add transport package with server implementation #4
Conversation
Signed-off-by: Alay Patel <[email protected]>
alaypatel07
force-pushed
the
transport
branch
2 times, most recently
from
556708b to
372ec51
Compare
Signed-off-by: Alay Patel <[email protected]>
Signed-off-by: Alay Patel <[email protected]>
alaypatel07
force-pushed
the
transport
branch
from
372ec51 to
a1e99e1
Compare
alaypatel07
changed the title
alaypatel07
force-pushed
the
transport
branch
from
6bce99f to
6d741f8
Compare
alaypatel07
force-pushed
the
transport
branch
from
6d741f8 to
65e9900
Compare
Signed-off-by: Alay Patel <[email protected]>
alaypatel07
force-pushed
the
transport
branch
from
65e9900 to
8505c12
Compare
transport/stunnel/server.go
Outdated
| socket = l:TCP_NODELAY=1 | ||
| socket = r:TCP_NODELAY=1 | ||
| debug = 7 | ||
| sslVersion = TLSv1.2 |
There was a problem hiding this comment.
Why are we specifying 1.2 instead of 1.3?
transport/stunnel/server.go
Outdated
| socket = r:TCP_NODELAY=1 | ||
| debug = 7 | ||
| sslVersion = TLSv1.2 | ||
| [rsync] |
There was a problem hiding this comment.
We should probably use a generic name here. The tunnel itself doesn't really have anything to do w/ rsync (even that's going to be its primary use).
transport/transport.go
Outdated
|
|
||
| type Type string | ||
|
|
||
| func GenerateSSLCert() (*bytes.Buffer, *bytes.Buffer, *bytes.Buffer, error) { |
There was a problem hiding this comment.
This function could use some docs or perhaps named return values. 3 different *bytes.Buffer is a bit unwieldy.
transport/transport.go
Outdated
| } | ||
|
|
||
| subj := pkix.Name{ | ||
| CommonName: "backube.dev", |
There was a problem hiding this comment.
Does this require a domain name or can we just leave it at "backube"?
|
|
||
| type Options struct { | ||
| Labels map[string]string | ||
| Owners []metav1.OwnerReference |
There was a problem hiding this comment.
I notice when this gets used, it is directly assigned to the object's field instead of going through something like https://github.com/kubernetes-sigs/controller-runtime/blob/5f8befe79888a4a8529cda7a82797bd57e188158/pkg/controller/controllerutil/controllerutil.go#L96 that validates the reference (i.e., owner scoping, same namespace, etc). Does this get validated elsewhere?
| MarkForCleanup(ctx context.Context, c client.Client, key, value string) error | ||
| } | ||
|
|
||
| type Options struct { |
There was a problem hiding this comment.
If consumers are going to use this directly, the fields need docs
| key = /etc/stunnel/certs/tls.key | ||
| cert = /etc/stunnel/certs/tls.crt |
There was a problem hiding this comment.
will try PSK and let you know
| } | ||
|
|
||
| func (s *server) prefixedName(name string) string { | ||
| return s.namespacedName.Name + "-server-" + name |
There was a problem hiding this comment.
create an issue for tracking this across all the packages
| corev1 "k8s.io/api/core/v1" | ||
| k8serrors "k8s.io/apimachinery/pkg/api/errors" | ||
| "k8s.io/apimachinery/pkg/types" | ||
| ctrlclient "sigs.k8s.io/controller-runtime/pkg/client" |
There was a problem hiding this comment.
As discussed in the call, this is required because we'll have a client type soon, we agreed to keep it as of now.
Note: I am not a big fan of this either, but we agreed we have bigger fishes to fry :)
| } | ||
|
|
||
| func (s *server) prefixedName(name string) string { | ||
| return s.namespacedName.Name + "-server-" + name |
|
|
||
| type Options struct { | ||
| Labels map[string]string | ||
| Owners []metav1.OwnerReference |
alaypatel07
force-pushed
the
transport
branch
2 times, most recently
from
a4275c4 to
2addf39
Compare
Signed-off-by: Alay Patel <[email protected]>
Co-authored-by: John Strunk <[email protected]> Signed-off-by: Alay Patel <[email protected]>
alaypatel07
force-pushed
the
transport
branch
from
2addf39 to
402af80
Compare
alaypatel07
force-pushed
the
transport
branch
from
a03075b to
09dc1cd
Compare
Signed-off-by: Alay Patel <[email protected]>
alaypatel07
force-pushed
the
transport
branch
from
09dc1cd to
e10d983
Compare
Signed-off-by: Alay Patel <[email protected]>
alaypatel07
force-pushed
the
transport
branch
from
f9ee120 to
75c304a
Compare
…te MarkForCleanup Signed-off-by: Alay Patel <[email protected]>
alaypatel07
force-pushed
the
transport
branch
from
6f5f3b7 to
4b9f475
Compare
| switch { | ||
| case k8serrors.IsNotFound(err): | ||
| return false, nil | ||
| case err != nil: | ||
| return false, err | ||
| } |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: alaypatel07, JohnStrunk The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Describe what this PR does
This PR adds a transport interface along with the server implementation. This will be followed by accompanying client implementation.