New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ceph: add support in RGW to communicate vault with TLS #8579
Conversation
This pull request has merge conflicts that must be resolved before it can be merged. @thotz please rebase it. https://rook.io/docs/rook/master/development-flow.html#updating-your-fork |
55e700c
to
ecdcf7b
Compare
@leseb: anyidea what is failing here, locally when I tried steps in |
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
holding until CI job is fixed
@leseb : from code reading even though |
fd2932d
to
6c8c8a9
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No unit tests?
Other addition can done in TestCheckRGWKMS() to validate the tls client certs passed, but similar cases are performed in TestValidateConnectionDetails() and CheckRGWKMS() calls the ValidateConnectionDetails() internally. So do I need to cover these cases? |
6c8c8a9
to
9747266
Compare
Yes. All code that adds or modifies a feature should come with added or modified unit tests. Part of development is writing tests to ensure the feature works as intended and to catch corner case issues during development. We have collectively (including myself) slacked off on doing this for Rook in the past, but with as much complexity as Rook has and the importance that it works well for our downstream customers and upstream users, we can't continue to ignore that responsibility. When I write a new feature, the unit tests I write for it always catch bugs that I make in the code. Every single time. I usually find that I spend more time working on tests than the feature itself and that writing good tests that cover all corner cases is much more difficult than implementing the feature. When I estimate the time it will take to implement a feature, I often estimate the time I think it will take to implement the feature itself, then multiply by three to estimate the time it will take me to implement the feature plus the tests (I assume tests take twice as long). Questions that every unit test should answer and test (not all are always applicable):
I'm sure there are some questions I missed. |
9747266
to
1b0ee35
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's great to see all the unit and integration tests, thanks
1b0ee35
to
7df1bce
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should also run a version of TestPodSpecs
for the RGW spec where KMS is enabled.
This pull request has merge conflicts that must be resolved before it can be merged. @thotz please rebase it. https://rook.io/docs/rook/latest/development-flow.html#updating-your-fork |
7df1bce
to
b7ad255
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I flagged a few nit typos, given Seb already requested changes. I think this looks pretty good overall now, with some good questions from Seb.
b7ad255
to
f937506
Compare
f937506
to
eba4d1f
Compare
From ceph v16.2.6 onwards the vault TLS suppport in RGW was added, include similar changes for RGW. Signed-off-by: Jiffin Tony Thottan <thottanjiffin@gmail.com>
eba4d1f
to
aba50d3
Compare
Description of your changes:
From ceph v16.2.6 onwards the vault TLS suppport in RGW was added,
include similar changes for RGW.
Signed-off-by: Jiffin Tony Thottan thottanjiffin@gmail.com
Which issue is resolved by this Pull Request:
Resolves #
Checklist:
make codegen
) has been run to update object specifications, if necessary.