Also disassociate LE certs we don't need any more.
For golang/go#49191.
Change-Id: I74acf2f2f52fbf91670d27d91112136450f81944
Reviewed-on: https://go-review.googlesource.com/c/build/+/359479
Trust: Heschi Kreinick <heschi@google.com>
Run-TryBot: Heschi Kreinick <heschi@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Enable self-signed HTTPS, and configure the Service and Ingress to do
HTTP/2 over that port.
Also fix various silly mistakes and typos that I discovered while
rolling out the previous change.
For #49191.
Change-Id: If4f308d0e79a94a480ba97b27b5a503cf2aeff2e
Reviewed-on: https://go-review.googlesource.com/c/build/+/358914
Trust: Heschi Kreinick <heschi@google.com>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Reviewed-by: Alexander Rakoczy <alex@golang.org>
Following:
https://cloud.google.com/kubernetes-engine/docs/concepts/ingresshttps://cloud.google.com/kubernetes-engine/docs/how-to/managed-certs
Create an Ingress with HTTPS redirects enabled.
For each of build, dev, gerritbot, maintner:
- Add three certs: the new Google-managed cert, plus the two old LE certs.
- Add an ingress rule for the host, and a new internal Service it maps to.
- Disable our own HTTPS redirects, since the ingress terminates HTTPS.
They will be accessible via HTTP for the duration of the migration;
they don't serve anything sensitive anyway.
dev-test.golang.org is already rolled out using only a Google-managed
cert, so you can try HTTP and HTTPS directly there. I've also verified
that the LE certs are served:
curl -v --resolve dev.golang.org:443:34.149.223.5 https://dev.golang.org/
Change-Id: I20f3c92ffb00dbd9066822f748508013b68d5483
Reviewed-on: https://go-review.googlesource.com/c/build/+/355670
Trust: Heschi Kreinick <heschi@google.com>
Trust: Alexander Rakoczy <alex@golang.org>
Run-TryBot: Heschi Kreinick <heschi@google.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Alexander Rakoczy <alex@golang.org>
Reviewed-by: Carlos Amedee <carlos@golang.org>
Heschi Kreinick