[full-ci] Add TLS options for all reva grpc services #4798
Conversation
|
Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes. |
|
💥 Acceptance test Core-API-Tests-ocis-storage-9 failed. Further test are cancelled... |
rhafer
force-pushed
the
grpc-tls
branch
2 times, most recently
from
99f2dca
to
3189895
Compare
rhafer
force-pushed
the
grpc-tls
branch
5 times, most recently
from
a54da3f
to
a0ce343
Compare
|
Hm, from time to time ocis is faliing to start. Like here: https://drone.owncloud.com/owncloud/ocis/16249/53/4 |
rhafer
force-pushed
the
grpc-tls
branch
2 times, most recently
from
0794195
to
f94d03c
Compare
I hope cs3org/reva#3377 helps with this. |
rhafer
changed the title
rhafer
force-pushed
the
grpc-tls
branch
4 times, most recently
from
2c5cdb3
to
e8bbfe6
Compare
|
Just recognizing this for all items: |
I cant find any change in the descriptions...? did I miss something? |
Consolidate all services to use the Reva config struct for the shared package. This works because all services (except 'notifications', 'thumbnails' and 'webdav') where using the same config keys and environment variables for setting the reva gateway.
This is needed as the permission server (provided by the settings service) is not TLS enabled yet.
The commit of unifying the Reva Client config introduced some backwards incompatible changes to the config structures and yaml config tags. For the "thumbnails", "webdav" and "notifications" service. This reverts the changes on the service and introduces TLS options in a backwards compatible manner.
@mmattel This is the same docstring that we use for many other ENV var where certificates can be configured. If you think this needs to be addressed I'd rather see that happening in a separate PR (this one is already big enough). Would you mind opening a separate issue? |
all good, I just expressed my frustration as there are so many OCIS_ envs which slip thru automatic documantation. The issue is already addressed. |
Probably not. I interpreted your comment as if if was for the TLS related settings. Sorry for being a bit picky here. But I'd really like this PR to be focussed on the TLS related change (to keep it reviewable). The Transport Protocol settings (which I currently even don't exactly know about what is does) is not part of that. I agree it needs to be documented (or maybe even removed if we don't need it?). It should happen in a separate PR however. |
|
SonarCloud Quality Gate failed. |
Description
This adds options for enabling TLS for reva grpc services. By default TLS is still disabled.