{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":82218569,"defaultBranch":"master","name":"pki","ownerLogin":"dogtagpki","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2017-02-16T19:36:36.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/25308299?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1713607623.0","currentOid":""},"activityList":{"items":[{"before":"b603eace1c8dcd09d61d26dbba61cf227ca321d5","after":"90154c7737e28be7e39a5e7d27563f0417a4f66e","ref":"refs/heads/master","pushedAt":"2024-05-29T11:18:20.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"fmarco76","name":"Marco Fargetta","path":"/fmarco76","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7560027?s=80&v=4"},"commit":{"message":"Fix filter for lastSerial in KeyRepository and tidyup\n\nThe filter can be simplified removing the first condition in the and\n('&') since it always true for all the records.\n\nAdditionally, some tidyup fixing log format, array designators and other\nminor improvements.","shortMessageHtmlLink":"Fix filter for lastSerial in KeyRepository and tidyup"}},{"before":"dd5cc935914ebef304d36a5b123102d2c340d16f","after":"b603eace1c8dcd09d61d26dbba61cf227ca321d5","ref":"refs/heads/master","pushedAt":"2024-05-29T08:30:30.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"fmarco76","name":"Marco Fargetta","path":"/fmarco76","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7560027?s=80&v=4"},"commit":{"message":"Tidyup HashEnrollServlet\n\nFixed the following sonar identified problems:\n- removed some variable not used\n- merged catch exceptions\n- Replaced StringBuffer with StringBuilder\n- Modify the logs to use string format instead of concatenation","shortMessageHtmlLink":"Tidyup HashEnrollServlet"}},{"before":"ea072a02b12f4856db6baf2644f9b802e73f6b15","after":"dd5cc935914ebef304d36a5b123102d2c340d16f","ref":"refs/heads/master","pushedAt":"2024-05-28T19:33:47.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Update PKI server container\n\nThe PKI server container (which is the base for all PKI\nsubsystem containers) has been updated to install the ROOT\nwebapp (which provides Web UI files) and PKI webapp (which\nprovides common PKI services), and store the default config\nfiles.\n\nThe startup script has been modified to install the default\nconfig files if it doesn't exist already, use PKI NSS CLI\ninstead of certutil to prepare the certs, and run the server\nas pkiuser in Docker/Podman so that the log files will be\nowned by pkiuser as well.\n\nThe test has been updated to check the files created by the\ncontainer and to verify that the container can be restarted\nsuccessfully.","shortMessageHtmlLink":"Update PKI server container"}},{"before":"d2aa5d552e8b31084fe2cd0abefd44a8880da0b9","after":"ea072a02b12f4856db6baf2644f9b802e73f6b15","ref":"refs/heads/master","pushedAt":"2024-05-28T16:17:42.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"fmarco76","name":"Marco Fargetta","path":"/fmarco76","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7560027?s=80&v=4"},"commit":{"message":"Fix CA with secure ds CI failure\n\nDS container uses pki-runner image when configured with a certificate and\nthis has to be specified with the start script otherwise the startup take\nin account the steps for quay.io ds image which is differently configured.","shortMessageHtmlLink":"Fix CA with secure ds CI failure"}},{"before":"cbf3856e2c463478723fc36987427b6239c6920f","after":"d2aa5d552e8b31084fe2cd0abefd44a8880da0b9","ref":"refs/heads/master","pushedAt":"2024-05-27T14:37:05.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fmarco76","name":"Marco Fargetta","path":"/fmarco76","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7560027?s=80&v=4"},"commit":{"message":"Fix CI ansible tests\n\nThere is an incompatibility with latest requests package on ubuntu with\nansible docker so older version is required.\n\nAn example of error is https://github.com/dogtagpki/pki/actions/runs/9215527346/job/25354301193\n\nFor details, see https://github.com/docker/docker-py/issues/3256","shortMessageHtmlLink":"Fix CI ansible tests"}},{"before":"685264b3bf0ef160f9b97e0aca965bcfcaabf003","after":"cbf3856e2c463478723fc36987427b6239c6920f","ref":"refs/heads/master","pushedAt":"2024-05-23T22:11:22.