letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,461 Commits 89 Branches 416 Tags 101 MiB
Commit Graph

92 Commits

Author SHA1 Message Date
Jeff Hodges 283d8de59b remove TestMode completely 
This removes TestMode from the boulder-va command, from ca.Config
(it was only used in the VA) and gets the integration config to specify
the ports it should use explicitly.

(It also removes a DBDriver field from ca.Config that was left over from
letsencrypt/boulder#624.)

Fixes #627.
 2015-08-25 21:57:24 -07:00
Jeff Hodges 7b6f2894f7 add goose as the migration tool 
This has required some substantive changes to the tests. Where
previously the foreign key constraints did not exist in the tests, now
that we use the actual production schema, they do. This has mostly led
to having to create real Registrations in the sa, ca, and ra tests. Long
term, it would be nice to fake this out better instead of needing a real
sa in the ca and ra tests.

The "goose" being referred to is <https://bitbucket.org/liamstask/goose>.

Database migrations are stored in a _db directory inside the relevant
owner service (namely, ca/_db, and sa/_db, today).

An example of migrating up with goose:

    goose -path ./sa/_db -env test up

An example of creating a new migration with goose:

    goose -path ./sa/_db -env test create NameOfNewMigration sql

Notice the "sql" at the end. It would be easier for us to manage sql
migrations. I would like us to stick to only them. In case we do use Go
migrations in the future, the underscore at the beginning of "_db" will
at least prevent build errors when using "..." with goose-created Go
files. Goose-created Go migrations do not compile with the go tool but
only with goose.

Fixes #111
Unblocks #623
 2015-08-25 12:02:31 -07:00
Roland Shoemaker 7ad8847ba2 Standardize CLI UX 2015-08-23 23:17:14 -07:00
Jeff Hodges 5e97aa23c6 use MariaDB in the unit tests 
And delete the uses of sqlite3
 2015-08-14 17:13:15 -07:00
Roland Shoemaker 17fa14264e Switch to separate PA struct 2015-08-14 11:12:59 -07:00
Roland Shoemaker 56aa55208e Add stomped/forgotten PolicyDB config struct 
Standardize DB config names

Actually standardize

Yeah really this time
 2015-08-14 11:04:17 -07:00
Jeremy Gillula e9b24cfafd Merge remote-tracking branch 'origin/master' into existing-cert 
Conflicts:
	cmd/boulder-ra/main.go
	cmd/boulder/main.go
	cmd/shell.go
	core/objects.go
	policy/policy-authority_test.go
	test/boulder-config.json
 2015-08-10 12:02:01 -07:00
Jeremy Gillula 553b72ed3b gofmt loves to change my whitespace 2015-08-07 14:15:48 -07:00
Jeremy Gillula d9b1f3d453 Added enforcement of AMQPS. If the insecure flag is true, then we also require the URL to be AMQPS and the TLS config info to be set, otherwise we fail out. If insecure is true, then we don't check for anything else. 2015-08-07 14:04:12 -07:00
bifurcation bf4ac4f2a2 Merge pull request #575 from letsencrypt/grace 
Gracefully shutdown RPC servers on SIGINT/SIGTERM (and move reconnection logic out of binaries)
 2015-08-05 15:46:10 -04:00
Roland Shoemaker 5ac7652ef4 Major rewrite 2015-08-04 16:23:49 -07:00
Jeff Hodges 1af27c8e9e add newline to cmd failure string 2015-08-04 15:48:48 -07:00
Roland Shoemaker 900a170fcd Review fixes and for loop cleanup 2015-08-04 11:38:16 -07:00
Roland Shoemaker 19c76ac94f Stick with previous method name, add uncommitted comment 2015-08-04 11:27:12 -07:00
Roland Shoemaker c9c05cfb46 Add comments, move reconnection logic out of binaries (except for the WFE which is a weird case) 2015-08-03 23:02:52 -07:00
Roland Shoemaker 85d037f7a7 Gracefully shutdown RPC servers 2015-08-03 16:47:47 -07:00
Jeremy Gillula 289dfeabe6 Fixing go formatting issues (ran go fmt on the files below) 2015-07-28 17:07:36 -07:00
Jeremy Gillula 321d611d20 Forgot to stage some files in last commit 2015-07-28 16:03:40 -07:00
Jeremy Gillula 65c923d547 we now ignore duplicate additions and require three different command line args 2015-07-28 14:03:56 -07:00
Roland Shoemaker 145790d9c3 Review fixes 2015-07-27 12:46:09 -07:00
Roland Shoemaker bd9286dd5b Merge branch 'master' into mailer 2015-07-24 16:36:50 -07:00
Roland Shoemaker 6c2f3ea8cc Merge branch 'master' into mailer 2015-07-23 15:33:43 -07:00
Roland Shoemaker b5f519d22d Rework how the expiration mailer looks for certificates 2015-07-23 15:33:28 -07:00
Roland Shoemaker bf0673c35f DNS config refactoring 2015-07-22 15:54:40 -07:00
Jacob Hoffman-Andrews 61394e4f2d Merge pull request #506 from letsencrypt/native-mx-lookup 
Replace net.LookupMX use with core.LookupMX
 2015-07-22 15:17:38 -07:00
Roland Shoemaker 31f0674f03 Replace net.LookupMX with core.LookupMX using defined resolver 2015-07-21 22:36:29 -07:00
Roland Shoemaker 9aa4357fdf Initial bulk mailer work 2015-07-20 15:34:42 -07:00
Roland Shoemaker 87827be6f1 Merge branch 'master' into cache-headers 2015-07-17 17:44:55 -07:00
Roland Shoemaker 6a2344e1bf Add config vars and wire them into cmd/boulder and cmd/boulder-wfe 2015-07-17 17:44:03 -07:00
Jacob Hoffman-Andrews 8549ecae81 Merge pull request #439 from letsencrypt/426-amqp_acl_restrictive 
426 - Support minimum permissions in AMQP
 2015-07-17 15:59:25 -07:00
Jeff Hodges 47d9d7376d add debug server config for the monolithic boulder 
Fixes #482
 2015-07-17 12:33:50 -07:00
J.C. Jones f71e36e114 Move DeclareExchange into its own method. 2015-07-16 13:30:52 -07:00
Jeremy Gillula 867ce685f8 First cut of command-line tool for importing certs from other external sources like the SSL Observatory, Certificate Transparency, and scans.io 2015-07-15 18:38:35 -07:00
Jeff Hodges ef54dda46a add debug http server to services 
Currently, the debug http server in every service contains just the
net/http/pprof handlers. This allows us to get CPU, blocking, and memory
profiling remotely.

