From 98c74effbfc3d49512f3af0ea1292f26d2dbcb48 Mon Sep 17 00:00:00 2001 From: Marcos Yacob Date: Sat, 12 Oct 2024 10:12:53 -0300 Subject: [PATCH] update readme Signed-off-by: Marcos Yacob --- .../suites/force-rotation-jwt-authority/README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/test/integration/suites/force-rotation-jwt-authority/README.md b/test/integration/suites/force-rotation-jwt-authority/README.md index 90ffd64ac5..63448f8e72 100644 --- a/test/integration/suites/force-rotation-jwt-authority/README.md +++ b/test/integration/suites/force-rotation-jwt-authority/README.md @@ -1,12 +1,12 @@ -# Force rotation with Upstream Authority Test Suite +# Force rotation with JWT Authority Test Suite ## Description -This test suite configures a disk-based Upstream Authority to validate the forced rotation and revocation of X.509 authorities. +This test suite configures a single SPIRE Server and Agent to validate the forced rotation and revocation of JWT authorities. ## Test steps -1. **Prepare a new X.509 authority**: Verify that a new X.509 authority is successfully created. -2. **Activate the new X.509 authority**: Ensure that the new X.509 authority becomes the active authority. -3. **Taint the old X.509 authority**: Confirm that the old X.509 authority is marked as tainted, and verify that the taint instruction is propagated to the agent, triggering the rotation of all X.509 SVIDs. -4. **Revoke the tainted X.509 authority**: Validate that the revocation instruction is propagated to the agent and that all the SVIDs have the revoked authority removed. +1. **Prepare a new JWT authority**: Verify that a new JWT authority is successfully created. +2. **Activate the new JWT authority**: Ensure that the new JWT authority becomes the active authority. +3. **Taint the old JWT authority**: Confirm that the old JWT authority is marked as tainted, and verify that the taint instruction is propagated to the agent, triggering the deletion of any JWT-SVID signed by tainted authority. +4. **Revoke the tainted JWT authority**: Validate that the revocation instruction is propagated to the agent and that all the JWT-SVIDs have the revoked authority removed.