Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add s3 config option insecure_skip_verify #1470

Merged
merged 4 commits into from
Jun 10, 2022
Merged

Add s3 config option insecure_skip_verify #1470

merged 4 commits into from
Jun 10, 2022

Conversation

zalegrala
Copy link
Contributor

@zalegrala zalegrala commented Jun 2, 2022
edited
Loading

What this PR does:

Here we include an S3 config option to disable TLS verification on HTTPs endpoints.

Which issue(s) this PR fixes:
Fixes #1466

Checklist

  • Tests updated
  • Documentation added
  • CHANGELOG.md updated - the order of entries should be [CHANGE], [FEATURE], [ENHANCEMENT], [BUGFIX]

@zalegrala zalegrala force-pushed the s3TLSSkipVerify branch 3 times, most recently from 1c9ef03 to 22db690 Compare June 2, 2022 19:53
@zalegrala zalegrala marked this pull request as ready for review June 2, 2022 20:45
joe-elliott
joe-elliott approved these changes Jun 3, 2022
View reviewed changes
tempodb/backend/s3/s3.go Show resolved Hide resolved
KMiller-Grafana
KMiller-Grafana reviewed Jun 7, 2022
View reviewed changes
docs/tempo/website/configuration/_index.md Outdated
Comment on lines 537 to 539
# optional.
# enable to skip verification of an HTTPs endpoint
[insecure_skip_verify: <bool>]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know that this definition looks similar to those near it within the file. It could be improved by stating that a value of true causes the verification to be skipped, and that the default is false. (Did I get the implications right?)

When I read this, I have to make a mental jump to associating "enable" with the boolean value "true." Easy for me, but perhaps more difficult for others.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Learned something by reading your comment. :) I would not have caught the same thing.

knylander-grafana
knylander-grafana reviewed Jun 10, 2022
View reviewed changes
CHANGELOG.md Outdated Show resolved Hide resolved
knylander-grafana
knylander-grafana reviewed Jun 10, 2022
View reviewed changes
Copy link
Contributor

@knylander-grafana knylander-grafana left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have one minor suggestion on the changelog file.

@zalegrala zalegrala merged commit 6c35e24 into grafana:main Jun 10, 2022
@zalegrala zalegrala deleted the s3TLSSkipVerify branch June 10, 2022 19:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@KMiller-Grafana KMiller-Grafana KMiller-Grafana left review comments

@knylander-grafana knylander-grafana knylander-grafana left review comments

@joe-elliott joe-elliott joe-elliott approved these changes

@annanay25 annanay25 Awaiting requested review from annanay25

@mdisibio mdisibio Awaiting requested review from mdisibio mdisibio is a code owner

@dgzlopes dgzlopes Awaiting requested review from dgzlopes

@mapno mapno Awaiting requested review from mapno mapno is a code owner

@kvrhdn kvrhdn Awaiting requested review from kvrhdn kvrhdn is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

s3: add insecure_skip_verify to enable TLS without verifying the certificate
4 participants
@zalegrala @joe-elliott @KMiller-Grafana @knylander-grafana