From 099bd281e18e0f2a991f9751d7eb4d0149fe72b4 Mon Sep 17 00:00:00 2001 From: "chef-expeditor[bot]" <49165653+chef-expeditor[bot]@users.noreply.github.com> Date: Tue, 31 Oct 2023 09:36:14 -0400 Subject: [PATCH] Bump Hugo module automate to latest current release (61e0a5d70b2cbc2dff06ccab5c1b69a1f38c62c5). (#4197) This pull request was triggered automatically via Expeditor. This change falls under the obvious fix policy so no Developer Certificate of Origin (DCO) sign-off is required. Co-authored-by: Chef Expeditor --- .../content/automate/ha_cert_rotation.md | 51 +++++++++++++------ .../content/automate/ha_cert_selfsign.md | 8 ++- .../chef-automate_service-versions.yaml | 5 ++ .../commands/chef-automate_status.yaml | 5 ++ .../commands/chef-automate_version.yaml | 37 ++++++++++++-- _vendor/modules.txt | 2 +- go.mod | 2 +- go.sum | 4 +- 8 files changed, 89 insertions(+), 25 deletions(-) diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_rotation.md b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_rotation.md index db7d8d7325..42a56844fa 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_rotation.md +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_rotation.md @@ -41,27 +41,35 @@ If you want to rotate certificates of the entire cluster, then you can follow th - To rotate certificates of automate cluster: -`chef-automate cert-rotate --public-cert --private-cert --a2` + ```cmd + chef-automate cert-rotate --public-cert --private-cert --a2 + ``` -You can also use `--automate` or `-a` instead of a2 flag + You can also use `--automate` or `-a` instead of a2 flag - To rotate certificates of chef server cluster: -`chef-automate cert-rotate --public-cert --private-cert --cs` + ```cmd + chef-automate cert-rotate --public-cert --private-cert --cs + ``` -You can also use `--chef_server`or `-c` instead of the cs flag. + You can also use `--chef_server`or `-c` instead of the cs flag. - To rotate certificates of the PostgreSQL cluster: -`chef-automate cert-rotate --public-cert --private-cert --root-ca --pg` + ```cmd + chef-automate cert-rotate --public-cert --private-cert --root-ca --pg + ``` -You can also use `--postgresql` or `-p` instead of the pg flag. + You can also use `--postgresql` or `-p` instead of the pg flag. - To rotate certificates of OpenSearch cluster: -`chef-automate cert-rotate --public-cert --private-cert --root-ca --admin-cert --admin-key --os` + ```cmd + chef-automate cert-rotate --public-cert --private-cert --root-ca --admin-cert --admin-key --os + ``` -You can also use `--opensearch` or `-o` instead of the os flag. + You can also use `--opensearch` or `-o` instead of the os flag. ### Rotate Certificates of Particular Node @@ -71,27 +79,38 @@ If you want to rotate certificates of a particular node, then you can follow the - To rotate the certificates of particular automate node: -`chef-automate cert-rotate --public-cert --private-cert --a2 --node ` + ```cmd + chef-automate cert-rotate --public-cert --private-cert --a2 --node + ``` -You can also use `--automate` or `-a` instead of a2 flag + You can also use `--automate` or `-a` instead of a2 flag - To rotate the certificates of particular chef server node: -`chef-automate cert-rotate --public-cert --private-cert --cs --node ` + ```cmd + chef-automate cert-rotate --public-cert --private-cert --cs --node + ``` -You can also use `--chef_server` or `-c` instead of the cs flag. + You can also use `--chef_server` or `-c` instead of the cs flag. - To rotate the certificates of a particular PostgreSQL node: -`chef-automate cert-rotate --public-cert --private-cert --pg --node ` + {{< note >}} While rotating cert for PG on node level, make sure to wait for sometime before executing cert-rotate for next node. {{< /note >}} + -You can also use `--postgresql` or `-p` instead of the pg flag. + ```cmd + chef-automate cert-rotate --public-cert --private-cert --pg --node + ``` + + You can also use `--postgresql` or `-p` instead of the pg flag. - To rotate the certificates of a particular OpenSearch node: -`chef-automate cert-rotate --public-cert --private-cert --os --node ` + ```cmd + chef-automate cert-rotate --public-cert --private-cert --os --node + ``` -You can also use `--opensearch` or `-o` instead of the os flag + You can also use `--opensearch` or `-o` instead of the os flag {{< note >}} Since admin-cert and admin-key are common in all nodes, So if you want to rotate admin-cert and admin-key, you must first run this open search cluster command: `chef-automate cert-rotate --public-cert --private-cert --root-ca --admin-cert --admin-key --os`{{< /note >}} diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_selfsign.md b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_selfsign.md index bbb7054d9a..c6a86a8961 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_selfsign.md +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/content/automate/ha_cert_selfsign.md @@ -51,7 +51,7 @@ You can create a self-signed key and certificate pair with the **OpenSSL** utili echo extendedKeyUsage = clientAuth, serverAuth > client_cert_ext.cnf echo subjectAltName = DNS:chefclient >> client_cert_ext.cnf openssl genrsa -out root-ca-key.pem 2048 - openssl req -new -x509 -sha256 -key root-ca-key.pem -subj "/C=US/ST=Washington/L=Seattle/O=Chef Software Inc/CN=progress" -out root-ca.pem -days 1095 + openssl req -new -x509 -sha256 -key root-ca-key.pem -subj "/C=US/ST=Washington/L=Seattle/O=Chef Software Inc/CN=progress" -out root-ca.pem -days 1095 -addext basicConstraints=CA:TRUE # Admin cert openssl genrsa -out admin-key-temp.pem 2048 @@ -82,6 +82,12 @@ You can create a self-signed key and certificate pair with the **OpenSSL** utili {{< note >}} +To create self-signed certificate for FQDN make sure to provide proper DNS and CN value. The DNS in Subject Alternative Name should match with the CN (Comman Name) + +{{< /note >}} + +{{< note >}} + Please refer Opensearch certificate [documentation](https://opensearch.org/docs/1.2/security-plugin/configuration/tls/#x509-pem-certificates-and-pkcs-8-keys) {{< /note >}} \ No newline at end of file diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/data/automate/cli_chef_automate/commands/chef-automate_service-versions.yaml b/_vendor/github.com/chef/automate/components/docs-chef-io/data/automate/cli_chef_automate/commands/chef-automate_service-versions.yaml index f5c1b74179..6b94cc8cab 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/data/automate/cli_chef_automate/commands/chef-automate_service-versions.yaml +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/data/automate/cli_chef_automate/commands/chef-automate_service-versions.yaml @@ -9,6 +9,11 @@ options: default_value: "false" usage: Shows service-versions for Automate nodes[DUPLICATE] compatible_with_options: AutomateHA +- name: accept-hab-license + default_value: "false" + usage: | + Pass this flag to accept hab license for PostgresQL/OpenSearch nodes and check service-versions + compatible_with_options: AutomateHA - name: automate shorthand: a default_value: "false" diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/data/automate/cli_chef_automate/commands/chef-automate_status.yaml b/_vendor/github.com/chef/automate/components/docs-chef-io/data/automate/cli_chef_automate/commands/chef-automate_status.yaml index 4f692d8280..8101027932 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/data/automate/cli_chef_automate/commands/chef-automate_status.yaml +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/data/automate/cli_chef_automate/commands/chef-automate_status.yaml @@ -8,6 +8,11 @@ options: default_value: "false" usage: Shows status from Automate nodes[DUPLICATE] compatible_with_options: AutomateHA +- name: accept-hab-license + default_value: "false" + usage: | + Pass this flag to accept hab license for PostgresQL/OpenSearch nodes and show status + compatible_with_options: AutomateHA - name: automate shorthand: a default_value: "false" diff --git a/_vendor/github.com/chef/automate/components/docs-chef-io/data/automate/cli_chef_automate/commands/chef-automate_version.yaml b/_vendor/github.com/chef/automate/components/docs-chef-io/data/automate/cli_chef_automate/commands/chef-automate_version.yaml index 7cc302a772..18645134c1 100644 --- a/_vendor/github.com/chef/automate/components/docs-chef-io/data/automate/cli_chef_automate/commands/chef-automate_version.yaml +++ b/_vendor/github.com/chef/automate/components/docs-chef-io/data/automate/cli_chef_automate/commands/chef-automate_version.yaml @@ -5,10 +5,27 @@ description: Show the CLI version. options: - name: a2 default_value: "false" - usage: Get only automate Status + usage: Shows the versions of Automate node(HA)[DUPLICATE] + compatible_with_options: AutomateHA +- name: automate + shorthand: a + default_value: "false" + usage: Shows the versions of Automate node(HA) + compatible_with_options: AutomateHA +- name: bastion + shorthand: b + default_value: "false" + usage: Shows the versions of bastion node(HA) + compatible_with_options: AutomateHA +- name: chef_server + shorthand: c + default_value: "false" + usage: Shows the versions of Chef-server node(HA) + compatible_with_options: AutomateHA - name: cs default_value: "false" - usage: Get only chef server Status + usage: Shows the versions of Chef-server node(HA)[DUPLICATE] + compatible_with_options: AutomateHA - name: help shorthand: h default_value: "false" @@ -17,12 +34,24 @@ options: usage: | Node Ip address. While using this flag, pass the node type as well. Example : chef-automate version --node 192.0.0.1 --cs compatible_with_options: AutomateHA +- name: opensearch + shorthand: o + default_value: "false" + usage: Shows the versions of OpenSearch node + compatible_with_options: AutomateHA - name: os default_value: "false" - usage: Get only opensearch Status + usage: Shows the versions of OpenSearch node[DUPLICATE] + compatible_with_options: AutomateHA - name: pg default_value: "false" - usage: Get only postgresql Status + usage: Shows the versions of PostgresQL node[DUPLICATE] + compatible_with_options: AutomateHA +- name: postgresql + shorthand: p + default_value: "false" + usage: Shows the versions of PostgresQL node + compatible_with_options: AutomateHA - name: verbose shorthand: v default_value: "false" diff --git a/_vendor/modules.txt b/_vendor/modules.txt index 9fe69831be..6c746e578e 100644 --- a/_vendor/modules.txt +++ b/_vendor/modules.txt @@ -1,4 +1,4 @@ -# github.com/chef/automate/components/docs-chef-io v0.0.0-20230925114325-98981657948f +# github.com/chef/automate/components/docs-chef-io v0.0.0-20231027151655-61e0a5d70b2c # github.com/chef/desktop-config/docs-chef-io v0.0.0-20230711052355-bad26ce3ac0b # github.com/habitat-sh/habitat/components/docs-chef-io v0.0.0-20230808222519-d0c20bbe8c45 # github.com/chef/chef-server/docs-chef-io v0.0.0-20230929110551-e5bebd3e433d diff --git a/go.mod b/go.mod index 41895de5c4..73c690991b 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/chef/chef-web-docs go 1.16 require ( - github.com/chef/automate/components/docs-chef-io v0.0.0-20230925114325-98981657948f // indirect + github.com/chef/automate/components/docs-chef-io v0.0.0-20231027151655-61e0a5d70b2c // indirect github.com/chef/chef-server/docs-chef-io v0.0.0-20230929110551-e5bebd3e433d // indirect github.com/chef/chef-workstation/docs-chef-io v0.0.0-20230906065503-8f1a978813f8 // indirect github.com/chef/compliance-profiles/docs-chef-io v0.0.0-20230904102656-f8fff0821d49 // indirect diff --git a/go.sum b/go.sum index 4435d97973..e301af69bc 100644 --- a/go.sum +++ b/go.sum @@ -1,8 +1,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/chef/automate/components/docs-chef-io v0.0.0-20230925114325-98981657948f h1:ar9pU9Wc5Z0h6f+KaznmxgTHXP24iArbAZv9jTYQZLw= -github.com/chef/automate/components/docs-chef-io v0.0.0-20230925114325-98981657948f/go.mod h1:juvLC7Rt33YOCgJ5nnfl4rWZRAbSwqjTbWmcAoA0LtU= +github.com/chef/automate/components/docs-chef-io v0.0.0-20231027151655-61e0a5d70b2c h1:qp3KGGBgifLcQFbci1bzNDNI8qoIwVLvRCuvSfzuCPI= +github.com/chef/automate/components/docs-chef-io v0.0.0-20231027151655-61e0a5d70b2c/go.mod h1:juvLC7Rt33YOCgJ5nnfl4rWZRAbSwqjTbWmcAoA0LtU= github.com/chef/chef-server/docs-chef-io v0.0.0-20230929110551-e5bebd3e433d h1:e9VRN2RQee3ali2dcqvkIhSf1UaL8vFNg70Hs1ZnBWE= github.com/chef/chef-server/docs-chef-io v0.0.0-20230929110551-e5bebd3e433d/go.mod h1:gMSa25GUHmLimA0gjvRd3hs1buOBqkKPrdHzHvaJauY= github.com/chef/chef-workstation/docs-chef-io v0.0.0-20230906065503-8f1a978813f8 h1:rMpqWWnaV+fzB5Qk+8sNdbMgBarjPmCGSF623V5SOqc=