Page MenuHomePhabricator

[identity][docker] Add option to generate opaque keypair
ClosedPublic

Authored by bartek on Oct 17 2023, 5:36 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Oct 29, 6:44 AM
Unknown Object (File)
Tue, Oct 29, 12:50 AM
Unknown Object (File)
Sun, Oct 27, 4:25 PM
Unknown Object (File)
Sep 28 2024, 4:33 PM
Unknown Object (File)
Sep 28 2024, 12:23 AM
Unknown Object (File)
Sep 28 2024, 12:23 AM
Unknown Object (File)
Sep 28 2024, 12:23 AM
Unknown Object (File)
Sep 28 2024, 12:19 AM
Subscribers

Details

Summary

I'm aware that this functionality existed before, but was removed in D8580. Now I'm reintroducing it but making opt-in.
For commtest being run as a docker container that depends on identity, the easisest way is to generate the opaque server setup during image build.

Depends on D9507

Test Plan
  • docker compose build identity-server creates unchanged image
  • docker compose build --build-arg 'generate_keypair=true' adds additional layer and generates secrets/server_setup.txt

Image layers can be checked using e.g. the dive tool: dive commapp/identity-server.

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable