cyberark-conjur-cli icon indicating copy to clipboard operation
cyberark-conjur-cli copied to clipboard

Published 20 hours ago verified publisher icon cyberark

Automation - Add certificate flows to pipeline

Open sigalsax opened this issue 3 years ago • 0 comments

In the CLI we need to check against two different certificate flows, when the server is configured with:

  1. a verifiable ca-signed certificate (this task)
  2. a non-verifiable ca-signed certificate (current)

General Information

Python comes with a list of trusted CAs. Every certificate signed by those CAs will be considered as trusted certificate. Those CAs are located in a file called cacerts.pem. To get the path of this file, run in python3 -c "import certifi; print(certifi.where())". To make a certificate verifiable we need to add the root CA to that location!

Task

At a high level, we want to add the a verifiable ca-signed certificate to our test pipeline

  • [ ] Automate the steps mentioned in this doc to create CA and generate CA-signed certificate
  • [ ] Build the test binary artifact as described under the section Running tests with configurable environment here to allow the certificate to be verifiable
  • [ ] Run the binary that will trigger the tests to run with a verifiable ca signed cert

NOTE: there should be two different containers for building the test artifact and for running it

sigalsax avatar May 09 '21 07:05 sigalsax