falcoctl install tls: new features and testing
alacuku opened this issue · 5 comments
falcoctl can be used to generate TLS certificates using the falcoctl install tls command. Currently the following are the flags supported by the command:
Flags:
--country string The country to self sign the TLS cert with (default "US")
-d, --days int The number of days to make self signed TLS cert valid for (default 365)
-h, --help help for tls
-n, --name string The name to self sign the TLS cert with (default "localhost")
-o, --org string The org to self sign the TLS cert with (default "falcosecurity")
-p, --path string The path to write the TLS cert toWhat would you like to be added:
I think the following flags/options should be added to the tls command:
--rsa-bits: Size of the RSA key to generate;--host: A comma-separated hostnames and/or IPs to generate the certificate for;--ecdsa-curve: ECDSA curve to use to generate a key. (currently, falcoctl uses only RSA);
Tests
Furthermore, the tls commands is lacking adequate tests, it would be super nice to write unit tests for its packages.
Why is this needed:
The new flags will allow the users to create more flexible TLS certificates.
/good-first-issue
@alacuku:
This request has been marked as suitable for new contributors.
Please ensure the request meets the requirements listed here.
If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-good-first-issue command.
In response to this:
/good-first-issue
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/falcosecurity/community.
/lifecycle stale
/remove-lifecycle stale