Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add certificates for ssl test and an ssl test image #168

Merged
merged 1 commit into from
Dec 17, 2024
Merged

feat: add certificates for ssl test and an ssl test image #168

merged 1 commit into from
Dec 17, 2024

Conversation

aepfli
Copy link
Member

@aepfli aepfli commented Dec 16, 2024
edited
Loading

This adds another image protected via an SSL certificate with a custom CA.

If a key is used, the password is flagd in the creation process.

dockerfile improvements

Instead of having now two different dockerfiles, copying the files, and executing the script, i reduced one layer, by depending on the testbed image and only changing the entry point

testing

first run the docker container docker run --rm -p 8013:8013 flagd-testbed-ssl

curl -v --cacert ./custom-root-cert.crt https://localhost:8013/health should run in to 404

curl -v https://localhost:8013/health should run in to a cert error

closes #159

@aepfli
Copy link
Member Author

aepfli commented Dec 16, 2024

links to #159

@aepfli aepfli marked this pull request as ready for review December 16, 2024 12:00
@aepfli aepfli requested a review from toddbaert December 16, 2024 12:00
@aepfli
Copy link
Member Author

aepfli commented Dec 16, 2024

tested with java, worked

@aepfli
Copy link
Member Author

aepfli commented Dec 16, 2024

the only thing which we might want to add, is also a gherkin file for testing, but on the other hand, we could reuse the evaluation.feature with the basic testing flags

beeme1mr
beeme1mr reviewed Dec 17, 2024
View reviewed changes
ssl/custom-ca.key
@@ -0,0 +1,52 @@
-----BEGIN PRIVATE KEY-----
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we make this a GitHub secret? I know it's just for testing but I'm afraid scanners might pick this up and open issues in the repo.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well we could theoretically - I would for now leave it as is, and optimize if needed

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ya I would rather just ignore it in whatever tools flag it.

@toddbaert
Copy link
Member

👏 👏 👏 👏

Can't wait to have this implemented in various places. I'd be happy to help.

@toddbaert toddbaert merged commit 8177dc0 into open-feature:main Dec 17, 2024
4 checks passed
@github-actions github-actions bot mentioned this pull request Dec 17, 2024
Merged
@aepfli aepfli deleted the feat/ssl-image branch December 17, 2024 19:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@toddbaert toddbaert toddbaert approved these changes

@beeme1mr beeme1mr beeme1mr approved these changes

@chrfwow chrfwow Awaiting requested review from chrfwow

@warber warber Awaiting requested review from warber

@alexandraoberaigner alexandraoberaigner Awaiting requested review from alexandraoberaigner

@guidobrei guidobrei Awaiting requested review from guidobrei

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Question] Testing of custom certificates
3 participants
@aepfli @toddbaert @beeme1mr