Re: [Pki-devel] [PATCH] 0017 Enable Authority Key Identifier CRL extension

On 12/18/2014 7:59 AM, Fraser Tweedale wrote: I have some comments: 1. The upgrade script will run automatically when you install the RPM. There's no opt-out mechanism with automatic upgrade, so the behavior of existing instances will change. If this is not what we want, we should not add an upgrade script. 2. The path to CS.cfg can be constructed like this: cfg_path = os.path.join(subsystem.conf_dir, 'CS.cfg') 3. The existing CS.cfg should be backed up before doing anything with it using this command: self.backup(cfg_path) 4. Ideally the CS.cfg should be read with a proper CS.cfg parser (e.g. in case it has multi-line properties). But since the parser only exists in Java and we're only modifying a simple property this is fine. 5. If this is going to be added into 10.2.2 you should create an empty common/upgrade/10.2.2 folder with a .gitignore file (just copy from another folder). If this is going to be added into 10.2.1 the script should be moved into server/upgrade/10.2.1 and be renamed to 02-EnableCRLAKIExtension. This patch is conditionally ACKed pending changes to address item #2, #3, and #5. -- Endi S. Dewata