Skip to content

SQC-352 SQC-353 Create cert upload command for client side mtls certificate/CA chain certificates #7466

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 22, 2025
Merged

SQC-352 SQC-353 Create cert upload command for client side mtls certificate/CA chain certificates #7466

merged 1 commit into from
Jan 22, 2025

Conversation

@Ltadrian
Copy link
Contributor

@Ltadrian Ltadrian commented Dec 5, 2024
edited by emily-shen
Loading

Create cert upload command for client side mtls certificate/CA chain certificates

Fixes SQC-352 and SQC-353.

  • Allows the capability to upload custom CA certificates and client mTLS certificates. This is a lot similar to mtls-certificate command but our goal was to avoid confusion with workers support. This custom CA certificates upload is not a supported binding for workers. It will be available as a Hyperdrive binding very soon.

Internal JIRA
SQC-352
SQC-353

@Ltadrian Ltadrian requested a review from a team as a code owner December 5, 2024 23:25
@changeset-bot
Copy link

changeset-bot bot commented Dec 5, 2024
edited
Loading

🦋 Changeset detected

Latest commit: 0070c68

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages
Name Type
wrangler Minor
@cloudflare/vitest-pool-workers Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

mtlemilio
mtlemilio reviewed Dec 6, 2024
View reviewed changes
@lrapoport-cf
Copy link
Contributor

lrapoport-cf commented Dec 9, 2024

hi @Ltadrian :) we recently introduced a new createCommand utility to be used when new commands are being added. can you please review https://github.com/cloudflare/workers-sdk/blob/main/packages/wrangler/CONTRIBUTING.md and update this PR accordingly? thank you!

@Ltadrian Ltadrian force-pushed the ltadrian/cert-upload-mtls branch 4 times, most recently from 15327ba to 03af501 Compare December 10, 2024 18:58
@Ltadrian
Copy link
Contributor Author

Ltadrian commented Dec 10, 2024

hi @Ltadrian :) we recently introduced a new createCommand utility to be used when new commands are being added. can you please review https://github.com/cloudflare/workers-sdk/blob/main/packages/wrangler/CONTRIBUTING.md and update this PR accordingly? thank you!

this has been updated now, thank you 😄

@Ltadrian Ltadrian force-pushed the ltadrian/cert-upload-mtls branch 4 times, most recently from e3d8b3d to 4450a1b Compare December 31, 2024 16:02
@github-actions
Copy link
Contributor

github-actions bot commented Dec 31, 2024
edited
Loading

A wrangler prerelease is available for testing. You can install this latest build in your project with:

npm install --save-dev https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12896554924/npm-package-wrangler-7466

You can reference the automatically updated head of this PR with:

npm install --save-dev https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/prs/7466/npm-package-wrangler-7466

Or you can use npx with this latest build directly:

npx https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12896554924/npm-package-wrangler-7466 dev path/to/script.js
Additional artifacts:

cloudflare-workers-bindings-extension:

wget https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12896554924/npm-package-cloudflare-workers-bindings-extension-7466 -O ./cloudflare-workers-bindings-extension.0.0.0-vcd391f3c5.vsix && code --install-extension ./cloudflare-workers-bindings-extension.0.0.0-vcd391f3c5.vsix

create-cloudflare:

npx https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12896554924/npm-package-create-cloudflare-7466 --no-auto-update

@cloudflare/kv-asset-handler:

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12896554924/npm-package-cloudflare-kv-asset-handler-7466

miniflare:

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12896554924/npm-package-miniflare-7466

@cloudflare/pages-shared:

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12896554924/npm-package-cloudflare-pages-shared-7466

@cloudflare/unenv-preset:

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12896554924/npm-package-cloudflare-unenv-preset-7466

@cloudflare/vite-plugin:

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12896554924/npm-package-cloudflare-vite-plugin-7466

@cloudflare/vitest-pool-workers:

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12896554924/npm-package-cloudflare-vitest-pool-workers-7466

@cloudflare/workers-editor-shared:

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12896554924/npm-package-cloudflare-workers-editor-shared-7466

@cloudflare/workers-shared:

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12896554924/npm-package-cloudflare-workers-shared-7466

@cloudflare/workflows-shared:

npm install https://prerelease-registry.devprod.cloudflare.dev/workers-sdk/runs/12896554924/npm-package-cloudflare-workflows-shared-7466

Note that these links will no longer work once the GitHub Actions artifact expires.

[email protected] includes the following runtime dependencies:

Package Constraint Resolved
miniflare workspace:* 3.20241230.2
workerd 1.20241230.0 1.20241230.0
workerd --version 1.20241230.0 2024-12-30

Please ensure constraints are pinned, and miniflare/workerd minor versions match.

@emily-shen emily-shen added the e2e Run wrangler + vite-plugin e2e tests on a PR label Jan 2, 2025
emily-shen
emily-shen requested changes Jan 2, 2025
View reviewed changes
Copy link
Contributor

@emily-shen emily-shen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

would also be great to add some e2e tests :)

packages/wrangler/src/__tests__/cert.test.ts
Comment on lines +114 to +132
typeof certs === "undefined"
? [
{
id: "1234",
name: "cert one",
certificates: "BEGIN CERTIFICATE...",
issuer: "example.com...",
uploaded_on: now.toISOString(),
expires_on: oneYearLater.toISOString(),
},
{
id: "5678",
name: "cert two",
certificates: "BEGIN CERTIFICATE...",
issuer: "example.com...",
uploaded_on: now.toISOString(),
expires_on: oneYearLater.toISOString(),
},
]
: certs,
Copy link
Contributor

@emily-shen emily-shen Jan 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you can do
certs ?? [... whatever you want to return if undefined]

@Ltadrian Ltadrian force-pushed the ltadrian/cert-upload-mtls branch 2 times, most recently from 4f0a3b6 to 9356364 Compare January 2, 2025 17:35
@Ltadrian
Copy link
Contributor Author

Ltadrian commented Jan 2, 2025

would also be great to add some e2e tests :)

is that required?

