Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add secure connection support for FlagD provider #5

Closed
josecolella opened this issue Jan 4, 2023 · 5 comments · Fixed by #8
Closed

Add secure connection support for FlagD provider #5

josecolella opened this issue Jan 4, 2023 · 5 comments · Fixed by #8
Assignees
@josecolella

Comments

@josecolella
Copy link
Collaborator

josecolella commented Jan 4, 2023
edited
Loading

What?

This issue is to track what it would take to add secure connection to the flagd provider

Reference 📜

https://github.com/open-feature/ruby-sdk-contrib/pull/2/files#r1061691267
@josecolella josecolella mentioned this issue Jan 4, 2023
Merged
1 task
@josecolella
Copy link
Collaborator Author

https://github.com/tnir/gitlabhq/blob/f825fd1d881ce077ad868a70fd8d7db6a49e4700/lib/gitlab/gitaly_client.rb#L66

@josecolella josecolella self-assigned this Jan 5, 2023
@josecolella
Copy link
Collaborator Author

@toddbaert I was looking at the grpc code and there seems to be several options for secure connection:

See the following:
https://github.com/grpc/grpc/blob/06a9fbd3822e33e30fb62c5fc201f13886ede3f4/src/ruby/end2end/grpc_class_init_client.rb#L82

I noticed in the js implementation there is a helper for creating a secure connection: https://github.com/open-feature/js-sdk-contrib/blob/main/libs/providers/flagd/src/lib/service/grpc/service.ts#L37

I'm confused which we would opt for in the ruby version

josecolella added a commit that referenced this issue Jan 6, 2023
@josecolella
feat: Add unix_socket_path and root_cert_path
d5189d5 
references #5
references #4

Signed-off-by: Jose Colella <jose.colella@gusto.com>
@josecolella josecolella mentioned this issue Jan 6, 2023
Merged
@toddbaert
Copy link
Member

I'm confused which we would opt for in the ruby version

I'll try to wrap my head around this and consider it when I review your PR.

@josecolella
Copy link
Collaborator Author

@toddbaert I think I figured it out, one of the things that's interesting is that the js implementation doesn't seem to reference any root cert but you are just calling the createSsl method.

@josecolella
Copy link
Collaborator Author

@toddbaert is you see the ruby implementation, I create a ChannelCredentials that takes in three arguments; the root cert, the client pem and client .key. Looking at the tests for the secure credentials, it seems we only really need the root cert. https://github.com/open-feature/ruby-sdk-contrib/pull/8/files#diff-107800d1f2e81e1a1cee625510ebc053f2d8e366b44610db6a7b8078807fcd0cR83-R85

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@josecolella josecolella

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: Add support for unix socket path and secure connection open-feature/ruby-sdk-contrib
2 participants
@josecolella @toddbaert