Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix quickstart dns sans #2485

Merged
merged 3 commits into from
Oct 17, 2024
Merged

fix quickstart dns sans #2485

merged 3 commits into from
Oct 17, 2024

Conversation

qrkourier
Copy link
Member

No description provided.

@qrkourier qrkourier requested review from a team as code owners October 15, 2024 16:23
@qrkourier qrkourier changed the title test quickstart earlier to catch breaking changes in ziti fix quickstart dns sans Oct 15, 2024
@qrkourier qrkourier requested a review from dovholuknf October 15, 2024 21:22
qrkourier
qrkourier commented Oct 15, 2024
View reviewed changes
.github/workflows/test-quickstart.yml
pull_request:
paths:
- 'quickstart/**'
branches:
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

stop waiting for quickstart files to change so this runs earlier in the ziti life cycle

quickstart/docker/image/run-router.sh
@@ -1,5 +1,9 @@
#!/bin/bash

set -o errexit
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

raise uncaught exceptions

quickstart/docker/image/run-router.sh
@@ -32,6 +36,9 @@ if [[ "${_ZITI_ROUTER_NAME}" != "" ]]; then
fi

_CONFIG_PATH="${ZITI_HOME}/${ZITI_ROUTER_NAME}.yaml"
# Set an error trap to move _CONFIG_PATH when it's unsafe to assume enrollment succeeded
trap '[[ -f "${_CONFIG_PATH}" ]] && mv "${_CONFIG_PATH}" "${_CONFIG_PATH}.err"' ERR
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

make the script more resilient against bad state problems resulting from an incomplete run

quickstart/docker/image/run-router.sh
@@ -55,8 +62,8 @@ if [ ! -f "${_CONFIG_PATH}" ]; then
createPrivateRouterConfig "${ZITI_ROUTER_NAME}"
fi

found=$("${ZITI_BIN_DIR-}/ziti" edge list edge-routers 'name = "'"${ZITI_ROUTER_NAME}"'"' | grep -c "${ZITI_ROUTER_NAME}")
if [[ found -gt 0 ]]; then
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[[ found -gt 0 ]] is always false

quickstart/docker/image/ziti-cli-functions.sh
@@ -784,17 +784,18 @@ function createPki {
_pki_create_intermediate "${ZITI_GRANDPARENT_INTERMEDIATE}" "${ZITI_PKI_SIGNER_INTERMEDIATE_NAME}" 1

echo " "
pki_allow_list="localhost,${ZITI_NETWORK}"
ctrl_pki_allow_list="localhost,${ZITI_NETWORK}"
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

keep ctrl and edge DNS SANs separate

@qrkourier qrkourier merged commit 10d3962 into main Oct 17, 2024
37 checks passed
@qrkourier qrkourier deleted the test-quickstart-earlier branch October 17, 2024 16:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dovholuknf dovholuknf dovholuknf approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@qrkourier @dovholuknf