Since our git operations (over http) go cross-dc, we should secure them.
Description
Description
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Resolved | LSobanski | T111653 Encrypt all the things | |||
Open | None | T127498 git/http operations in scap should be secure |
Event Timeline
Comment Actions
From the parent task, "We currently have IPsec deployed for some limited use cases. "
Comment Actions
Sounds to me it should be a service provided by the infrastructure. Ie all of our crap should not have to care about encrypting. That ends up being way simpler since you can deploy wtf you want and have a guarantee by the underlying layer that encryption is achieved.
Comment Actions
So we've got two options going forward, neither of which are terribly hard.
- We can generate some certs and slap them on the apache instance we use for git operations. Fairly trivial, just some config swaps.
- If we go with T116630: Remove apache dependency from scap3 deployment host, it needs to support TLS (and per discussion with @mark, probably only TLS)
Comment Actions
We discussed this in the deployment meeting today. @faidon suggested one option is for scap to deploy ephemeral tls keys to the proxy nodes and then start up the git-https process.