)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":31749,"name":"James Gibson","email":"james.gibson@bbc.co.uk","username":"jamesgibo"},"change_message_id":"c34d4136630daa33545143025c8a64f8d3b6e890","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"3a6ed54f_284efafc","updated":"2021-12-06 17:27:19.000000000","message":"recheck","commit_id":"ae12b72b5e17ad19be142ef32431b33f734c94df"},{"author":{"_account_id":28619,"name":"Dmitriy Rabotyagov","email":"noonedeadpunk@gmail.com","username":"noonedeadpunk"},"change_message_id":"3f0a76478f2153896521b51e4ab9a5286f79694e","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":1,"id":"4eef9e73_c5ad7c9f","updated":"2021-12-06 17:31:36.000000000","message":"would be also great to have a release note for this feature","commit_id":"ae12b72b5e17ad19be142ef32431b33f734c94df"},{"author":{"_account_id":31749,"name":"James Gibson","email":"james.gibson@bbc.co.uk","username":"jamesgibo"},"change_message_id":"66eacb3ed13e726bfff375b2e6144646587ca46c","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":2,"id":"80ac6b9f_65777dd4","updated":"2021-12-08 08:30:26.000000000","message":"Added a release note","commit_id":"7ee0673eaf7516b43899e03ce67242bfdadfe9f2"}],"releasenotes/notes/add-tls-413a54ac7e363b52.yaml":[{"author":{"_account_id":25023,"name":"Jonathan Rosser","email":"jonathan.rosser@rd.bbc.co.uk","username":"jrosser"},"change_message_id":"013ab123a32a6dfb05b9414774c2e536097e3910","unresolved":true,"context_lines":[{"line_number":1,"context_line":"---"},{"line_number":2,"context_line":"features:"},{"line_number":3,"context_line":"  - |"},{"line_number":4,"context_line":"    Added variable `uwsgi_tls` which when added to a `uwsgi_services` item"}],"source_content_type":"text/x-yaml","patch_set":2,"id":"7c541775_191a04cf","line":1,"updated":"2021-12-08 08:32:58.000000000","message":"the release notes from all of the ansible roles get collected together into the openstack-ansible repo to be published, kind of silly nit to pick but it may be better to name the release note add-uwsgi-tls-\u003chash\u003e so that\u0027s it has a reasonable name when copied to the main repo.","commit_id":"7ee0673eaf7516b43899e03ce67242bfdadfe9f2"},{"author":{"_account_id":31749,"name":"James Gibson","email":"james.gibson@bbc.co.uk","username":"jamesgibo"},"change_message_id":"05956ee0f05fe0496fab0dbc7dddf632c3e59496","unresolved":false,"context_lines":[{"line_number":1,"context_line":"---"},{"line_number":2,"context_line":"features:"},{"line_number":3,"context_line":"  - |"},{"line_number":4,"context_line":"    Added variable `uwsgi_tls` which when added to a `uwsgi_services` item"}],"source_content_type":"text/x-yaml","patch_set":2,"id":"0681018d_b5b75745","line":1,"in_reply_to":"7c541775_191a04cf","updated":"2021-12-09 08:02:43.000000000","message":"Done","commit_id":"7ee0673eaf7516b43899e03ce67242bfdadfe9f2"}],"templates/uwsgi.ini.j2":[{"author":{"_account_id":28619,"name":"Dmitriy Rabotyagov","email":"noonedeadpunk@gmail.com","username":"noonedeadpunk"},"change_message_id":"86b9379f843f400f912691065ebedfccbb38f70d","unresolved":true,"context_lines":[{"line_number":14,"context_line":"wsgi \u003d {{ item.value.wsgi }}"},{"line_number":15,"context_line":"{% endif %}"},{"line_number":16,"context_line":"{% if item.value.uwsgi_tls | default({}) | length %}"},{"line_number":17,"context_line":"https-socket \u003d {{ item.value.uwsgi_bind_address | default(\u00270.0.0.0\u0027) }}:{{ item.value.uwsgi_port | default(8080) }},{{ item.value.uwsgi_tls.crt }},{{ item.value.uwsgi_tls.key }},HIGH"},{"line_number":18,"context_line":"{% else %}"},{"line_number":19,"context_line":"http-socket \u003d {{ item.value.uwsgi_bind_address | default(\u00270.0.0.0\u0027) }}:{{ item.value.uwsgi_port | default(8080) }}"},{"line_number":20,"context_line":"{% endif %}"}],"source_content_type":"text/x-jinja2","patch_set":1,"id":"a46171e7_1ddf47a7","line":17,"updated":"2021-12-06 17:28:52.000000000","message":"should we allow to conditionally provide ca-cert as well?","commit_id":"ae12b72b5e17ad19be142ef32431b33f734c94df"},{"author":{"_account_id":31749,"name":"James Gibson","email":"james.gibson@bbc.co.uk","username":"jamesgibo"},"change_message_id":"66eacb3ed13e726bfff375b2e6144646587ca46c","unresolved":true,"context_lines":[{"line_number":14,"context_line":"wsgi \u003d {{ item.value.wsgi }}"},{"line_number":15,"context_line":"{% endif %}"},{"line_number":16,"context_line":"{% if item.value.uwsgi_tls | default({}) | length %}"},{"line_number":17,"context_line":"https-socket \u003d {{ item.value.uwsgi_bind_address | default(\u00270.0.0.0\u0027) }}:{{ item.value.uwsgi_port | default(8080) }},{{ item.value.uwsgi_tls.crt }},{{ item.value.uwsgi_tls.key }},HIGH"},{"line_number":18,"context_line":"{% else %}"},{"line_number":19,"context_line":"http-socket \u003d {{ item.value.uwsgi_bind_address | default(\u00270.0.0.0\u0027) }}:{{ item.value.uwsgi_port | default(8080) }}"},{"line_number":20,"context_line":"{% endif %}"}],"source_content_type":"text/x-jinja2","patch_set":1,"id":"581d9b98_0d9df2fc","line":17,"in_reply_to":"a46171e7_1ddf47a7","updated":"2021-12-08 08:30:26.000000000","message":"No I do not believe we should, as this is a server when a client connects it will send its tls certificate along with any intermediate certificates required for the client to verify trust (this may include the ca, but doesn\u0027t need to), so the CA is not required in a server. \nA CA cert would only be required in a server if we implemented client auth, which is currently not setup.","commit_id":"ae12b72b5e17ad19be142ef32431b33f734c94df"}]}
