New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
server+runtime: add cert refreshing #4107
server+runtime: add cert refreshing #4107
Commits on Dec 9, 2021
-
server: spin out
s.cert
intos.getCertificate()
Signed-off-by: Stephan Renatus <stephan.renatus@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for cdafbe6 - Browse repository at this point
Copy the full SHA cdafbe6View commit details -
server+runtime: record cert file paths, use atommic.Value
Signed-off-by: Stephan Renatus <stephan.renatus@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 49b30aa - Browse repository at this point
Copy the full SHA 49b30aaView commit details -
server: wire up cert refresh loop w/ configurable period
Signed-off-by: Stephan Renatus <stephan.renatus@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 5fcef66 - Browse repository at this point
Copy the full SHA 5fcef66View commit details -
test/e2e: add certrefresh test
Signed-off-by: Stephan Renatus <stephan.renatus@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for aa6dbf2 - Browse repository at this point
Copy the full SHA aa6dbf2View commit details -
test/e2e/tls: add params that would be there when called through cmd/…
…run.go Signed-off-by: Stephan Renatus <stephan.renatus@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 28ae06f - Browse repository at this point
Copy the full SHA 28ae06fView commit details -
server: track shasums of cert and key file for cert refresh
Signed-off-by: Stephan Renatus <stephan.renatus@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for e3b425b - Browse repository at this point
Copy the full SHA e3b425bView commit details -
cmd/run: add cert-refresh opt-in arg, and cleanup args
With two flags, one for enable/disable and one for the period of refreshes, we can avoid overloading the period flag with something like "0" disables. There's no need to use the VarP etc variants if the flag has no shorthand. So, cleaned up a few of those. Signed-off-by: Stephan Renatus <stephan.renatus@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 75ac802 - Browse repository at this point
Copy the full SHA 75ac802View commit details -
docs/security: mention new flags, use info box for curl note
Signed-off-by: Stephan Renatus <stephan.renatus@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 6a8d482 - Browse repository at this point
Copy the full SHA 6a8d482View commit details