Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add -dev-tls-san flag #22657

Merged
merged 5 commits into from
Aug 31, 2023
Merged

Add -dev-tls-san flag #22657

merged 5 commits into from
Aug 31, 2023

Conversation

tomhjp
Copy link
Contributor

@tomhjp tomhjp commented Aug 30, 2023

This is helpful when wanting to set up a dev server with TLS in Kubernetes and any other situations where the dev server may not be the same machine as the Vault client (e.g. in combination with some /etc/hosts entries)

tomhjp added 2 commits August 30, 2023 18:40
@tomhjp
Add -dev-tls-san flag
7c383f0 
This is helpful when wanting to set up a dev server with TLS in Kubernetes
and any other situations where the dev server may not be the same machine
as the Vault client (e.g. in combination with some /etc/hosts entries)
@tomhjp
changelog
e570f61
@tomhjp tomhjp added this to the 1.15 milestone Aug 30, 2023
@github-actions github-actions bot added the hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed label Aug 30, 2023
@github-actions
Copy link

Build Results:
All builds succeeded! ✅

@github-actions
Copy link

github-actions bot commented Aug 30, 2023
edited
Loading

CI Results:
All Go tests succeeded! ✅

jasonodonnell
jasonodonnell approved these changes Aug 30, 2023
View reviewed changes
Copy link
Contributor

@jasonodonnell jasonodonnell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Love this ❤️

cipherboy
cipherboy reviewed Aug 31, 2023
View reviewed changes
command/server.go Outdated
@@ -971,7 +984,7 @@ func configureDevTLS(c *ServerCommand) (func(), *server.Config, string, error) {
return nil, nil, certDir, err
}
}
config, err = server.DevTLSConfig(devStorageType, certDir)
config, err = server.DevTLSConfig(devStorageType, certDir, c.flagDevTLSSans)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One comment if you've got a minute: do you want to add the listen address here as well? I think it'd help close #18259, though we could always require the explicit SAN if we preferred... Just thinking the UX might be nice of the address+dev-tls (without dev-tls-san), but my 2c. :-)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice idea! Added in 3deacb8

@tomhjp
Copy link
Contributor Author

tomhjp commented Aug 31, 2023

Thanks both!

@tomhjp tomhjp merged commit 8764921 into main Aug 31, 2023
@tomhjp tomhjp deleted the dev-tls-san-flag branch August 31, 2023 22:31
@cipherboy cipherboy mentioned this pull request Sep 1, 2023
Closed
@tomhjp tomhjp mentioned this pull request Oct 24, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonodonnell jasonodonnell jasonodonnell approved these changes

@cipherboy cipherboy cipherboy approved these changes

Assignees
No one assigned
Labels
hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed
Projects
None yet
Milestone
1.15.0-rc1
Development

Successfully merging this pull request may close these issues.
3 participants
@tomhjp @cipherboy @jasonodonnell