Deal with expired or near-expiration trusted keys
We currently only allow provisioning to production if pushes are signed with "trusted keys". If a trusted key expires, the admin will not be able to push and will need to do manual intervention in the server to recover.
We need to:
-
Provide instructions to update keys directly in the server when one is locked out. -
Try to update keys when near expiration. -
Notify when a key is near expiration.
Edited by drebs