UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects
Commit dee74f42 authored by Nigel Bazzeghin's avatar Nigel Bazzeghin
Browse files

Merge branch '291-ca-cert-update' into 'main' 

add cert  trust chain

See merge request !339
parents 8b022340 143382b1
No related branches found
Tags 8.2.9-bb.4
1 merge request!339add cert trust chain
Pipeline #3691637 passed
Stage: ⚙️ configuration validation
Stage: 🤞 package tests
Stage: 📦 package
Stage: 🚀 release
Hide whitespace changes
Inline Side-by-side
CHANGELOG.md
+ 6
0
View file @ dee74f42
......@@ -3,6 +3,12 @@
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
---
## [8.2.9-bb.4] (2024-10-22)
### Added
- added trust chain for "ca-certs-entrust-federal-ssp-trust-chain-3"
## [8.2.9-bb.3] (2024-10-22)
### Changed
......
README.md
+ 24
23
View file @ dee74f42
<!-- Warning: Do not manually edit this file. See notes on gluon + helm-docs at the end of this file for more information. -->
# gitlab
![Version: 8.2.9-bb.3](https://img.shields.io/badge/Version-8.2.9--bb.3-informational?style=flat-square) ![AppVersion: v17.2.9](https://img.shields.io/badge/AppVersion-v17.2.9-informational?style=flat-square)
![Version: 8.2.9-bb.4](https://img.shields.io/badge/Version-8.2.9--bb.4-informational?style=flat-square) ![AppVersion: v17.2.9](https://img.shields.io/badge/AppVersion-v17.2.9-informational?style=flat-square)
GitLab is the most comprehensive AI-powered DevSecOps Platform.
......@@ -12,7 +12,7 @@ GitLab is the most comprehensive AI-powered DevSecOps Platform.
## Upstream Release Notes
- The [upstream chart's release notes](https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/CHANGELOG.md) may help when reviewing this package.
The [upstream chart's release notes](https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/CHANGELOG.md) may help when reviewing this package.
## Learn More
......@@ -25,9 +25,9 @@ GitLab is the most comprehensive AI-powered DevSecOps Platform.
- Kubernetes config installed in `~/.kube/config`
- Helm installed
- Install Helm
Install Helm
- https://helm.sh/docs/intro/install/
https://helm.sh/docs/intro/install/
## Deployment
......@@ -378,23 +378,24 @@ helm install gitlab chart/
| global.certificates.customCAs[10].secret | string | `"ca-certs-digicert-nfi-trust-chain-2"` | |
| global.certificates.customCAs[11].secret | string | `"ca-certs-entrust-federal-ssp-trust-chain-1"` | |
| global.certificates.customCAs[12].secret | string | `"ca-certs-entrust-federal-ssp-trust-chain-2"` | |
| global.certificates.customCAs[13].secret | string | `"ca-certs-entrust-managed-service-nfi"` | |
| global.certificates.customCAs[14].secret | string | `"ca-certs-exostar-llc"` | |
| global.certificates.customCAs[15].secret | string | `"ca-certs-identrust-nfi"` | |
| global.certificates.customCAs[16].secret | string | `"ca-certs-lockheed-martin"` | |
| global.certificates.customCAs[17].secret | string | `"ca-certs-netherlands-ministry-of-defence"` | |
| global.certificates.customCAs[18].secret | string | `"ca-certs-northrop-grumman"` | |
| global.certificates.customCAs[19].secret | string | `"ca-certs-raytheon-trust-chain-1"` | |
| global.certificates.customCAs[20].secret | string | `"ca-certs-raytheon-trust-chain-2"` | |
| global.certificates.customCAs[21].secret | string | `"ca-certs-us-treasury-ssp-trust-chain-1"` | |
| global.certificates.customCAs[22].secret | string | `"ca-certs-us-treasury-ssp-trust-chain-2"` | |
| global.certificates.customCAs[23].secret | string | `"ca-certs-verizon-cybertrust-federal-ssp"` | |
| global.certificates.customCAs[24].secret | string | `"ca-certs-widepoint-federal-ssp-trust-chain-1"` | |
| global.certificates.customCAs[25].secret | string | `"ca-certs-widepoint-federal-ssp-trust-chain-2"` | |
| global.certificates.customCAs[26].secret | string | `"ca-certs-widepoint-nfi"` | |
