collaborator

@coderGo93 @pitakill cert added to secrets with name requested - may the tests go well!

@leofigy leofigy merged commit defbd0f into master Apr 23, 2021
@themantissa themantissa deleted the INTMDB-182 branch August 10, 2021 19:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderGo93 coderGo93 coderGo93 approved these changes

@themantissa themantissa themantissa approved these changes

@leofigy leofigy Awaiting requested review from leofigy

Assignees

@pitakill pitakill

Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@pitakill @coderGo93 @themantissa @leofigy