Arvados

23168-salt-installer-tls-update @ 08a5e1268b72e

test-provision: #1294

• All agreed upon points are implemented / addressed. Describe changes from pre-implementation design.
  • Yes. Usage of openssl was rendered unnecessary by an improved way of reloading nginx only once after all cert/key pairs are updated.
• Anything not implemented (discovered or discussed during work) has a follow-up story.
  • No.
• Code is tested and passing, both automated and manual, what manual testing was done is described.
  • Automated test are failing at the moment because of external reasons: The phusion passenger deb repo has some kind of problem and it's being worked on -- will retry as soon as it's reported to be fixed.
  • This solution is already manually tested and implemented in running environments.
• The tested code incorporates recent main branch changes.
  • Yes
• New or changed UI/UX has gotten feedback from stakeholders.
  • No change on UI/UX
• Documentation has been updated.
  • No
• Behaves appropriately at the intended scale (describe intended scale).
  • Behaves a lot better (faster) on nodes that have many certs.
• Considered backwards and forwards compatibility issues between client and server.
  • comments
• Follows our coding standards and GUI style guidelines.
  • N/A

Lucas Di Pentima wrote in #note-1:

23168-salt-installer-tls-update @ 08a5e1268b72e

LGTM, thanks.