| global.certificates.customCAs[27].secret | string | `"ca-certs-dod-intermediate-and-issuing-ca-certs"` | |
| global.certificates.customCAs[28].secret | string | `"ca-certs-dod-trust-anchors-self-signed"` | |
| global.certificates.customCAs[29].secret | string | `"ca-certs-eca"` | |
| global.certificates.customCAs[13].secret | string | `"ca-certs-entrust-federal-ssp-trust-chain-3"` | |
| global.certificates.customCAs[14].secret | string | `"ca-certs-entrust-managed-service-nfi"` | |
| global.certificates.customCAs[15].secret | string | `"ca-certs-exostar-llc"` | |
| global.certificates.customCAs[16].secret | string | `"ca-certs-identrust-nfi"` | |
| global.certificates.customCAs[17].secret | string | `"ca-certs-lockheed-martin"` | |
| global.certificates.customCAs[18].secret | string | `"ca-certs-netherlands-ministry-of-defence"` | |
| global.certificates.customCAs[19].secret | string | `"ca-certs-northrop-grumman"` | |
| global.certificates.customCAs[20].secret | string | `"ca-certs-raytheon-trust-chain-1"` | |
| global.certificates.customCAs[21].secret | string | `"ca-certs-raytheon-trust-chain-2"` | |
| global.certificates.customCAs[22].secret | string | `"ca-certs-us-treasury-ssp-trust-chain-1"` | |
| global.certificates.customCAs[23].secret | string | `"ca-certs-us-treasury-ssp-trust-chain-2"` | |
| global.certificates.customCAs[24].secret | string | `"ca-certs-verizon-cybertrust-federal-ssp"` | |
| global.certificates.customCAs[25].secret | string | `"ca-certs-widepoint-federal-ssp-trust-chain-1"` | |
| global.certificates.customCAs[26].secret | string | `"ca-certs-widepoint-federal-ssp-trust-chain-2"` | |
| global.certificates.customCAs[27].secret | string | `"ca-certs-widepoint-nfi"` | |
| global.certificates.customCAs[28].secret | string | `"ca-certs-dod-intermediate-and-issuing-ca-certs"` | |
| global.certificates.customCAs[29].secret | string | `"ca-certs-dod-trust-anchors-self-signed"` | |
| global.certificates.customCAs[30].secret | string | `"ca-certs-eca"` | |
| global.kubectl.image.repository | string | `"registry1.dso.mil/ironbank/gitlab/gitlab/kubectl"` | |
| global.kubectl.image.tag | string | `"17.2.9"` | |
| global.kubectl.image.pullSecrets[0].name | string | `"private-registry"` | |
......@@ -439,12 +440,12 @@ helm install gitlab chart/
| nginx-ingress-geo.<<.enabled | bool | `false` | |
| nginx-ingress.tcpExternalConfig | string | `"true"` | |
| nginx-ingress-geo.<<.tcpExternalConfig | string | `"true"` | |
| nginx-ingress-geo.controller.<<.addHeaders.Referrer-Policy | string | `"strict-origin-when-cross-origin"` | |
| nginx-ingress.controller.addHeaders.Referrer-Policy | string | `"strict-origin-when-cross-origin"` | |
| nginx-ingress-geo.<<.controller.addHeaders.Referrer-Policy | string | `"strict-origin-when-cross-origin"` | |
| nginx-ingress-geo.controller.<<.config.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` | |
| nginx-ingress-geo.controller.<<.addHeaders.Referrer-Policy | string | `"strict-origin-when-cross-origin"` | |
| nginx-ingress-geo.<<.controller.config.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` | |
| nginx-ingress.controller.config.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` | |
| nginx-ingress-geo.controller.<<.config.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` | |
| nginx-ingress-geo.controller.config.<<.annotation-value-word-blocklist | string | `"load_module,lua_package,_by_lua,location,root,proxy_pass,serviceaccount,{,},',\""` | |
| nginx-ingress-geo.controller.config.<<.hsts | string | `"true"` | |
| nginx-ingress-geo.<<.controller.config.hsts | string | `"true"` | |
......
chart/Chart.yaml
+ 1
1
View file @ dee74f42
---
apiVersion: v1
name: gitlab
version: 8.2.9-bb.3
version: 8.2.9-bb.4
appVersion: v17.2.9
description: GitLab is the most comprehensive AI-powered DevSecOps Platform.
keywords:
......
