Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: make tls certificates/keys reloadable (part 1) #3335

Merged
merged 5 commits into from
Feb 26, 2024
Merged

feat: make tls certificates/keys reloadable (part 1) #3335

merged 5 commits into from
Feb 26, 2024

Conversation

sunng87
Copy link
Member

@sunng87 sunng87 commented Feb 20, 2024
edited
Loading

I hereby agree to the terms of the GreptimeDB CLA

What's changed and what's your intention?

Part 1 of implementation for #3255

This patch caches TLS ServerConfig in a mutable container to make it possible to update by other threads. TlsAcceptor is a lightweight container of ServerConfig so it's OK to create for each connnection.

This patch also includes a file system watcher to detect file change of certificates/keys and reload them as needed.

Checklist

  • I have written the necessary rustdoc comments.
  • I have added the necessary unit tests and integration tests.
  • This PR does not require documentation updates.

Refer to a related PR or issue link (optional)

@github-actions github-actions bot added the docs-not-required This change does not impact docs. label Feb 20, 2024
@sunng87 sunng87 marked this pull request as ready for review February 22, 2024 14:19
@sunng87
Copy link
Member Author

sunng87 commented Feb 22, 2024

I will add configuration or feature flags in part 2.

zyy17
zyy17 approved these changes Feb 23, 2024
View reviewed changes
src/servers/src/tls.rs Show resolved Hide resolved
@codecov Codecov
Copy link

codecov bot commented Feb 23, 2024

Codecov Report

Attention: Patch coverage is 92.76316% with 11 lines in your changes are missing coverage. Please review.

Project coverage is 84.98%. Comparing base (2035e7b) to head (12127a6).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3335      +/-   ##
==========================================
- Coverage   85.38%   84.98%   -0.41%     
==========================================
  Files         891      891              
  Lines      145544   145665     +121     
==========================================
- Hits       124276   123793     -483     
- Misses      21268    21872     +604

@shuiyisong shuiyisong added this pull request to the merge queue Feb 26, 2024
Merged via the queue into GreptimeTeam:main with commit 3887d20 Feb 26, 2024
16 checks passed
@shuiyisong shuiyisong deleted the feat/reloadable-tls-config branch February 26, 2024 09:51
@sunng87 sunng87 mentioned this pull request Feb 27, 2024
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shuiyisong shuiyisong shuiyisong approved these changes

@zyy17 zyy17 zyy17 approved these changes

@waynexia waynexia Awaiting requested review from waynexia

Assignees
No one assigned
Labels
docs-not-required This change does not impact docs.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sunng87 @zyy17 @shuiyisong