Update TODOs to reference an issue with more details

And remove a no longer needed TODO
pull/11910/head
Daniel Nephin 2022-02-17 17:44:02 -05:00
parent 12f12d577a
commit 6b679aa9d4
3 changed files with 3 additions and 4 deletions

View File

@ -135,7 +135,7 @@ type PrimaryProvider interface {
// the active intermediate. If multiple intermediates are needed to complete
// the chain from the signing certificate back to the active root, they should
// all by bundled here.
// TODO: replace with GenerateLeafSigningCert
// TODO: replace with GenerateLeafSigningCert (https://github.com/hashicorp/consul/issues/12386)
GenerateIntermediate() (string, error)
// SignIntermediate will validate the CSR to ensure the trust domain in the

View File

@ -603,7 +603,6 @@ func (v *VaultProvider) SignIntermediate(csr *x509.CertificateRequest) (string,
// CrossSignCA takes a CA certificate and cross-signs it to form a trust chain
// back to our active root.
func (v *VaultProvider) CrossSignCA(cert *x509.Certificate) (string, error) {
// TODO: is this necessary? Doesn't vault check this for us?
rootPEM, err := v.getCA(v.config.RootPKIPath)
if err != nil {
return "", err

View File

@ -488,7 +488,7 @@ func (c *CAManager) primaryInitialize(provider ca.Provider, conf *structs.CAConf
return err
}
// TODO: delete this
// TODO: https://github.com/hashicorp/consul/issues/12386
interPEM, err := provider.GenerateIntermediate()
if err != nil {
return fmt.Errorf("error generating intermediate cert: %v", err)
@ -976,7 +976,7 @@ func (c *CAManager) primaryUpdateRootCA(newProvider ca.Provider, args *structs.C
}
}
// TODO: delete this
// TODO: https://github.com/hashicorp/consul/issues/12386
intermediate, err := newProvider.GenerateIntermediate()
if err != nil {
return err