add test keys/cert

Signed-off-by: Sally O'Malley <[email protected]>
securesign · Sep 29, 2023 · abd5176 · abd5176
1 parent 950f398
commit abd5176
Show file tree

Hide file tree

Showing 6 changed files with 34 additions and 3 deletions.
diff --git a/.gitignore b/.gitignore
@@ -4,6 +4,5 @@ Chart.lock
 *.swp
 
 keys-cert
-*.pem
 ./keys-cert/*.pem
 **ADMIN**
diff --git a/kind/kind-up-test.sh b/kind/kind-up-test.sh
@@ -38,9 +38,9 @@ kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main
 
 oc create ns fulcio-system
 oc create ns rekor-system
-oc -n fulcio-system create secret generic fulcio-secret-rh --from-file=private=./kind/test-keys-cert/file_ca_key.pem --from-file=public=./kind/test-keys-cert/file_ca_pub.pem --from-file=cert=./kind/test-keys-cert/fulcio-root.pem  --from-literal=password=secure --dry-run=client -o yaml | oc apply -f-
+oc -n fulcio-system create secret generic fulcio-secret-rh --from-file=private=./kind/testing-only-cert-key/file_ca_key.pem --from-file=public=./kind/testing-only-cert-key/file_ca_pub.pem --from-file=cert=./kind/testing-only-cert-key/fulcio-root.pem  --from-literal=password=secure --dry-run=client -o yaml | oc apply -f-
 
-oc -n rekor-system create secret generic rekor-private-key --from-file=private=./kind/test-keys-cert/rekor_key.pem --dry-run=client -o yaml | oc apply -f-
+oc -n rekor-system create secret generic rekor-private-key --from-file=private=./kind/testing-only-cert-key/rekor_key.pem --dry-run=client -o yaml | oc apply -f-
 
 # install charts
 #OPENSHIFT_APPS_SUBDOMAIN=localhost envsubst <  ./examples/values-kind-sigstore.yaml | helm upgrade -i trusted-artifact-signer --debug ./charts/trusted-artifact-signer -n sigstore --create-namespace --values -
diff --git a/kind/testing-only-cert-key/file_ca_key.pem b/kind/testing-only-cert-key/file_ca_key.pem
@@ -0,0 +1,8 @@
+-----BEGIN EC PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,57052BF0C94F8233
+
+iYxyAS5gRrPrdKDdEvzokWkp5z5swdqkxyuGx98gcMHnkJlW+sa53cAqqnLefNXO
+y/pROXH0PXhKg+5sMcwJCba8yf5obQOiqWsrH7ERb5SC+OmXvnIxTallp6fRw6W0
+jWRrqUp+QpQxfdKwSrLMYVPQw8e9iVewNZkZxPC0YVI=
+-----END EC PRIVATE KEY-----
diff --git a/kind/testing-only-cert-key/file_ca_pub.pem b/kind/testing-only-cert-key/file_ca_pub.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE+l00SWziQVPM+ubkppU3gSpdJnzd
+hDqojvHYY6GRTDTZcFlU24mouB/ARzT1eS6giaFbehlg5QEm6GhfWdbiww==
+-----END PUBLIC KEY-----
diff --git a/kind/testing-only-cert-key/fulcio-root.pem b/kind/testing-only-cert-key/fulcio-root.pem
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICTjCCAfOgAwIBAgIUW9JM5WZNic2pGCTv6jYea2xBprQwCgYIKoZIzj0EAwIw
+fDELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBU1haW5lMREwDwYDVQQHDAhQb3J0bGFu
+ZDEQMA4GA1UECgwHUmVkIEhhdDEUMBIGA1UEAwwLc2lnc3RvcmUuZXoxIjAgBgkq
+hkiG9w0BCQEWE3NvbWFsbGV5QHJlZGhhdC5jb20wHhcNMjMwOTI2MTgyNTEwWhcN
+MjQwOTI1MTgyNTEwWjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFTWFpbmUxETAP
+BgNVBAcMCFBvcnRsYW5kMRAwDgYDVQQKDAdSZWQgSGF0MRQwEgYDVQQDDAtzaWdz
+dG9yZS5lejEiMCAGCSqGSIb3DQEJARYTc29tYWxsZXlAcmVkaGF0LmNvbTBZMBMG
+ByqGSM49AgEGCCqGSM49AwEHA0IABPpdNEls4kFTzPrm5KaVN4EqXSZ83YQ6qI7x
+2GOhkUw02XBZVNuJqLgfwEc09XkuoImhW3oZYOUBJuhoX1nW4sOjUzBRMB0GA1Ud
+DgQWBBTXTK85svHwwn0vEmkp5+rvF9yL8jAfBgNVHSMEGDAWgBTXTK85svHwwn0v
+Emkp5+rvF9yL8jAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0kAMEYCIQDO
+lLxcAuWYU2GqCG2XMaEEIIOX5ns5sf11MY6NdGcBngIhAMvOa1BZ7XYEGHj0G17y
+lAqCBO3yklG3WNHoj8Hm4YGZ
+-----END CERTIFICATE-----
diff --git a/kind/testing-only-cert-key/rekor_key.pem b/kind/testing-only-cert-key/rekor_key.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEICnmFR7rXoJ3QujB9SzrKbVtXCikPXtEb2rs8EGgzYrSoAoGCCqGSM49
+AwEHoUQDQgAEnItR5lDp+1fPho5A2npEr9CygZ3lVGXB6jc0MAS/bez9PxUlPacS
+XrlASWbaMaLIoporoKnYhoGHd1oiiVq1lg==
+-----END EC PRIVATE KEY-----