chart/bigbang/DoD_CA_certs/Entrust_Federal_SSP/Trust_Chain_3/1-Entrust_Managed_Services_Root_CA.cer 0 → 100644
+ 25
0
View file @ dee74f42
-----BEGIN CERTIFICATE-----
MIIESDCCAzCgAwIBAgIERIGyKzANBgkqhkiG9w0BAQsFADBuMQswCQYDVQQGEwJV
UzEQMA4GA1UEChMHRW50cnVzdDEiMCAGA1UECxMZQ2VydGlmaWNhdGlvbiBBdXRo
b3JpdGllczEpMCcGA1UECxMgRW50cnVzdCBNYW5hZ2VkIFNlcnZpY2VzIFJvb3Qg
Q0EwHhcNMjMwNzExMjA0ODQ2WhcNMzAxMjExMjExODQ2WjBuMQswCQYDVQQGEwJV
UzEQMA4GA1UEChMHRW50cnVzdDEiMCAGA1UECxMZQ2VydGlmaWNhdGlvbiBBdXRo
b3JpdGllczEpMCcGA1UECxMgRW50cnVzdCBNYW5hZ2VkIFNlcnZpY2VzIFJvb3Qg
Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh8nnc23l3ypxGgcXD
1eFMYMxKf0x+jmERnuK17RCBNMOoW+ACGlPLacJZMxlzNuvIepaI2aYJr4A3ly7a
hCHiCHmuiQyPpPKsgwMrp+7juvL6dsx6hyZXdcO80UO58py4l5ExmgQPe61/LXlg
g7MRK0nxkWRBmwp3M+zQWGiGTRqM8DemwTWQ2xc78wl5etEbf8H5xtPcnrG6/7RZ
ctXXmW12ov3nsQsBnypediJcE5jr6ibclwRkAMJcSCqlyinx/3Nd7ZjrYCvLJMql
J1/jBy5kZauQ3S9MgYbzaDexnQww3YL4PPQMA1BZGCzc7L6YbZPWUDWUypHLnO6L
+Zc1AgMBAAGjge0wgeowXwYIKwYBBQUHAQsEUzBRME8GCCsGAQUFBzAFhkNodHRw
Oi8vcm9vdHdlYi5tYW5hZ2VkLmVudHJ1c3QuY29tL1NJQS9DQWNlcnRzSXNzdWVk
QnlFTVNSb290Q0EucDdjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG
MEcGA1UdHwRAMD4wPKA6oDiGNmh0dHA6Ly9yb290d2ViLm1hbmFnZWQuZW50cnVz
dC5jb20vQ1JMcy9FTVNSb290Q0E0LmNybDAdBgNVHQ4EFgQUHCH145WxdX4Gh063
sOgzsdiKC2UwDQYJKoZIhvcNAQELBQADggEBALloQxqFpitQkBhylYQ5rXcTZpXF
VhC0xID1Ds6X8C+UeXC++9nJSgZNWIvlxZ0hURc/wMIPPmrdNTva5y8iAlFL9Ly4
R4ryuCPO/EyJws1H9y/BEnELX1nhHUNxXsPbHGuF6JEfg/er8N73Bc0OEXYtXCGt
NaSMCCJw0BM3djrnxvk4U3pC07BtYsavDtgsc9S1lQBxO2rW/kRLuLh7nW7TVSHw
vKZmQIYvlxRNnmRmCwToGHd2r+JjgRjyDxYjFtvrf4kguNgM1ByonGsUGs1jSwdJ
E7++XFI0+8jOrknWHkrOHPcjK8Z0RZlAgZNYtnOsCspZf+VdJ3vlYhljGyM=
-----END CERTIFICATE-----
chart/bigbang/DoD_CA_certs/Entrust_Federal_SSP/Trust_Chain_3/2-Entrust_Managed_Services_SSP_CA.cer 0 → 100644
+ 30
0
View file @ dee74f42
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIERIGyLzANBgkqhkiG9w0BAQsFADBuMQswCQYDVQQGEwJV
UzEQMA4GA1UEChMHRW50cnVzdDEiMCAGA1UECxMZQ2VydGlmaWNhdGlvbiBBdXRo
b3JpdGllczEpMCcGA1UECxMgRW50cnVzdCBNYW5hZ2VkIFNlcnZpY2VzIFJvb3Qg
