-
Notifications
You must be signed in to change notification settings - Fork 511
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update test cert generation script for postgresql #1163
Update test cert generation script for postgresql #1163
Conversation
Signed-off-by: Ashwini Oruganti <ashwini.oruganti@gmail.com>
This addresses @cyli's comment from #1160 (comment) |
fixtures/regenerateTestingCerts.sh
Outdated
|
||
# Postgresql keys for testing server/client auth | ||
|
||
# TODO: test if cfssl is installed, if not, cleanly exit with a message |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've used something like this before:
command -v cfssljson >/dev/null 2>&1 || {
echo >&2 "Installing cfssl tools"; go get -u github.com/cloudflare/cfssl/cmd/...;
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you kindly. Will update! :)
Signed-off-by: Ashwini Oruganti <ashwini.oruganti@gmail.com>
Thanks for working on this! LGTM with the caveat that we might want to create the dir |
Nope that works for me! |
jenkins, test this please |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
code LGTM pending green on jenkins tests, and also we should open an issue to migrate the other cert generation bits in regnerateTestingCerts.sh
to also use cfssl - it's a little odd to only use cfssl for certain certs and openssl for others
There were no previous changes to that file, and seem to be no conflicts, so merging anyway :) Thanks @ashfall! |
This can be used to regenerate testing certs for postgres db connections.
Depends on #1160