Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v17] Workload Identity Revocations Signing (#52353) #52503

Merged
merged 2 commits into from
Feb 27, 2025
Merged

[v17] Workload Identity Revocations Signing (#52353) #52503

merged 2 commits into from
Feb 27, 2025

Conversation

strideynet
Copy link
Contributor

Backports #52353

changelog: Added support for X509 revocations to Workload Identity.

@strideynet @boxofrad
Workload Identity Revocations Signing (#52353)
79d7e63 
* Add initial implementation of CRL signing

* Clarify

* Add basic support for streaming signed CRL to `tctl`

* Add log messages

* Start adding CRL support to tbot

* Wire in CRL support to workload-identity-x509

* Wire up crlCache to dependent services

* Fix missing cluster name injectiont

* Run the background goroutine

* FIx notification mechanism

* Add CRL assertions to TestBotWorkloadIdentityX509

* Add appropriate backoff to RevocationService

* Start work on TestRevocationService_CRL

* Change comparison in test

* Finish TestRevocationService_CRL

* Add CRL assertion to TestBotWorkloadIdentityAPI

* Fix linter complaint

* Update lib/tbot/service_workload_identity_api_test.go

Co-authored-by: Dan Upton <daniel.upton@goteleport.com>

* Update lib/tbot/service_workload_identity_api_test.go

Co-authored-by: Dan Upton <daniel.upton@goteleport.com>

* Rename KeyStorer

* Trigger CRL signing every ten minutes

* ADd SVIDCRLPemPath to Describe

---------

Co-authored-by: Dan Upton <daniel.upton@goteleport.com>
@github-actions github-actions bot added backport machine-id size/lg tctl tctl - Teleport admin tool labels Feb 26, 2025
@public-teleport-github-review-bot public-teleport-github-review-bot bot removed the request for review from timothyb89 February 27, 2025 09:53
@strideynet strideynet added this pull request to the merge queue Feb 27, 2025
Merged via the queue into branch/v17 with commit 62bf8cc Feb 27, 2025
39 checks passed
@strideynet strideynet deleted the strideynet/v17/backport-#52353 branch February 27, 2025 10:15
@BrewTestBot BrewTestBot mentioned this pull request Feb 28, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@boxofrad boxofrad boxofrad approved these changes

@marcoandredinis marcoandredinis marcoandredinis approved these changes

@ryanclark ryanclark ryanclark approved these changes

Assignees
No one assigned
Labels
backport machine-id size/lg tctl tctl - Teleport admin tool
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@strideynet @boxofrad @marcoandredinis @ryanclark