metacrypt

mc/metacrypt

Fork 0

Commit Graph

Author	SHA1	Message	Date
Kyle Isom	d574685b99	Add certificate revocation, deletion, and retrieval Admins can now revoke or delete certificate records from the cert detail page in the web UI. Revoked certificates display a [REVOKED] badge and show revocation metadata (time and actor). Deletion redirects to the issuer page. The REST API gains three new authenticated endpoints that mirror the gRPC surface: GET /v1/ca/{mount}/cert/{serial} (auth required) POST /v1/ca/{mount}/cert/{serial}/revoke (admin only) DELETE /v1/ca/{mount}/cert/{serial} (admin only) The CA engine stores revocation state (revoked, revoked_at, revoked_by) directly in the existing CertRecord barrier entry. The proto CertRecord message is extended with the same three fields (field numbers 10–12). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-03-15 13:37:54 -07:00
Kyle Isom	8215aaccc5	Add grpcserver test coverage - Add comprehensive test file for internal/grpcserver package - Cover interceptors, system, engine, policy, and auth handlers - Cover pbToRule/ruleToPB conversion helpers - 37 tests total; CA/PKI/ACME and Login/Logout skipped (require live deps) Co-authored-by: Junie <junie@jetbrains.com>	2026-03-15 13:07:42 -07:00
Kyle Isom	44e5e6e174	Checkpoint: auth, engine, seal, server, grpc updates Co-authored-by: Junie <junie@jetbrains.com>	2026-03-15 10:15:47 -07:00

Author

SHA1

Message

Date

Kyle Isom

d574685b99

Add certificate revocation, deletion, and retrieval

Admins can now revoke or delete certificate records from the cert detail
page in the web UI. Revoked certificates display a [REVOKED] badge and
show revocation metadata (time and actor). Deletion redirects to the
issuer page.

The REST API gains three new authenticated endpoints that mirror the
gRPC surface:
  GET    /v1/ca/{mount}/cert/{serial}         (auth required)
  POST   /v1/ca/{mount}/cert/{serial}/revoke  (admin only)
  DELETE /v1/ca/{mount}/cert/{serial}         (admin only)

The CA engine stores revocation state (revoked, revoked_at, revoked_by)
directly in the existing CertRecord barrier entry. The proto CertRecord
message is extended with the same three fields (field numbers 10–12).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-03-15 13:37:54 -07:00

Kyle Isom

8215aaccc5

Add grpcserver test coverage

- Add comprehensive test file for internal/grpcserver package
- Cover interceptors, system, engine, policy, and auth handlers
- Cover pbToRule/ruleToPB conversion helpers
- 37 tests total; CA/PKI/ACME and Login/Logout skipped (require live deps)

Co-authored-by: Junie <junie@jetbrains.com>

2026-03-15 13:07:42 -07:00

Kyle Isom

44e5e6e174

Checkpoint: auth, engine, seal, server, grpc updates

Co-authored-by: Junie <junie@jetbrains.com>

2026-03-15 10:15:47 -07:00

3 Commits