Open bmwiedemann opened 2 months ago
We should be able to update the tests with new certs with longer expirations (say 100 or 1000 years.)
@nbrownus informed me that one of the tests has an embedded cert from the initial implementation of nebula-cert
which may have a slightly different protobuf representation than we have today. In order to update the tests, we'll need to check out the old code (from before it was released publicly) and generate a new cert using that iteration of the tool.
This is on my radar.
What version of
nebula
are you using? (nebula -version
)1.8.2
What operating system are you using?
openSUSE Tumbleweed
Describe the Bug
While working on reproducible builds for openSUSE, I found that our nebula-1.8.2 package fails build-tests after 2027-11-11
To reproduce on Debian or openSUSE, use osc checkout openSUSE:Factory/nebula && cd $_ osc build --no-service --vm-type=kvm --build-opt=--vm-custom-opt=-rtc\ base=2027-11-12T00:00:00 standard
or set the system time instead.
Background: As part of my work on reproducible builds for openSUSE, I check that software still gives identical build results in the future. The usual offset is +16 years, because that is how long I expect some software will be used in some places. This showed up failing tests in our package build.
Logs from affected hosts
build log (from year 2040):
Config files from affected hosts