Add a paragraph to update the fedmsg CRL and publish it
Fixes: https://pagure.io/fedora-infrastructure/issue/11599 Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard
parent
503a288196
commit
d6ee6aa6cb
1 changed files with 21 additions and 0 deletions
|
|
@ -176,3 +176,24 @@ panic. :)
|
|||
At the time of this writing, the CRL is not actually used. I need one
|
||||
publicly available first so we can test it out.
|
||||
====
|
||||
|
||||
== Regenerating the CRL
|
||||
|
||||
When the CRL has expired, it needs to be re-generated and re-published.
|
||||
|
||||
In the private repo:
|
||||
|
||||
....
|
||||
$ cd files/fedmsg-certs
|
||||
$ source ./vars
|
||||
$ ./regen-crl
|
||||
$ git commit -a -s -m "Regenerate the fedmsg CRL"
|
||||
$ git push
|
||||
....
|
||||
|
||||
Then run the proxies playbook including only the `fedmsg/crl` tag to publish
|
||||
the updated CRL:
|
||||
|
||||
....
|
||||
$ rbac-playbook playbooks/groups/proxies.yml -t fedmsg/crl
|
||||
....
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue