rawlinp commented on a change in pull request #6024:
URL: https://github.com/apache/trafficcontrol/pull/6024#discussion_r712498129
##########
File path: traffic_ops/traffic_ops_golang/config/config.go
##########
@@ -173,6 +174,14 @@ type ConfigAcmeAccount struct {
HmacEncoded string `json:"hmac_encoded"`
}
+type DefaultCertificateInfo struct {
Review comment:
Can we add some config validation to ensure that if the config contains
the `default_certificate_info` section, that all the fields within it are
non-empty? I'm not sure if that would cause the certificate generation to fail
or not, but I'd think if there were any empty fields that it would be
unintentional.
##########
File path: traffic_ops/traffic_ops_golang/deliveryservice/sslkeys.go
##########
@@ -115,3 +118,70 @@ func generatePutRiakKeys(req
tc.DeliveryServiceGenSSLKeysReq, tx *sql.Tx, tv tra
}
return nil
}
+
+// GeneratePlaceholderSelfSignedCert generates a self-signed SSL certificate
as a placeholder when a new HTTPS
+// delivery service is created or an HTTP delivery service is updated to use
HTTPS.
+func GeneratePlaceholderSelfSignedCert(ds tc.DeliveryServiceV40, inf
*api.APIInfo, context context.Context) (error, int) {
+ version := util.JSONIntStr(1)
+
+ db, err := api.GetDB(context)
+ if err != nil {
+ return err, http.StatusInternalServerError
+ }
+ tx, err := db.Begin()
Review comment:
So I think this went back and forth, but are we not able to use
`inf.Tx.Tx` here? It seems like maybe there was a missing nil pointer check
that ended up fixing the tests?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
