Closed Bug 1291720 Opened 9 years ago Closed 7 years ago

use https to serve reviewboard in the dev environment

Categories

(MozReview Graveyard :: Testing / Development Environment, defect)

Product:
MozReview Graveyard
Component:
Testing / Development Environment
Version:
Production
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: glob, Assigned: glob)

References

Details

in order to support service workers, our dev environment needs to use http instead of https. i was chatting with zalun about this, and we figure this could work by: - creating certs for a CA and storing that in-tree - use that CA + openssl to issue a cert against the exposed ip address of the rbweb container - update httpd to use ssl (including a redirect from http) - update docs to show how to allow all certs issued by the in-tree CA
This is going to be a PITA to change. I vote for generating certificates at cluster creation time. The CA cert could be vendored in the tree. But you could also generate that at cluster creation time. A problem either way becomes having tools outside of the Docker environment talk to TLS endpoints: they'll need to trust our custom CA and that means installing a bad CA outside of the Docker environment. That means potentially compromising your system security. e.g. if we vendor the CA and install the CA in Firefox to facilitate development/testing, anyone in the world could use that CA to generate a cert for e.g. bugzilla.mozilla.org and Firefox may not give connection security warnings on that developer's machine. Something to watch out for.
Blocks: 1296656
smacleod and i were discussing this and came up with something that might just work. when a developer first builds a mozreview dev environment (ie. create-test-environment) we generate a CA and store it in the user's home directory (eg. under ~/.mozbuild). that CA is used the issue certificates within the mozreview dev env(s), and can be added as a trusted CA to their browser without the risk gps raised in comment 1. we'd also have to ensure that all parts of the test scripts are configured to trust all https certificates.
I think generating a global, per-user CA for the mozreview dev environments would be acceptable. It isn't as secure as a new CA for each cluster instance. But it is insanely better for developer ergonomics. Since the CA is local to your machine, it shouldn't create too much exposure to phishing attacks (n a way a source-vendored CA would). +1
Assignee: nobody → glob
mozreview is going away – wontfix'ing
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.