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Add options for ds-container-create.sh\n\nThe ds-container-create.sh has been modified to provide options\nto specify the container image, hostname, network params, and\nthe Directory Manager password.","shortMessageHtmlLink":"Add options for ds-container-create.sh"}},{"before":"ff4b874aa1211989b71b71c5c99e5423511604d0","after":"a7f806fbf30aeb4f1c40469b37af1426da2fbf8c","ref":"refs/heads/DOGTAG_10_5_BRANCH","pushedAt":"2024-05-23T18:43:15.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"jmagne","name":null,"path":"/jmagne","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25108658?s=80&v=4"},"commit":{"message":"Fix: Bug 2233158 - Make key wrapping algorithm configurable between AES-KWP and AES-CBC [RHCS 9.7.z]. (#4753)\n\nThe aes key wrapping alg was not being passed along correctly in TokenKeyRecoveryServlet class.\r\n\r\nAlso slightly modify the code that determines the default card manager aid to allow tpsclient, our scp01 virtual tester, to continue to function. The tpsclient only returns 9000 for success instead of the aid in question.","shortMessageHtmlLink":"Fix: Bug 2233158 - Make key wrapping algorithm configurable between A…"}},{"before":"392e32dfb27ac7ee82591f7366ed7a8de5ae2cf2","after":"685264b3bf0ef160f9b97e0aca965bcfcaabf003","ref":"refs/heads/master","pushedAt":"2024-05-23T13:13:36.000Z","pushType":"pr_merge","commitsCount":5,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Add OCSP container\n\nThe Dockerfile has been updated to define a new OCSP container.\n\nA new test has been added to create CA and OCSP containers, then\nverify CRL publishing and revocation checking.","shortMessageHtmlLink":"Add OCSP container"}},{"before":"7f0647856bc839b66ca8b3931acb5cbd52c6e7e3","after":"392e32dfb27ac7ee82591f7366ed7a8de5ae2cf2","ref":"refs/heads/master","pushedAt":"2024-05-22T14:30:09.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Restore pki_instance_configuration_path param\n\nIn PKI 11.5 the pki_instance_configuration_path param was\nremoved since it's meant to be used only internally and\nhas been redefined somewhere else. However, since the param\nis actually used by IPA to support containers it has been\nrestored as an alternative to pkispawn --conf option.","shortMessageHtmlLink":"Restore pki_instance_configuration_path param"}},{"before":"0967aec58ad1ce4fedc0ffef2fb4fc305682cd1a","after":"1a78063221b3ba163bea16fe2b676ebf6c44c61e","ref":"refs/heads/v10.13","pushedAt":"2024-05-22T08:32:55.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fmarco76","name":"Marco Fargetta","path":"/fmarco76","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7560027?s=80&v=4"},"commit":{"message":"Fix mispelled \"extension\" word","shortMessageHtmlLink":"Fix mispelled \"extension\" word"}},{"before":"d6650be505ca2085845ec3df1466f3850e3f6838","after":"bb3bcdd0c73054ba6f58735a93c7deac5d89f367","ref":"refs/heads/v11.5","pushedAt":"2024-05-22T08:29:33.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fmarco76","name":"Marco Fargetta","path":"/fmarco76","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7560027?s=80&v=4"},"commit":{"message":"Fix mispelled \"extension\" word","shortMessageHtmlLink":"Fix mispelled \"extension\" word"}},{"before":"c1ab70cf4b890672895e6627070e4a055d79950c","after":"7f0647856bc839b66ca8b3931acb5cbd52c6e7e3","ref":"refs/heads/master","pushedAt":"2024-05-22T08:28:04.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fmarco76","name":"Marco Fargetta","path":"/fmarco76","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7560027?s=80&v=4"},"commit":{"message":"Fix mispelled \"extension\" word","shortMessageHtmlLink":"Fix mispelled \"extension\" word"}},{"before":"998681cb4626cf47b84b5cfaebc2b4fa9c275360","after":"c1ab70cf4b890672895e6627070e4a055d79950c","ref":"refs/heads/master","pushedAt":"2024-05-21T22:34:04.000Z","pushType":"push","commitsCount":8,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Remove unused preop.cert.rsalist","shortMessageHtmlLink":"Remove unused preop.cert.rsalist"}},{"before":"12aa62df74becf0882d101803ff8c5e6535deea9","after":"998681cb4626cf47b84b5cfaebc2b4fa9c275360","ref":"refs/heads/master","pushedAt":"2024-05-21T13:23:14.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Update CA container\n\nThe CA container has been modified to extend pki-server\ninstead of pki-runner such that it will be more consistent\nwith the ACME container.\n\nThe CA container has also been modified to store the default\nconfig files created during the build. If the container is\nstarted with an empty data folder the default config files\nwill be installed automatically.","shortMessageHtmlLink":"Update CA container"}},{"before":"b5a792d44eae3188996f8e975036f10f146141a9","after":"12aa62df74becf0882d101803ff8c5e6535deea9","ref":"refs/heads/master","pushedAt":"2024-05-21T04:29:08.