@emily-shen
Copy link
Contributor

emily-shen commented Jan 3, 2025

would also be great to add some e2e tests :)

is that required?

yes, all new commands/features should have some happy-path e2e's before release :)

@emily-shen emily-shen removed the e2e Run wrangler + vite-plugin e2e tests on a PR label Jan 3, 2025
@workers-devprod workers-devprod mentioned this pull request Jan 3, 2025
Closed
@Ltadrian Ltadrian force-pushed the ltadrian/cert-upload-mtls branch from 9356364 to 44fbd6f Compare January 14, 2025 03:28
@workers-devprod workers-devprod added the e2e Run wrangler + vite-plugin e2e tests on a PR label Jan 14, 2025
@Ltadrian Ltadrian force-pushed the ltadrian/cert-upload-mtls branch 2 times, most recently from 6b67e53 to 9c7342b Compare January 14, 2025 03:52
@emily-shen emily-shen removed the e2e Run wrangler + vite-plugin e2e tests on a PR label Jan 14, 2025
emily-shen
emily-shen reviewed Jan 14, 2025
View reviewed changes
packages/wrangler/e2e/cert.test.ts
Copy link
Contributor

@emily-shen emily-shen Jan 14, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is it possible to generate a new cert and key each time? Just concerned about simultaneous CI runs interfering with each other.

Other than that, lgtm :))

Copy link
Contributor Author

@Ltadrian Ltadrian Jan 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this has been updated to generate certs

@workers-devprod workers-devprod mentioned this pull request Jan 14, 2025
Closed
@Ltadrian Ltadrian force-pushed the ltadrian/cert-upload-mtls branch from 9c7342b to 545288b Compare January 14, 2025 17:54
@workers-devprod workers-devprod added the e2e Run wrangler + vite-plugin e2e tests on a PR label Jan 14, 2025
@workers-devprod workers-devprod mentioned this pull request Jan 15, 2025
Closed
@emily-shen emily-shen removed the e2e Run wrangler + vite-plugin e2e tests on a PR label Jan 15, 2025
@Ltadrian Ltadrian force-pushed the ltadrian/cert-upload-mtls branch from 545288b to 0b9120a Compare January 15, 2025 15:46
@workers-devprod workers-devprod added the e2e Run wrangler + vite-plugin e2e tests on a PR label Jan 15, 2025
mtlemilio
mtlemilio approved these changes Jan 15, 2025
View reviewed changes
Copy link
Contributor

@mtlemilio mtlemilio left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor observations.

@Ltadrian Ltadrian force-pushed the ltadrian/cert-upload-mtls branch from 0b9120a to c396657 Compare January 16, 2025 02:10
@workers-devprod workers-devprod mentioned this pull request Jan 16, 2025
Closed
@Ltadrian Ltadrian force-pushed the ltadrian/cert-upload-mtls branch 2 times, most recently from f20e123 to 7b4ca30 Compare January 16, 2025 18:34
@emily-shen
Copy link
Contributor

emily-shen commented Jan 17, 2025
edited
Loading

Approved pending tests and checks passing :))

@Ltadrian Ltadrian force-pushed the ltadrian/cert-upload-mtls branch 2 times, most recently from d8dc1f9 to 4a37ff3 Compare January 21, 2025 13:28
@workers-devprod workers-devprod mentioned this pull request Jan 21, 2025
Closed
@Ltadrian Ltadrian force-pushed the ltadrian/cert-upload-mtls branch 3 times, most recently from 3124df7 to fc36050 Compare January 21, 2025 21:47
@Ltadrian Ltadrian force-pushed the ltadrian/cert-upload-mtls branch from fc36050 to 0070c68 Compare January 21, 2025 21:52
@CarmenPopoviciu CarmenPopoviciu merged commit e5ebdb1 into cloudflare:main Jan 22, 2025
29 checks passed
@workers-devprod workers-devprod added the contribution [Holopin] Recognizes an open-source contribution, big or small label Jan 22, 2025
@holopin-bot
Copy link

holopin-bot bot commented Jan 22, 2025

Congratulations @Ltadrian, the maintainer of this repository has issued you a holobyte! Here it is: https://holopin.io/holobyte/cm67rvuim00680cl70w24r0rw

This badge can only be claimed by you, so make sure that your GitHub account is linked to your Holopin account. You can manage those preferences here: https://holopin.io/account.
Or if you're new to Holopin, you can simply sign up with GitHub, which will do the trick!

@workers-devprod workers-devprod mentioned this pull request Jan 22, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@emily-shen emily-shen emily-shen approved these changes

+1 more reviewer

@mtlemilio mtlemilio mtlemilio approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

contribution [Holopin] Recognizes an open-source contribution, big or small e2e Run wrangler + vite-plugin e2e tests on a PR

Projects

workers-sdk
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@Ltadrian @lrapoport-cf @emily-shen @mtlemilio @CarmenPopoviciu @workers-devprod