Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Support TLS for elasticsearch #5134

Merged
merged 18 commits into from
Dec 6, 2023
Merged

Support TLS for elasticsearch #5134

merged 18 commits into from
Dec 6, 2023

Conversation

tuyenpthust
Copy link
Contributor

@tuyenpthust tuyenpthust commented Nov 18, 2023
edited by rodrigozhou
Loading

What changed?
Add config TLS for elasticsearch

Why?
Currently client connection to elasticsearch not support self-certificate TLS configuration
#3292
#3939

How did you test it?
Unit-test, local test

Potential risks

Is hotfix candidate?

@tuyenpthust tuyenpthust requested a review from a team as a code owner November 18, 2023 13:17
@CLAassistant
Copy link

CLAassistant commented Nov 18, 2023
edited
Loading

CLA assistant check
All committers have signed the CLA.

@tuyenpthust tuyenpthust force-pushed the tuyenpthust/elasticsearch-tls-support branch from 5d2a817 to 93d040a Compare November 18, 2023 13:32
@yiminc yiminc requested a review from rodrigozhou November 21, 2023 19:29
tdeebswihart
tdeebswihart reviewed Nov 27, 2023
View reviewed changes
Copy link
Contributor

@tdeebswihart tdeebswihart left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should be consistent in how we report errors; I've added some suggestions that'll fix that for you. I'd also appreciate it if our tests ensured that the TLS config works, not just whether we return an error

common/auth/tls_config_helper.go Outdated Show resolved Hide resolved
common/auth/tls_config_helper.go Outdated Show resolved Hide resolved
common/auth/tls_config_helper.go Outdated Show resolved Hide resolved
common/auth/tls_config_helper.go Outdated Show resolved Hide resolved
common/auth/tls_config_helper.go Outdated Show resolved Hide resolved
common/auth/tls_config_helper.go Outdated Show resolved Hide resolved
common/auth/tls_config_helper.go Outdated Show resolved Hide resolved
common/persistence/visibility/store/elasticsearch/client/client_v7.go Outdated Show resolved Hide resolved
common/auth/tls_config_helper_test.go Outdated Show resolved Hide resolved
rodrigozhou
rodrigozhou reviewed Dec 1, 2023
View reviewed changes
common/auth/tls_config_helper.go Outdated Show resolved Hide resolved
common/auth/tls_config_helper.go Show resolved Hide resolved
rodrigozhou
rodrigozhou reviewed Dec 5, 2023
View reviewed changes
common/auth/tls_config_helper.go Outdated Show resolved Hide resolved
common/auth/tls_config_helper_test.go Outdated Show resolved Hide resolved
rodrigozhou
rodrigozhou requested changes Dec 6, 2023
View reviewed changes
common/auth/tls_config_helper_test.go Outdated Show resolved Hide resolved
@rodrigozhou rodrigozhou merged commit 1a37cd4 into temporalio:main Dec 6, 2023
10 checks passed
@alexshtin
Copy link
Member

@tuyenpthust what did you use to generate those test certificates? They just got expired and we need to generate new ones.

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@rodrigozhou rodrigozhou rodrigozhou approved these changes

@tdeebswihart tdeebswihart Awaiting requested review from tdeebswihart

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@tuyenpthust @CLAassistant @alexshtin @tdeebswihart @rodrigozhou