Update patch set 10

Patch Set 10: (2 comments) Patch-set: 10 CC: Gerrit User 935 <935@4a232e18-c5a9-48ee-94c0-e04e7cca6543>
2024-01-10 11:36:38 +00:00 · 2024-01-10 11:36:38 +00:00 · 1bc69c7b86
parent 3ec254e0d7
commit 1bc69c7b86
2 changed files with 45 additions and 0 deletions
--- a/21
+++ b/21
@ -0,0 +1,21 @@
+{
+  "comments": [
+    {
+      "unresolved": true,
+      "key": {
+        "uuid": "ff5ea6f8_6cb69ee9",
+        "filename": "src/actions.yaml",
+        "patchSetId": 10
+      },
+      "lineNbr": 114,
+      "author": {
+        "id": 935
+      },
+      "writtenOn": "2024-01-10T11:36:38Z",
+      "side": 1,
+      "message": "Needs an update for the wording:\n\nProvide an alternative URL for the Certificate Revocation List (CRL) distribution point that is included in all certificates issued by Vault.  This relies on an external process to synchronise certificates revoked in Vault to this external distribution point and should only be used when the Vault infrastructure is not generally accessible to client endpoints used to access services secured by the Vault Intermediate CA.",
+      "revId": "958390ab9c7fdcd8ff24ce2410a8664d442c1e3f",
+      "serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
+    }
+  ]
+}
--- a/24
+++ b/24
@ -149,6 +149,30 @@
      },
      "revId": "b2d1dddc27f8f71382a2ff68f56470b51dcdf986",
      "serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
+    },
+    {
+      "unresolved": true,
+      "key": {
+        "uuid": "fa0f12ef_612c0767",
+        "filename": "src/lib/charm/vault_pki.py",
+        "patchSetId": 2
+      },
+      "lineNbr": 206,
+      "author": {
+        "id": 935
+      },
+      "writtenOn": "2024-01-10T11:36:38Z",
+      "side": 1,
+      "message": "I had a think about the singularity question today - I think this is OK and reflects a potential deployment scenario where the Vault infrastructure is not directly accessible from client endpoints using the services that it has issued certificates for.\n\nHaving a global/enterprise CRL distribution point that is generally accessible makes sense in this case - however there is a manual process needed to sync certificates revoked in vault into whatever is managing this different distribution point.\n\nI\u0027ve suggested an updated to the action parameter description to explain this better.",
+      "parentUuid": "d90ea1e8_e2babb72",
+      "range": {
+        "startLine": 206,
+        "startChar": 41,
+        "endLine": 206,
+        "endChar": 42
+      },
+      "revId": "b2d1dddc27f8f71382a2ff68f56470b51dcdf986",
+      "serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
    }
  ]
 }