Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add multi-issuer support to PKI Intermediate resources #1865

Merged
merged 24 commits into from
May 31, 2023
Merged

Add multi-issuer support to PKI Intermediate resources #1865

merged 24 commits into from
May 31, 2023

Conversation

vinay-gopalan
Copy link
Contributor

This PR adds multi-issuer support to the PKI intermediate and sign resources.

Main changes:

  • Updates Generate Intermediate to write/read key material
  • Updates Root Sign Intermediate resource to support issuer_ref
  • Updates PKI Sign and Cert resource to support issuer_ref

Additional changes:

  • Updates PKI resources w/ constants and modern format

Tests and documentation included

@vinay-gopalan
add new PKI Key resource
a36eacc
@vinay-gopalan
add documentation
d67f277
@vinay-gopalan
add tests to ensure keys are properly generated and destroyed
55b3045
@vinay-gopalan
add update method to correctly patch key name and update tests
ad7de0f
@vinay-gopalan
update docs with exported fields
2e850d3
@vinay-gopalan
fix default field behavior
6c04073
@vinay-gopalan
add sidebar content
9d62522
@vinay-gopalan
update root cert resource with constants and updated SDK methods
cf79f85
@vinay-gopalan
more refactoring
cf669a0
@vinay-gopalan
add multi-issuer fields for root cert resource
5cd5308
@vinay-gopalan
isolate test for multi-issuer feature
3468ebd
@vinay-gopalan
add documentation
7e678eb
@vinay-gopalan
Merge branch 'main' into VAULT-15499/update-ca-resources
80b1db1
@vinay-gopalan
resolve merge conflicts
8a860b0
@vinay-gopalan
add multi-issuer fields to config CA resource
ee121b6
@vinay-gopalan
update docs for config ca resource
8e66428
@vinay-gopalan
update missed CRUD functions
0a64779
@vinay-gopalan
mark fields as non-sensitive to debug test in CI
4f29e9c
@vinay-gopalan
fix breaking tests
026b232
@vinay-gopalan
resolve merge conflicts
c58cae4
@vinay-gopalan
remove config ca updates for now due to inconsistent behavior between…
5cde1e7 
… vault versions
@vinay-gopalan
Merge branch 'VAULT-5960/pki-multi-issuer' into VAULT-15846/update-in…
fa78a6e 
…termediate-resources
@vinay-gopalan
add multi-issuer support for intermediate and sign resources
fa6d49f
@vinay-gopalan vinay-gopalan changed the title Vault 15846/update intermediate resources Add multi-issuer support to PKI Intermediate resources May 17, 2023
vinay-gopalan
vinay-gopalan commented May 17, 2023
View reviewed changes
vault/resource_pki_secret_backend_sign_test.go
Check: resource.ComposeTestCheckFunc(
resource.TestCheckResourceAttr(resourceName, "backend", intermediatePath),
resource.TestCheckResourceAttr(resourceName, "common_name", "cert.test.my.domain"),
testValidateCSR(resourceName),
),
},
{
SkipFunc: func() (bool, error) {
Copy link
Contributor Author

@vinay-gopalan vinay-gopalan May 17, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test will be pulled into its own test in a follow-up PR since Root Issuers need to be imported into the Intermediate mount for the full workflow. It will be better to isolate the test steps into their own test when the import bit is added in. Going to leave this in for this PR to demonstrate that the field is working as expected

An additional test will also be added in for vault/resource_pki_secret_backend_cert_test.go for the same use-case.

@vinay-gopalan vinay-gopalan requested a review from a team May 17, 2023 21:02
fairclothjm
fairclothjm approved these changes May 17, 2023
View reviewed changes
Copy link
Contributor

@fairclothjm fairclothjm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@vinay-gopalan vinay-gopalan merged commit 4af7644 into VAULT-5960/pki-multi-issuer May 31, 2023
@vinay-gopalan vinay-gopalan deleted the VAULT-15846/update-intermediate-resources branch May 31, 2023 16:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@raymonstah raymonstah raymonstah approved these changes

@fairclothjm fairclothjm fairclothjm approved these changes

Assignees
No one assigned
Labels
documentation size/XL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@vinay-gopalan @raymonstah @fairclothjm