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Clean up log messages","shortMessageHtmlLink":"Clean up log messages"}},{"before":"7a4103ceb787f1f0cba0ddf47dafec140ee5742d","after":"b5a792d44eae3188996f8e975036f10f146141a9","ref":"refs/heads/master","pushedAt":"2024-05-20T14:25:04.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Update ACME container instance\n\nThe ACME container has been updated to use the default\ninstance (i.e. pki-tomcat) instead of tomcat@pki which will\nbe more consistent with the CA container and will make it\neasier to migrate from a regular deployment.","shortMessageHtmlLink":"Update ACME container instance"}},{"before":"bbe6472dc07ed28625e385aaac73d86723375038","after":"7a4103ceb787f1f0cba0ddf47dafec140ee5742d","ref":"refs/heads/master","pushedAt":"2024-05-17T19:29:50.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Merge PKIDeployer.retrieve_cert_chain()\n\nThe PKIDeployer.retrieve_cert_chain() has been merged into\nimport_cert_chain() such that the cert chain will only be\nimported once, either from file, issuing CA, or master CA.","shortMessageHtmlLink":"Merge PKIDeployer.retrieve_cert_chain()"}},{"before":"d94d356b6bbd05d105f4b52028c1e81c0aac4a8b","after":"bbe6472dc07ed28625e385aaac73d86723375038","ref":"refs/heads/master","pushedAt":"2024-05-17T18:34:53.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Update PKIDeployer.finalize_ocsp()\n\nThe PKIDeployer.finalize_ocsp() has been updated to get the\nCA signing PKCS #7 from the OCSP signing PKCS #7 which is\nalready available locally instead of from preop.cert.pkcs7\nwhich has to be retrieved from the issuing/master CA.","shortMessageHtmlLink":"Update PKIDeployer.finalize_ocsp()"}},{"before":"57cbac9c41a44ecd4d3617b78383a18dd5fdcc63","after":"ff4b874aa1211989b71b71c5c99e5423511604d0","ref":"refs/heads/DOGTAG_10_5_BRANCH","pushedAt":"2024-05-17T17:10:38.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"jmagne","name":null,"path":"/jmagne","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25108658?s=80&v=4"},"commit":{"message":"Fix issue when the AES shared secret can't be imported automatically during TPS pkispawn operation. (#4747)\n\nAn issue was discovered in the HSM / FIPS case because the code uses the private key of the subsystem cert which can reside on the hsm token. The shared secret right now only supports the internal token.\r\n\r\nBug 2280722 - Shared token is not generated for TPS and TKS during install despite adding pki_import_shared_secret=True param at install [RHCS 9.7.z].\r\nReview comments.","shortMessageHtmlLink":"Fix issue when the AES shared secret can't be imported automatically …"}},{"before":"82ac3f58cbe9f4f50223710c8b14cf27a93a381a","after":"d94d356b6bbd05d105f4b52028c1e81c0aac4a8b","ref":"refs/heads/master","pushedAt":"2024-05-17T04:56:46.000Z","pushType":"push","commitsCount":6,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Clean up CA container test (part 2)\n\nThe CA container test has been updated to create the shared\nfolders earlier.","shortMessageHtmlLink":"Clean up CA container test (part 2)"}},{"before":"b83487a7afeea08ee3907c2453be0977e023fbe3","after":"82ac3f58cbe9f4f50223710c8b14cf27a93a381a","ref":"refs/heads/master","pushedAt":"2024-05-17T00:52:29.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Remove unused preop.cert.<tag>.signingalgorithm","shortMessageHtmlLink":"Remove unused preop.cert.&lt;tag&gt;.signingalgorithm"}},{"before":"bf893a29d8ed37ee2eac3b1f3586fc41e9207f29","after":"b83487a7afeea08ee3907c2453be0977e023fbe3","ref":"refs/heads/master","pushedAt":"2024-05-16T22:52:09.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Update pki pkcs7-cert-import\n\nThe pki pkcs7-cert-import has been updated to accept certs\nspecified via standard input.","shortMessageHtmlLink":"Update pki pkcs7-cert-import"}},{"before":"0f7647f93cc2765f3f6c133a98d5b25be2aa5820","after":"bf893a29d8ed37ee2eac3b1f3586fc41e9207f29","ref":"refs/heads/master","pushedAt":"2024-05-16T17:42:15.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Remove unused preop.cert.<tag>.nickname","shortMessageHtmlLink":"Remove unused preop.cert.&lt;tag&gt;.nickname"}},{"before":"09ea4f774dce91b3f4dfd678e0d1b30d4a502bdc","after":"0f7647f93cc2765f3f6c133a98d5b25be2aa5820","ref":"refs/heads/master","pushedAt":"2024-05-15T15:13:04.