[Merged by Bors] - Consolidate encryption and auth #366
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sbernauer
force-pushed
the
365-consolidate-encryption-and-auth
branch
from
1525ae0
to
d4477a5
Compare
maltesander
requested changes
Jan 9, 2023
maltesander
reviewed
Jan 10, 2023
|
bors r+ |
bors bot
pushed a commit
that referenced
this pull request
Jan 10, 2023
# Description Fixes #365 Changes, heavily inspired by the [consolidation which recently happened for the kafka-operator](stackabletech/kafka-operator#532). Relates to stackabletech/issues#293 The new structure was guided by this snippet: ``` apiVersion: druid.stackable.tech/v1alpha1 kind: DruidCluster metadata: name: derby-druid spec: image: productVersion: 24.0.0 stackableVersion: 0.3.0 clusterConfig: authentication: - authenticationClass: druid-tls-authentication-class (tls) # String - authenticationClass: druid-ldap-authentication-class (ldap) # String authorization: opa: configMapName: test-opa package: druid zookeeperConfigMapName: druid-znode metadataStorageDatabase: dbType: derby connString: jdbc:derby://localhost:1527/var/druid/metadata.db;create=true host: localhost port: 1527 deepStorage: hdfs: configMapName: druid-hdfs directory: /druid tls: serverSecretClass: secret_class # Option<String>. *In general* defaults to "tls" internalSecretClass: secret_class # Option<String>. *In general* defaults to "tls" ``` ## Overview of introduced changes While working on the main issue, adjacent and somewhat-related refactorings/changes were introduced as well: * Prefer not to disable TLS for integration tests, where possible (justification: while the complexity is slightly higher, we are tested the recommended codepath more, as TLS is on by default) * Introduce dedicated authorization and security rust files * Adjustments to test helper scripts (mostly regarding uniformity and ergonomics) ## Highlight Security-validation logic is well tested! Co-authored-by: Vladislav Supalov <[email protected]>
|
Pull request successfully merged into main. Build succeeded: |
bors
bot
changed the title
7 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Fixes #365
Changes, heavily inspired by the consolidation which recently happened for the kafka-operator. Relates to stackabletech/issues#293
The new structure was guided by this snippet:
Overview of introduced changes
While working on the main issue, adjacent and somewhat-related refactorings/changes were introduced as well:
Highlight
Security-validation logic is well tested!
Review Checklist
Once the review is done, comment
bors r+(orbors merge) to merge. Further information