fix: Add missing mTLS parameters to FlightSQL connector docs#1720
Merged
Conversation
The FlightSQL connector supports mutual TLS (mTLS) via four parameters that were implemented in spiceai/spiceai#10764 but never documented: flightsql_tls_client_certificate_file, flightsql_tls_client_key_file, flightsql_tls_client_certificate, and flightsql_tls_client_key.
🔍 Pull with Spice FailedPassing checks:
Failed checks:
Please address these issues and update your pull request. |
|
🚀 deployed to https://c0652d86.spiceai-org-website.pages.dev |
lukekim
approved these changes
May 13, 2026
3 tasks
lukekim
added a commit
that referenced
this pull request
May 14, 2026
Documents the four new mTLS client identity parameters (`spiceai_tls_client_certificate_file`, `spiceai_tls_client_key_file`, `spiceai_tls_client_certificate`, `spiceai_tls_client_key`) added in spiceai/spiceai#10764 for spice-to-spice mTLS. Mirrors the FlightSQL connector docs update in #1720. - Adds the parameters to the connector reference table. - Adds the parameters to the deployment guide reference table. - Adds an "Mutual TLS (mTLS)" subsection with file-based and inline configuration examples to both pages.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The FlightSQL connector supports mutual TLS (mTLS) via four parameters that are fully implemented but missing from the documentation:
flightsql_tls_client_certificate_file— path to PEM client cert chainflightsql_tls_client_key_file— path to PEM private keyflightsql_tls_client_certificate— inline PEM client cert (supports secret references)flightsql_tls_client_key— inline PEM private key (supports secret references)File-based and inline variants are mutually exclusive. Each certificate param must be paired with its corresponding key param.
Changes
Added the four mTLS parameters to the FlightSQL connector parameter table in the vNext docs. Not added to versioned docs since the feature was introduced in spiceai/spiceai#10764 which is trunk-only.
Reference
Verified against spiceai/spiceai at
trunk—crates/data-connectors/connector-flightsql/src/lib.rslines 151-165 (PARAMETERS array) and lines 78-129 (mTLS validation logic).