Q0EwHhcNMjMwNzExMjEzMzMxWhcNMzAxMTExMjIwMzMxWjBtMQswCQYDVQQGEwJV
UzEQMA4GA1UEChMHRW50cnVzdDEiMCAGA1UECxMZQ2VydGlmaWNhdGlvbiBBdXRo
b3JpdGllczEoMCYGA1UECxMfRW50cnVzdCBNYW5hZ2VkIFNlcnZpY2VzIFNTUCBD
QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMAGndnOscVr13p4WiQI
Pt893DK1LeACg6qgW636I8VLlJGJQwao4lrT1kajgKR2Wx4KLMv6yKmqUfUuAoyq
PEHaDNVpWTqKI6g5m3Hckq73Sr8fIGxVMzi5qxxyll2SKvNh+qQnloFSKmSerF6d
nkaIfMOb3FH21akkYdwnQkAdsETmjfhiowapyd2LJzsuhWFybaNHJBYb1cUeNlGS
StD0gMmkHZqKll+LW+LAJJW18KXf8IT6QTTlb6syemcXUHkxFPtgsupWnhzuoo2k
yUFXiCmACvD1aBT06OCK/qhAO5Aif98ejzzf/Y9yFiJyigY2D2YVONp+j52DLZvI
7DMCAwEAAaOCAdMwggHPMA4GA1UdDwEB/wQEAwIBBjB5BgNVHSAEcjBwMAwGCmCG
SAFlAwIBAwYwDAYKYIZIAWUDAgEDBzAMBgpghkgBZQMCAQMIMAwGCmCGSAFlAwIB
Aw0wDAYKYIZIAWUDAgEDETAMBgpghkgBZQMCAQMnMAwGCmCGSAFlAwIBAygwDAYK
YIZIAWUDAgEDKTASBgNVHRMBAf8ECDAGAQH/AgEAMIGkBggrBgEFBQcBAQSBlzCB
lDBNBggrBgEFBQcwAoZBaHR0cDovL3Jvb3R3ZWIubWFuYWdlZC5lbnRydXN0LmNv
bS9BSUEvQ2VydHNJc3N1ZWRUb0VNU1Jvb3RDQS5wN2MwQwYIKwYBBQUHMAGGN2h0
dHA6Ly9vY3NwLm1hbmFnZWQuZW50cnVzdC5jb20vT0NTUC9FTVNSb290Q0FSZXNw
b25kZXIwRwYDVR0fBEAwPjA8oDqgOIY2aHR0cDovL3Jvb3R3ZWIubWFuYWdlZC5l
bnRydXN0LmNvbS9DUkxzL0VNU1Jvb3RDQTQuY3JsMB8GA1UdIwQYMBaAFBwh9eOV
sXV+BodOt7DoM7HYigtlMB0GA1UdDgQWBBSbf7YpDdHvrjJAb/jC2Xy0wJdQljAN
BgkqhkiG9w0BAQsFAAOCAQEA1vUT2MZh/9O2onlBBakuMo0vGE6898nSJWnftaUt
coCmHvMcT1URGxv7pb9oap4aXq37IItLpw5Fp/0hncaX0ebivk3FiY28mHEm1Bpr
cx+Ooo0Yfg0y2ShRDMUpYdy4QvCggwewvKgv8A9tGTHlsWAgd/WctcIjwGxH9YYK
yOYEYQVZACFNAist3WCrnp65JpEJIyerpxGNQJMqDTFSABt8pTy/5u3OP8N/KiEW
sB/OBQidSSnUdpHGinY6G+5tXxOAKbUM5qWkAGpg5NEyZLbIVMrGbU11F8INIz3o
VBd4nYfYZ3vNgNMHnhHgxFWs0uxiXK+TBD0Qc1ycCX+B3A==
-----END CERTIFICATE-----
chart/values.yaml
+ 1
0
View file @ dee74f42
......@@ -846,6 +846,7 @@ global:
- secret: ca-certs-digicert-nfi-trust-chain-2
- secret: ca-certs-entrust-federal-ssp-trust-chain-1
- secret: ca-certs-entrust-federal-ssp-trust-chain-2
- secret: ca-certs-entrust-federal-ssp-trust-chain-3
- secret: ca-certs-entrust-managed-service-nfi
- secret: ca-certs-exostar-llc
- secret: ca-certs-identrust-nfi
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

UNCLASSIFIED - NO CUI