Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

certprovider-api: api tweaks to read config from bootstrap #3987

Merged
merged 4 commits into from
Nov 6, 2020
Merged

certprovider-api: api tweaks to read config from bootstrap #3987

merged 4 commits into from
Nov 6, 2020

Conversation

easwars
Copy link
Contributor

@easwars easwars commented Oct 26, 2020

We recently decided to move the plugin configuration to be read and parsed from the bootstrap file instead of receiving it from the control plane. This has necessitated a few changes to the API:

  • ParseConfig() method will return a concrete type, BuildableConfig.
  • BuildableConfig has a Build() method which returns instances of Provider.
  • certprovider.GetProvider which contained the store functionality has been removed, and is folded inside the concrete type, BuildableConfig.

As part of this PR, the existing MeshCA plugin implementation is also updated to comply with the new API.

@easwars easwars requested a review from dfawley October 26, 2020 16:41
@easwars
Copy link
Contributor Author

easwars commented Oct 26, 2020

The names are still up for debate and finalizing. The functionality matches what we discussed on the other PR.

@easwars easwars added the Type: API Change Breaking API changes (experimental APIs only!) label Oct 26, 2020
@easwars easwars added this to the 1.34 Release milestone Oct 26, 2020
@easwars
Copy link
Contributor Author

easwars commented Nov 2, 2020

This should be ready for another look. I have updated the CDS balancer and bootstrap code to work with the proposed API. PTAL. Thanks.

@easwars
Copy link
Contributor Author

easwars commented Nov 3, 2020

Ping ...

dfawley
dfawley reviewed Nov 4, 2020
View reviewed changes
Copy link
Member

@dfawley dfawley left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good overall. Regarding names, I think we can continue to iterate here as needed. It's really unfortunate that this now seems very xds-specific due to splitting the initialization into two arbitrary steps. Ideally this would be a generic TLS addon capability.

credentials/tls/certprovider/meshca/builder.go
logger.Errorf("sts.NewCredentials() failed: %v", err)
return nil
}
return certprovider.NewBuildableConfig(pluginName, cfg.canonical(), func(opts certprovider.BuildOptions) certprovider.Provider {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO this is too much code for a closure.

Can this be made a function instead, with parameters for whatever needs to be captured by the closure?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ohh, I like how this makes the diffs much nicer as well. 😄

credentials/tls/certprovider/store.go Outdated

// NewBuildableConfig creates a new BuildableConfig with the given arguments.
// Provider implementations are expected to invoke this function after parsing
// the given JSON configuration as part of their ParseConfig() method.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/JSON//

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.

@dfawley dfawley assigned easwars and unassigned dfawley Nov 4, 2020
@easwars easwars assigned dfawley and unassigned easwars Nov 5, 2020
dfawley
dfawley approved these changes Nov 6, 2020
View reviewed changes
credentials/tls/certprovider/meshca/builder.go
logger.Errorf("sts.NewCredentials() failed: %v", err)
return nil
}
return certprovider.NewBuildableConfig(pluginName, cfg.canonical(), func(opts certprovider.BuildOptions) certprovider.Provider {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ohh, I like how this makes the diffs much nicer as well. 😄

@dfawley dfawley assigned easwars and unassigned dfawley Nov 6, 2020
@easwars easwars merged commit bc01f3f into grpc:master Nov 6, 2020
@easwars easwars deleted the provider_api_redesign branch November 6, 2020 19:25
davidkhala pushed a commit to Hyperledger-TWGC/grpc that referenced this pull request Dec 7, 2020
@easwars @davidkhala
certprovider: API tweaks. (grpc#3987)
4ce126b
@easwars easwars changed the title certprovider: API tweaks. certprovider-api: api tweaks Mar 4, 2021
@easwars easwars changed the title certprovider-api: api tweaks certprovider-api: api tweaks to read config from bootstrap Mar 4, 2021
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 1, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@dfawley dfawley dfawley approved these changes

Assignees

@easwars easwars

Labels
Type: API Change Breaking API changes (experimental APIs only!)
Projects
None yet
Milestone
1.34 Release
Development

Successfully merging this pull request may close these issues.
2 participants
@easwars @dfawley