Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add tls support to frontend connection #6

Merged
merged 3 commits into from
Oct 2, 2024
Merged

Add tls support to frontend connection #6

merged 3 commits into from
Oct 2, 2024

Conversation

mihaelabalas84
Copy link
Contributor

@mihaelabalas84 mihaelabalas84 commented Sep 17, 2024
edited
Loading

This PR adds TLS connection support (optional) to Temporal frontend that has TLS enabled.

closes #7

@mihaelabalas84
Copy link
Contributor Author

@denniskniep hello, have you had the chance to look on this PR? This feature is much needed for our hosted temporal deployment.

@denniskniep
Copy link
Owner

denniskniep commented Sep 19, 2024
edited
Loading

Thanks for contributing this. I will look in detail at it soon.

Can you add in the meantime related tests?

  • Add another temporal instance secured by mtls to the tests/docker-compose.yaml
  • Run a basic test via the mtls connection internal/clients/*_test.go

@mihaelabalas84
Copy link
Contributor Author

Thanks for contributing this. I will look in detail at it soon.

Can you add in the meantime related tests?

  • Add another temporal instance secured by mtls to the tests/docker-compose.yaml
  • Run a basic test via the mtls connection internal/clients/*_test.go

hi @denniskniep Added TLS tests and docker compose setup, test certificates, updated Readme

denniskniep
denniskniep requested changes Sep 29, 2024
View reviewed changes
internal/clients/service.go Outdated Show resolved Hide resolved
internal/clients/service.go Outdated
logger.Debug("Loading client certificate from strings")
cert, err := tls.X509KeyPair([]byte(conf.CertFile), []byte(conf.KeyFile))
if err != nil {
return nil, fmt.Errorf("failed to load client certificate: %w", err)
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you plz use errors.Wrap(err, "some detail err msg") (also in the other occurences)
Because it's the default for crossplane providers (see here )

We could think about changing this, because this lib's repo is archived. But then we should change also all other occurrences so that we use the same approach in the entire project.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mihaelabalas84 can you also address this comment ?

Else it looks good to me

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done @denniskniep

internal/clients/service.go Outdated Show resolved Hide resolved
@denniskniep
Copy link
Owner

BTW: Unit Tests are failing, I think we must use docker compose instead of docker-compose. If you like you can fix it, otherwise I can do it mid of the week.

@mihaelabalas84
Copy link
Contributor Author

@denniskniep I addressed all your comments and pushed new commit with them.

@denniskniep denniskniep merged commit 8388147 into denniskniep:main Oct 2, 2024
5 checks passed
@denniskniep
Copy link
Owner

@mihaelabalas84 thanks for this contribution 🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@denniskniep denniskniep Awaiting requested review from denniskniep

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Provider not working when temporal frontend has TLS enabled
2 participants
@mihaelabalas84 @denniskniep