Static certs are used during testing

cyberark / conjur-puppet

Official Puppet module for CyberArk Conjur

https://forge.puppet.com/cyberark/conjur

Apache License 2.0

6 stars 3 forks source link

Static certs are used during testing #226

Closed BradleyBoutcher closed 3 years ago

BradleyBoutcher commented 3 years ago

Is your feature request related to a problem? Please describe.

Our integration tests rely on a powershell script called expose-daemon.ps1. This includes a call to createCA, which consumes time and processing power. It would be more efficient to generate a set of certs that can be used every time.

Describe the solution you would like

A set of certs are generated and added to a test folder that can be used in place of dynamically generated certs

doodlesbykumbi commented 3 years ago

I should have added this to the conversation earlier. I think we definitely don’t want static certs when exposing the Docker daemon over TCP with TLS. Keeping them dynamic is a security consideration so that we have Just In Time™ credentials. With that in mind, I think we can probably close this issue.