Along the way, remove all the places we use http.DefaultServeMux (which
includes use of http.Handle and http.HandlerFunc) and use a NewServeMux
for each place.

Fixes #457
 2015-07-14 01:28:18 -07:00
Jeff Hodges 79d9b52ad0 rename dbName to dbConnect 
The configuration is actually a connection string, not a database name,
and it was a bit confusing.
 2015-07-10 16:17:27 -07:00
Richard Barnes 718920afa3 Enable the VA to send a user-agent header field. 2015-06-23 11:15:51 -07:00
Jacob Hoffman-Andrews 7d94800dea Add DB to Policy Authority. 2015-06-22 15:31:06 -07:00
J.C. Jones a54f18f3d0 Refactor AMQPS config to be all-optional, and style updates. 2015-06-22 08:15:10 -07:00
J.C. Jones 503bbe4254 Rename the TLS configuration to "TLS" (from SSL... what was I thinking?) 2015-06-22 06:25:57 -07:00
J.C. Jones adfd9ed1c6 Also correct method execution order (style). 2015-06-22 06:23:04 -07:00
J.C. Jones 4a495d0874 Fixes #387 - Check whether the certificate / privkey is set before trying to load it. 2015-06-22 06:09:11 -07:00
J.C. Jones f95e9eaa83 Support TLS mutual authentication for AMQPS 2015-06-18 16:23:48 -07:00
Jacob Hoffman-Andrews 117d8d5878 Merge pull request #362 from letsencrypt/lint 
Correct most `go lint` warnings. (274 -> 5)
 2015-06-17 10:43:42 -07:00
Jacob Hoffman-Andrews 05f04709e9 Update cfssl dependency to latest master 
Also, remove dependency on cfssl CLI binary, and transitive dependency cf-tls.
These are no longer necessary now that we use the local signer. And the cf-tls
dependency had drifted out of date, causing build issues when I updated cfssl to
master.
 2015-06-17 09:26:52 -07:00
J.C. Jones 41f5788c77 Correct most `go lint` warnings. (274 -> 5) 2015-06-16 22:18:28 -05:00
Roland Shoemaker 0265b6f5d0 Merge upstream/master and fix conflicts 2015-06-10 12:43:11 -07:00
J.C. Jones 76f7b1c1e4 Improve build identification 
New example:

2015/06/09 09:20:13 Versions: boulder=(generate_ocsp +0c101f2 Tue Jun  9 16:20:06 UTC 2015) Golang=(devel +46b4f67 Thu Apr 16 20:01:13 2015 +0000) BuildHost=(user@vm.local)
 2015-06-09 09:22:29 -07:00
Roland Shoemaker 4ecd6d58b6 Merge master 2015-06-06 02:11:46 +01:00
Roland Shoemaker 0bfc50b7e5 Add check for max key size 2015-06-05 19:02:10 +01:00
J.C. Jones d4eadd9aa3 Fix output of `cmd` --version to show version and build 2015-06-04 13:44:46 -07:00