Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add new APT and RPM signing keys #890

Merged
merged 7 commits into from
Jun 29, 2023
Merged

Add new APT and RPM signing keys #890

merged 7 commits into from
Jun 29, 2023

Conversation

chouetz
Copy link
Member

@chouetz chouetz commented May 30, 2023
edited
Loading

What does this PR do?

Addition of the new key for signing rotation process

Motivation

Regular signing key rotation process

Additional Notes

Possible Drawbacks / Trade-offs

Describe how to test/QA your changes

Install the agent packages pushed on trial repository

Reviewer's Checklist

@chouetz chouetz requested a review from a team as a code owner May 30, 2023 12:36
@chouetz chouetz added this to the Triage milestone May 30, 2023
@chouetz chouetz added hold/no-merge dependencies Pull requests that update a dependency file labels May 30, 2023
@chouetz chouetz changed the title Upgrade to new signing keys [AP-2102] Upgrade to new signing keys Jun 9, 2023
KevinFairise2
KevinFairise2 approved these changes Jun 14, 2023
View reviewed changes
Copy link
Member

@KevinFairise2 KevinFairise2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just leave a small question, otherwise looks good to me!

spec/repository_spec.rb
@@ -42,13 +44,55 @@

expect(chef_run.remote_file('remote_file_DATADOG_APT_KEY_CURRENT.public')).to notify(
'execute[import apt datadog key DATADOG_APT_KEY_CURRENT.public]').to(:run).immediately
expect(chef_run.remote_file('remote_file_5F1E256061D813B125E156E8E6266D4AC0962C7D')).to notify(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just out of curiosity, shouldn't the new key become the current key ? Or we must wait before switching ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It will become the current key when we actually start using it (we're not using it yet).

@chouetz chouetz requested a review from bkabrda June 19, 2023 08:23
bkabrda
bkabrda reviewed Jun 20, 2023
View reviewed changes
recipes/repository.rb Outdated Show resolved Hide resolved
bkabrda
bkabrda reviewed Jun 20, 2023
View reviewed changes
spec/repository_spec.rb Outdated Show resolved Hide resolved
@chouetz chouetz changed the title [AP-2102] Upgrade to new signing keys Add new APT and RPM signing keys Jun 29, 2023
@chouetz chouetz merged commit 5d01e11 into main Jun 29, 2023
@chouetz chouetz deleted the nschweitzer/signing branch June 29, 2023 08:17
@chouetz chouetz mentioned this pull request Jul 4, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bkabrda bkabrda bkabrda approved these changes

@KevinFairise2 KevinFairise2 KevinFairise2 approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file hold/no-merge
Projects
None yet
Milestone
Triage
Development

Successfully merging this pull request may close these issues.
3 participants
@chouetz @bkabrda @KevinFairise2