Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove hard-coded pkidbuser #4973

Merged
merged 1 commit into from
Feb 28, 2025
Merged

Remove hard-coded pkidbuser #4973

merged 1 commit into from
Feb 28, 2025
+56 −75

Conversation

edewata
Copy link
Contributor

@edewata edewata commented Feb 28, 2025

The pkidbuser is mainly used by PKI in IPA to access DS using client cert auth. Regular (non-IPA) PKI generally do not use this user but currently the user is created by default during installation and the username is hard-coded in PKI.

To simplify the installation the code that sets up the database user has been consolidated into configuration.py and the default pki_share_dbuser_dn has been removed so it will no longer create the user by default. IPA defines the pki_share_dbuser_dn during installation so it will not be affected by this change.

The non-IPA tests have been updated to no longer check pkidbuser.

There are still some references to pkidbuser in CertFixCLI (which is mainly used by IPA). They will be cleaned up separately later.

@edewata
Remove hard-coded pkidbuser
1193fac 
The pkidbuser is mainly used by PKI in IPA to access DS using
client cert auth. Regular (non-IPA) PKI generally do not use
this user but currently the user is created by default during
installation and the username is hard-coded in PKI.

To simplify the installation the code that sets up the database
user has been consolidated into configuration.py and the default
pki_share_dbuser_dn has been removed so it will no longer create
the user by default. IPA defines the pki_share_dbuser_dn during
installation so it will not be affected by this change.

The non-IPA tests have been updated to no longer check pkidbuser.

There are still some references to pkidbuser in CertFixCLI (which
is mainly used by IPA). They will be cleaned up separately later.
@edewata edewata requested a review from fmarco76 February 28, 2025 05:19
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
33.7% Duplication on New Code

See analysis details on SonarQube Cloud

fmarco76
fmarco76 approved these changes Feb 28, 2025
View reviewed changes
Copy link
Member

@fmarco76 fmarco76 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@edewata
Copy link
Contributor Author

edewata commented Feb 28, 2025

@fmarco76 Thanks!

@edewata edewata merged commit aa3c316 into dogtagpki:master Feb 28, 2025
168 of 177 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fmarco76 fmarco76 fmarco76 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@edewata @fmarco76