mirror of https://github.com/coder/coder.git
chore: reduce azure CA cert validity check period to 2 months (#12788)
Signed-off-by: Danny Kopping <danny@coder.com>
This commit is contained in:
parent
0288e73e9b
commit
d734f3fb74
|
@ -53,15 +53,17 @@ func TestValidate(t *testing.T) {
|
||||||
|
|
||||||
func TestExpiresSoon(t *testing.T) {
|
func TestExpiresSoon(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
|
const threshold = 2
|
||||||
|
|
||||||
for _, c := range azureidentity.Certificates {
|
for _, c := range azureidentity.Certificates {
|
||||||
block, rest := pem.Decode([]byte(c))
|
block, rest := pem.Decode([]byte(c))
|
||||||
require.Zero(t, len(rest))
|
require.Zero(t, len(rest))
|
||||||
cert, err := x509.ParseCertificate(block.Bytes)
|
cert, err := x509.ParseCertificate(block.Bytes)
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
||||||
expiresSoon := cert.NotAfter.Before(time.Now().AddDate(0, 3, 0))
|
expiresSoon := cert.NotAfter.Before(time.Now().AddDate(0, threshold, 0))
|
||||||
if expiresSoon {
|
if expiresSoon {
|
||||||
t.Errorf("certificate expires within 6 months %s: %s", cert.NotAfter, cert.Subject.CommonName)
|
t.Errorf("certificate expires within %d months %s: %s", threshold, cert.NotAfter, cert.Subject.CommonName)
|
||||||
} else {
|
} else {
|
||||||
url := "no issuing url"
|
url := "no issuing url"
|
||||||
if len(cert.IssuingCertificateURL) > 0 {
|
if len(cert.IssuingCertificateURL) > 0 {
|
||||||
|
|
Loading…
Reference in New Issue