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Remove cs.type param\n\nThe cs.type param has been removed from CS.cfg since subsystem\ntype is not actually changeable and this param might introduce\nconfiguration issues.\n\nThe code that uses the subsystem type has been modified to call\nCMSEngine.getName() (for uppercase subsystem type) and getID()\nfor (for lower case subsystem type) instead.\n\nThe PKISubsystem.create_conf() has been modified to no longer\nadd the param if it's missing. The load() has also been updated\nto no longer read the param.\n\nThe upgrade script has been modified to remove the param from\nexisting instances.","shortMessageHtmlLink":"Remove cs.type param"}},{"before":"ad8602b9ad9b82fee1b5c2a653414d9091946b36","after":"09ea4f774dce91b3f4dfd678e0d1b30d4a502bdc","ref":"refs/heads/master","pushedAt":"2024-05-14T23:14:47.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Update PKIDeployer.retrieve_cert_chain()\n\nThe code that retrieves the cert chain from CA has been moved\ninto PKIDeployer.retrieve_cert_chain().","shortMessageHtmlLink":"Update PKIDeployer.retrieve_cert_chain()"}},{"before":"326be43d1967506b30f2be960df9429618b388ef","after":"ad8602b9ad9b82fee1b5c2a653414d9091946b36","ref":"refs/heads/master","pushedAt":"2024-05-14T18:06:02.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Add PKIDeployer.get_cert_type()\n\nThe code that determines the types of system certs has been\nconsolidated into PKIDeployer.get_cert_type().","shortMessageHtmlLink":"Add PKIDeployer.get_cert_type()"}},{"before":"8eb98e9f71fe14b9ed891934469c4765a3fabb82","after":"326be43d1967506b30f2be960df9429618b388ef","ref":"refs/heads/master","pushedAt":"2024-05-14T15:54:18.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Drop pki-server-upgrade\n\nThe pki-server-upgrade was deprecated in PKI 10.7.1 so now it\nhas been removed.","shortMessageHtmlLink":"Drop pki-server-upgrade"}},{"before":"b70f51c066bfb2acead6609a7bc34afb49e0e848","after":"8eb98e9f71fe14b9ed891934469c4765a3fabb82","ref":"refs/heads/master","pushedAt":"2024-05-14T15:27:14.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"edewata","name":"Endi S. Dewata","path":"/edewata","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/25089672?s=80&v=4"},"commit":{"message":"Remove unconfigurable instanceId param\n\nThe instanceId param has been removed from CS.cfg since it's\nnot actually changeable and also to prevent misconfiguration.\n\nThe code that uses the instance ID has been modified to call\nCMS.getInstanceID() instead which gets it from the instance\ndir (which comes from catalina.base property). Due to class\nloading issue the NuxwdogPasswordStore class cannot call this\nmethod so it has to get it directly from the catalina.base\nproperty.\n\nThe PKISubsystem.create_conf() has been modified to no longer\nadd the param if it's missing.\n\nThe upgrade script has been modified to remove the param from\nexisting instances.","shortMessageHtmlLink":"Remove unconfigurable instanceId param"}},{"before":"64406c323b9e44ed42ced6440352df15b671f238","after":"b70f51c066bfb2acead6609a7bc34afb49e0e848","ref":"refs/heads/master","pushedAt":"2024-05-14T11:03:07.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fmarco76","name":"Marco Fargetta","path":"/fmarco76","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7560027?s=80&v=4"},"commit":{"message":"Fix log message in RecordPagedList","shortMessageHtmlLink":"Fix log message in RecordPagedList"}},{"before":"4b91181f86ecd369e7d3e4f4ebcdb967b197552c","after":"64406c323b9e44ed42ced6440352df15b671f238","ref":"refs/heads/master","pushedAt":"2024-05-14T09:15:03.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"fmarco76","name":"Marco Fargetta","path":"/fmarco76","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/7560027?s=80&v=4"},"commit":{"message":"Update DS container to dirsrv for OCSP ansible test\n\nOCSP ansible test was the only one configured to use DS deployed in a\n`pki-runner` container while all the other tests are currently using\n`dirsrv` container from quay.io.\n\nSince recently DS has problem to work from pki-runner container the test\nhas been update to dirsrv container.","shortMessageHtmlLink":"Update DS container to dirsrv for OCSP ansible test"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEVtovgQA","startCursor":null,"endCursor":null}},"title":"Activity · dogtagpki/pki"}