Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove LJC codesign certs from all machines #2203

Merged
merged 1 commit into from
Jul 5, 2021
Merged

Remove LJC codesign certs from all machines #2203

merged 1 commit into from
Jul 5, 2021

Conversation

gdams
Copy link
Member

@gdams gdams commented Jun 3, 2021
edited
Loading

We no longer need these codesign certs. The safest option is to fully remove them from the machines to prevent us signing an Adoptium build with the wrong cert

Checklist
  • commit message has one of the standard prefixes
  • FAQ.md updated if appropriate
  • other documentation is changed or added (if applicable)
  • playbook changes run through VPC or QPC (if you have access)
  • for inventory.yml changes, bastillion/nagios/jenkins updated accordingly

sxa
sxa reviewed Jun 3, 2021
View reviewed changes
Copy link
Member

@sxa sxa left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Happy with this in principle but it might be worth waiting until we're a little further down the Adoptium route before merging and deploying. We should also verify whether this will impact other teams using our stuff as we wouldn't want to risk destabilising others that might be relying on those certificates. Tagging @AdamBrousseau (I'm not sure if you're using any of the signing mechanisms that will be affected by this) for a review before accepting this change

AdamBrousseau
AdamBrousseau approved these changes Jun 3, 2021
View reviewed changes
Copy link
Contributor

@AdamBrousseau AdamBrousseau left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the heads up Stewart. After review I think we should be fine with this change. We use a different mechanism now to sign our mac & win builds.

@karianna karianna added this to the June 2021 milestone Jun 6, 2021
@karianna
Copy link
Contributor

karianna commented Jun 6, 2021

Vagrant run is erroring on:

/opt/vagrant/embedded/gems/2.2.16/gems/vagrant-2.2.16/lib/vagrant/patches/net-ssh.rb:10:in rsa_compat_build_request': undefined method []' for nil:NilClass (NoMethodError)

@Haroon-Khel
Copy link
Contributor

The vagrant failure is on the Solaris check. I wouldnt think it would be associated with this pr. Either way, ive kicked off another job

@sxa sxa mentioned this pull request Jun 15, 2021
Open
@sxa
Copy link
Member

sxa commented Jun 21, 2021

The vagrant failure is on the Solaris check. I wouldnt think it would be associated with this pr. Either way, ive kicked off another job

@Haroon-Khel What was the other job? Was it a re-run of the Solaris check or something else?

@Haroon-Khel
Copy link
Contributor

Haroon-Khel commented Jun 21, 2021
edited
Loading

@Haroon-Khel What was the other job? Was it a re-run of the Solaris check or something else?

@sxa A re run of the Solaris check. It still fails with the same error. As discussed in Slack, we agreed that the failure does not concern this pr. Is it safe to merge then?

@Haroon-Khel Haroon-Khel mentioned this pull request Jun 22, 2021
Open
@gdams
Copy link
Member Author

gdams commented Jun 23, 2021
edited
Loading

I'd say this is safe to merge. @sxa please approve and merge

@sxa sxa merged commit 501c87f into adoptium:master Jul 5, 2021
@sxa sxa mentioned this pull request Sep 15, 2021
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sxa sxa sxa approved these changes

@AdamBrousseau AdamBrousseau AdamBrousseau approved these changes

Assignees
No one assigned
Labels
ansible
Projects
None yet
Milestone
June 2021
Development

Successfully merging this pull request may close these issues.
5 participants
@gdams @karianna @Haroon-Khel @sxa @AdamBrousseau