Update readme

Signed-off-by: Marcos Yacob <marcosyacob@gmail.com>
spiffe · Sep 28, 2024 · abfc165 · abfc165
1 parent ea91938
commit abfc165
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 4 deletions.
diff --git a/test/integration/suites/force-rotation-self-signed/README.md b/test/integration/suites/force-rotation-self-signed/README.md
@@ -18,7 +18,7 @@ The integration test is structured with three layers of server/agents pairs:
                 |                       |
            leafA-agent             leafA-agent
 
-Test steps:
+## Test steps
 
 1. **Prepare a new X.509 authority**: Validate that the new X.509 authority is propagated to all nested servers.
 2. **Activate the new X.509 authority**: Ensure the new X.509 authority becomes active.

diff --git a/test/integration/suites/force-rotation-upstream-authority/README.md b/test/integration/suites/force-rotation-upstream-authority/README.md
@@ -1,6 +1,12 @@
-# Force rotation using upstream authority Suite
+# Force rotation with Upstream Authority Test Suite
 
 ## Description
 
-This suite sets a very low TTLs and ensures that workload SVIDs are valid
-across many SVID and SPIRE server CA rotation periods.
+This test suite configures a disk-based Upstream Authority to validate the forced rotation and revocation of X.509 authorities.
+
+## Test steps
+
+1. **Prepare a new X.509 authority**: Verify that a new X.509 authority is successfully created.
+2. **Activate the new X.509 authority**: Ensure the new X.509 authority becomes the active authority.
+3. **Taint the old X.509 authority**: Confirm that the old X.509 authority is marked as tainted, and verify that the taint is propagated to the agent, triggering rotation of all X.509 SVIDs.
+4. **Revoke the tainted X.509 authority**: Validate that the revocation is propagated to the agent and that all SVIDs remove the revoked authority.