Automatize JWT key rotation

Open silvin-lubecki opened this issue 5 years ago • 1 comments

As a docker scan lambda maintainer, So I can rotate jwt keys easily, I want an automatized process which does everything for me.

Tasks

Add a manual triggered github action on the repo. It needs to:

create a new ES256 key pair
Generate the PEM format private key
Generate the jwks.json with the public key
optional: fetch the current jwks.json file and add the new key
Change the private key in the lambda parameter /stage/hub_scan_snyk_jwt/private_signing_key
Push the jwks.json file to the s3 bucket

Jul 10 '20 08:07 silvin-lubecki

PR https://github.com/docker/hub.scan-snyk-jwt/pull/16

Aug 18 '20 14:08 silvin-lubecki