Joseph Schorr
|
bbdf9e074c
|
Add metrics for tracking when instance key renewal succeeds and fails, as well as when instance key *lookup* fails
|
2018-02-02 11:14:42 -05:00 |
|
Joseph Schorr
|
a927ce3e0f
|
Have boot.py verify that the existing instance's service key is valid and regenerate if it is not
This prevents the scenario where a container is restarted after an outage and therefore runs with a bad key
|
2018-02-02 11:14:00 -05:00 |
|
Antoine Legrand
|
cdb3722c17
|
Use $QUAYPATH and $QUAYDIR in conf and init files
|
2017-07-05 16:23:54 +02:00 |
|
Joseph Schorr
|
8887f09ba8
|
Use the instance service key for registry JWT signing
|
2016-06-07 11:58:10 -04:00 |
|
Joseph Schorr
|
2cbdecb043
|
Implement setup tool support for Clair
Fixes #1387
|
2016-05-04 13:40:50 -04:00 |
|
Evan Cordell
|
85ab543e9e
|
Explicit expiration date param
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
489752a0b7
|
Only refresh current instance service key
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
a6f6a114c2
|
service key worker to refresh automatic keys
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
c766727d1d
|
address review comments
- more inline documentation
- don't explicitly specify audience
- approver is optional in `generate_key`
- ADD -> RUN for better caching of jwtproxy
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
d2aa4be29e
|
Explicitly set jwtproxy audience
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
47a52a47eb
|
Remove unneeded service key expiration
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
9ffc32f680
|
Generate preshared key on boot
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
cf5f7aa476
|
Create JWK formatted key on startup
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
668ce2c7cd
|
Generate private key on startup
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
da0a988650
|
Configure jwtproxy from stack/conf yaml
|
2016-04-29 14:10:33 -04:00 |
|
Silas Sewell
|
5000b1621c
|
superuser: add storage replication config
|
2015-11-09 17:34:22 -05:00 |
|