-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rgw: handle insecure flag skip for obc in the tls config #11018
Conversation
OBC provisioner ignores insecure skip flag even if it is declared for TLS auth, hence bucket creation was failing Signed-off-by: Jiffin Tony Thottan <thottanjiffin@gmail.com>
s3svc, err := object.NewS3Agent(objectUser.Keys[0].AccessKey, objectUser.Keys[0].SecretKey, p.getObjectStoreEndpoint(), logger.LevelAt(capnslog.DEBUG), p.tlsCert) | ||
var s3svc *object.S3Agent | ||
if p.insecureTLS { | ||
s3svc, err = object.NewInsecureS3Agent(objectUser.Keys[0].AccessKey, objectUser.Keys[0].SecretKey, p.getObjectStoreEndpoint(), logger.LevelAt(capnslog.DEBUG)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe add a debug mode log for both insecure and secure tls config?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe no need to log this, since it's common behavior to use the different s3 agent.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This change isn't also needed for the bucket notifications, right?
s3svc, err := object.NewS3Agent(objectUser.Keys[0].AccessKey, objectUser.Keys[0].SecretKey, p.getObjectStoreEndpoint(), logger.LevelAt(capnslog.DEBUG), p.tlsCert) | ||
var s3svc *object.S3Agent | ||
if p.insecureTLS { | ||
s3svc, err = object.NewInsecureS3Agent(objectUser.Keys[0].AccessKey, objectUser.Keys[0].SecretKey, p.getObjectStoreEndpoint(), logger.LevelAt(capnslog.DEBUG)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe no need to log this, since it's common behavior to use the different s3 agent.
rgw: handle insecure flag skip for obc in the tls config (backport #11018)
Description of your changes:
OBC provisioner ignores insecure skip flag even if it is declared for TLS auth, hence bucket creation was failing
Signed-off-by: Jiffin Tony Thottan thottanjiffin@gmail.com
Which issue is resolved by this Pull Request:
Resolves #10910
Checklist:
skip-ci
on the PR.