*: support TLS #40

kennytm · 2020-02-10T19:53:39Z

What have you changed? (mandatory)

Fix #39. Recognize the security config and pass the security manager around when gRPC connections are needed.

What are the type of the changes? (mandatory)

New feature (change which adds functionality)

How has this PR been tested? (mandatory)

Manually checked in the TiDB Lightning Integrated Test Cluster.

Does this PR affect TiDB Lightning? (mandatory)

Yes

Refer to a related PR or issue link (optional)

pingcap/tidb-lightning#262

Benchmark result if necessary (optional)

Add a few positive/negative examples (optional)

Signed-off-by: kennytm <[email protected]>

kennytm · 2020-02-12T06:38:25Z

PTAL @overvenus @3pointer cc @DanielZhangQD

overvenus

LGTM, could you add a test?

also added a test to ensure non-TLS-client <-> TLS-server fails. Signed-off-by: kennytm <[email protected]>

* *: support TLS Signed-off-by: kennytm <[email protected]> * tests/integrations: make the entire test run on TLS connection also added a test to ensure non-TLS-client <-> TLS-server fails. Signed-off-by: kennytm <[email protected]>

* *: support TLS (#40) * *: support TLS Signed-off-by: kennytm <[email protected]> * tests/integrations: make the entire test run on TLS connection also added a test to ensure non-TLS-client <-> TLS-server fails. Signed-off-by: kennytm <[email protected]> * Cargo.toml: set version to 3.0.11 Signed-off-by: kennytm <[email protected]>

* *: support TLS Signed-off-by: kennytm <[email protected]> * tests/integrations: make the entire test run on TLS connection also added a test to ensure non-TLS-client <-> TLS-server fails. Signed-off-by: kennytm <[email protected]>

* *: support TLS (tikv#40) * *: support TLS Signed-off-by: kennytm <[email protected]> * tests/integrations: make the entire test run on TLS connection also added a test to ensure non-TLS-client <-> TLS-server fails. Signed-off-by: kennytm <[email protected]>

* Cherry-pick TLS support to release-3.1 (#44) * *: support TLS (#40) * *: support TLS Signed-off-by: kennytm <[email protected]> * tests/integrations: make the entire test run on TLS connection also added a test to ensure non-TLS-client <-> TLS-server fails. Signed-off-by: kennytm <[email protected]> * tests: fix build failure Signed-off-by: kennytm <[email protected]> Co-authored-by: kennytm <[email protected]>

*: support TLS

3256fa0

Signed-off-by: kennytm <[email protected]>

kennytm added Should Update Ansible The config in TiDB-Ansible should be updated Should Update Docs Should update docs after this PR is merged. Remove this label once the docs are updated status/PTAL This PR is ready for review. Add this label back after committing new changes labels Feb 10, 2020

overvenus reviewed Feb 12, 2020

View reviewed changes

tests/integrations: make the entire test run on TLS connection

3868975

also added a test to ensure non-TLS-client <-> TLS-server fails. Signed-off-by: kennytm <[email protected]>

kennytm added status/LGT1 One reviewer already commented LGTM (LGTM1) and removed status/PTAL This PR is ready for review. Add this label back after committing new changes labels Feb 12, 2020

overvenus approved these changes Feb 13, 2020

View reviewed changes

kennytm mentioned this pull request Feb 16, 2020

Support TLS; Reduce the need of config.toml in integration tests pingcap/tidb-lightning#270

Merged

3pointer approved these changes Feb 19, 2020

View reviewed changes

kennytm added status/LGT2 Two reviewers already commented LGTM, ready for merge (LGTM2) and removed status/LGT1 One reviewer already commented LGTM (LGTM1) labels Feb 19, 2020

kennytm merged commit b9e347f into master Feb 19, 2020

kennytm deleted the kennytm/tls branch February 19, 2020 06:59

kennytm mentioned this pull request Feb 28, 2020

Cherry-pick TLS support to release-3.0, and set version to v3.0.11 #44

Merged

weekface mentioned this pull request Mar 18, 2020

TiDB Cluster/Client TLS support implementation in TiDB Operator pingcap/tidb-operator#1855

Closed

52 tasks

3pointer mentioned this pull request Apr 2, 2020

cherry-pick to release-3.1 #53

Merged

kennytm removed the Should Update Docs Should update docs after this PR is merged. Remove this label once the docs are updated label Jun 17, 2020

kennytm mentioned this pull request Jun 17, 2020

tidb-lightning: update docs pingcap/docs#2946

Merged

5 tasks

ti-srebot mentioned this pull request Jun 23, 2020

tidb-lightning: update docs (#2946) pingcap/docs#2994

Merged

5 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

*: support TLS #40

*: support TLS #40

kennytm commented Feb 10, 2020

kennytm commented Feb 12, 2020

overvenus left a comment

*: support TLS #40

*: support TLS #40

Conversation

kennytm commented Feb 10, 2020

What have you changed? (mandatory)

What are the type of the changes? (mandatory)

How has this PR been tested? (mandatory)

Does this PR affect TiDB Lightning? (mandatory)

Refer to a related PR or issue link (optional)

Benchmark result if necessary (optional)

Add a few positive/negative examples (optional)

kennytm commented Feb 12, 2020

overvenus left a comment

Choose a reason for hiding this comment