Skip to content

license generator server accepts key_id argument #3137

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Tracked by #480
spikecurtis opened this issue Jul 22, 2022 · 1 comment
Closed
Tracked by #480

license generator server accepts key_id argument #3137

spikecurtis opened this issue Jul 22, 2022 · 1 comment
Labels
api Area: HTTP API

Comments

@spikecurtis
Copy link
Contributor

spikecurtis commented Jul 22, 2022
edited
Loading

Problem:

If we ever leak license signing keys, we want to be able to generate new ones. But, we can't start using a new key until after the public key has been added to a released version of Coder. So, we can't just take the latest key, we need to be configured.

AC:

  1. export LICENSOR_KEY_BUCKET to a Google Cloud Bucket containing multiple keys
  2. export LICENSOR_KEY_ID to the older key in the bucket
  3. start the server
  4. generate a license
  5. verify the license uses the correct key
  6. stop the server and change LICENSOR_KEY_ID to another key in the bucket
  7. start the server
  8. generate a license
  9. verify the license uses the correct key

Note: automated unit testing is generally not required for this repo
@spikecurtis spikecurtis added the api Area: HTTP API label Jul 22, 2022
@spikecurtis spikecurtis mentioned this issue Jul 23, 2022
Closed
21 tasks
@spikecurtis
Copy link
Contributor Author

Fixed by https://github.com/coder/license/pull/5

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
api Area: HTTP API
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@spikecurtis