Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Introduce global OCIS_TLS_ROOT_CA_CERTIFICATE #5902

Closed
mmattel opened this issue Mar 22, 2023 · 2 comments · Fixed by #6392
Closed

Introduce global OCIS_TLS_ROOT_CA_CERTIFICATE #5902

mmattel opened this issue Mar 22, 2023 · 2 comments · Fixed by #6392
Assignees
@kobergj
Labels
Priority:p3-medium Normal priority

Comments

@mmattel
Copy link
Contributor

mmattel commented Mar 22, 2023
edited
Loading

When running the below grep commands in the service folder, the following services get listed using a xxx_ROOT_CA_CERTIFICATE, a xxx_EVENTS_TLS_INSECURE and a xxx_EVENTS_ENABLE_TLS setting.

Though xxx_EVENTS_TLS_INSECURE does have OCIS_INSECURE as global option,
same with xxx_EVENTS_TLS_INSECURE which has OCIS_EVENTS_ENABLE_TLS,
xxx_ROOT_CA_CERTIFICATE do not have a global option.

Proposal

For ease of configuration of the xxx_ROOT_CA_CERTIFICATE, we should add a global envvar like:
OCIS_TLS_ROOT_CA_CERTIFICATE

grep -rl _ROOT_CA_CERTIFICATE

postprocessing/pkg/config/config.go
notifications/pkg/config/config.go
storage-users/pkg/config/config.go
eventhistory/pkg/config/config.go
graph/pkg/config/config.go
policies/pkg/config/config.go
sharing/pkg/config/config.go
search/pkg/config/search.go
userlog/pkg/config/config.go
audit/pkg/config/config.go
antivirus/pkg/config/config.go

grep -rl _EVENTS_TLS_INSECURE (all those envvars have OCIS_INSECURE as global option)

postprocessing/pkg/config/config.go
notifications/pkg/config/config.go
storage-users/pkg/config/config.go
eventhistory/pkg/config/config.go
graph/pkg/config/config.go
policies/pkg/config/config.go
sharing/pkg/config/config.go
search/pkg/config/search.go
userlog/pkg/config/config.go
audit/pkg/config/config.go
antivirus/pkg/config/config.go

grep -rl _EVENTS_ENABLE_TLS (all those envvars have OCIS_EVENTS_ENABLE_TLS as global option)

postprocessing/pkg/config/config.go
notifications/pkg/config/config.go
storage-users/pkg/config/config.go
eventhistory/pkg/config/config.go
graph/pkg/config/config.go
policies/pkg/config/config.go
sharing/pkg/config/config.go
search/pkg/config/search.go
userlog/pkg/config/config.go
audit/pkg/config/config.go
nats/README.md
nats/pkg/config/config.go
antivirus/pkg/config/config.go

Note that before creating a PR, rerun the grep commands to list all services affected because new services may have been introduced in the meanwhile.

@butonic @micbar @kobergj
@mmattel mmattel changed the title Introduce global OCIS__ROOT_CA_CERTIFICATE and OCIS_EVENTS_TLS_INSECURE Introduce global OCIS__ROOT_CA_CERTIFICATE Mar 22, 2023
@mmattel mmattel mentioned this issue Mar 22, 2023
Closed
@mmattel mmattel changed the title Introduce global OCIS__ROOT_CA_CERTIFICATE Introduce global OCIS_ROOT_CA_CERTIFICATE Mar 22, 2023
@stale
Copy link

stale bot commented May 21, 2023

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 10 days if no further activity occurs. Thank you for your contributions.

@stale stale bot added the Status:Stale label May 21, 2023
@mmattel
Copy link
Contributor Author

mmattel commented May 21, 2023

dont close

@stale stale bot removed the Status:Stale label May 21, 2023
@mmattel mmattel changed the title Introduce global OCIS_ROOT_CA_CERTIFICATE Introduce global OCIS_TLS_ROOT_CA_CERTIFICATE May 25, 2023
@kobergj kobergj self-assigned this May 25, 2023
@kobergj kobergj moved this from Qualification to In progress in Infinite Scale Team Board May 25, 2023
@kobergj kobergj added the Priority:p3-medium Normal priority label May 25, 2023
@kobergj kobergj mentioned this issue May 25, 2023
Merged
@github-project-automation github-project-automation bot moved this from In progress to Done in Infinite Scale Team Board May 25, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kobergj kobergj

Labels
Priority:p3-medium Normal priority
Projects
Infinite Scale Team Board
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Unify CACERT envvars kobergj/ocis
2 participants
@mmattel @kobergj