-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature][Registry][WIP] Connecting to the ZooKeeper with SSL&ACL #16271
base: dev
Are you sure you want to change the base?
Conversation
Quality Gate failedFailed conditions |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please follow the pull-request notice. And add some docs and UT to it.
|
||
final String x509SubjectPrincipal = properties.getX509SubjectPrincipal(); | ||
if (!Strings.isNullOrEmpty(x509SubjectPrincipal)) { | ||
builder.authorization("x509", digest.getBytes(StandardCharsets.UTF_8)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should extract x509
to Constans
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
how about change both digest/x509 into AuthSchema? see https://github.com/apache/zookeeper/blob/39973dc5fddf778733e4f0370980629c07a16d67/zookeeper-server/src/test/java/org/apache/zookeeper/server/admin/CommandAuthTest.java#L79
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
how about change both digest/x509 into AuthSchema? see https://github.com/apache/zookeeper/blob/39973dc5fddf778733e4f0370980629c07a16d67/zookeeper-server/src/test/java/org/apache/zookeeper/server/admin/CommandAuthTest.java#L79
I'm ok with it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's better to add an authorization property and use the key/value provided by users
authorization:
key: value
Purpose of the pull request
fix: Feature
Brief change log
add x509 authinfo for zk registry
Verify this pull request
This pull request is code cleanup without any test coverage.
(or)
This pull request is already covered by existing tests, such as (please describe tests).
(or)
This change added tests and can be verified as follows:
(or)
Pull Request Notice
Pull Request Notice
If your pull request contain incompatible change, you should also add it to
docs/docs/en/guide/upgrede/incompatible.md