WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

Generate certificate bundle #90

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ehelms wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Generate certificate bundle #90

ehelms wants to merge 3 commits into from

Conversation

@ehelms
Copy link
Member

@ehelms ehelms commented Feb 24, 2025

Here is an idea I am playing around with. To help with splitting the installation, this would allow new installer method to generate a certificate tarball the same structure as expected input as what's created today.

This includes #89

@ehelms ehelms force-pushed the generate-certificate-bundle branch 4 times, most recently from b6c101f to dc3b348 Compare March 5, 2025 15:28
@ehelms ehelms force-pushed the generate-certificate-bundle branch from dc3b348 to b84f5e7 Compare March 11, 2025 13:26
@ehelms ehelms force-pushed the generate-certificate-bundle branch from b84f5e7 to d79a072 Compare April 15, 2025 18:34
@ehelms ehelms force-pushed the generate-certificate-bundle branch from d79a072 to 896243b Compare May 12, 2025 17:38
@ehelms
Copy link
Member Author

ehelms commented Nov 2, 2025

@evgeni do you think we should merge this in to have this functionality available?

@evgeni
Copy link
Member

evgeni commented Nov 3, 2025

This is sort-of, but not exactly, foreman-proxy-certs-generate?

@ehelms
Copy link
Member Author

ehelms commented Nov 3, 2025

Yes - this only generates the bundle, it does not generate a set of certificates to be used.

@ehelms
Copy link
Member Author

ehelms commented Nov 3, 2025

Yes - this only generates the bundle, it does not generate a set of certificates to be used.

I don't know why I said that. It does generate:

https://github.com/theforeman/foremanctl/pull/90/files#diff-fb6297cdf41a5feeec15076b96b199aec15138cd7abcac4f6bdb7eb18620a91aR12-R15

@evgeni evgeni force-pushed the generate-certificate-bundle branch from 896243b to a9ad699 Compare November 24, 2025 11:33
evgeni
evgeni reviewed Nov 24, 2025
View reviewed changes
evgeni
evgeni reviewed Nov 24, 2025
View reviewed changes
src/playbooks/certificate-bundle/certificate-bundle.yaml
Comment on lines +15 to +16
- role: foreman_installer_certs
when: "certificate_source == 'installer'"
Copy link
Member

@evgeni evgeni Nov 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This won't work as that role is not present on a prod install. How do we want to handle that?

@evgeni evgeni force-pushed the generate-certificate-bundle branch from a9ad699 to 05a6c94 Compare November 24, 2025 11:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@evgeni evgeni evgeni left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ehelms @evgeni