Uploaded image for project: 'Puppet Server'
  1. Puppet Server
  2. SERVER-1933

Copy cacrl to hostcrl file immediately after cacrl file changes - Server 5.x

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: SERVER 5.1.0
    • Component/s: None
    • Labels:
      None
    • Release Notes:
      Not Needed
    • Release Notes Summary:
      Release notes included in the repo
    • QA Risk Assessment:
      Manual

      Description

      This Ticket is to track work targeted at Server 5.x

      When certificate revocation actions are performed on the server, the file corresponding to the Puppet cacrl file is updated. During CA service initialization at the next service startup, there is some logic which copies the cacrl file to the file corresponding to the hostcrl setting.

      In Scope

      • Update clj-parent dependency to get new version of tk-fs-watcher, tk-jetty9
      • Ensure server 2.x has been merged up to master, but no CRL-related change are taken
      • Following the logic in server 2.x, watch the crl for changes in order to determine when to copy the content of the cacrl file to the file at the hostcrl setting
      • Include the code that only performs this logic if the tk-fs-watcher service is present
      • Add the tk-fs-watcher service to the bootstrap config so that it is enabled by default (unlike 2.x where it is disabled by default)

        Attachments

          Issue Links

            Activity

              jsd-sla-details-panel

                People

                • Assignee:
                  eric.delaney Eric Delaney
                  Reporter:
                  moses Moses Mendoza
                  QA Contact:
                  Eric Delaney
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: