Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge insecureGRPC and insecureJSONRPC #435

Merged
merged 4 commits into from
Feb 27, 2019
Merged

Merge insecureGRPC and insecureJSONRPC #435

merged 4 commits into from
Feb 27, 2019

Conversation

directionless
Copy link
Contributor

Create insecureTransport as a unification of insecureGRPC and insecureJSONRPC.

These options are meaningless to split, and this way has less to get tangled up with.

@directionless
Merge insecureGRPC and insecureJSONRPC
84554d4 
Create insecureTransport as a unification of insecureGRPC and insecureJSONRPC.

These options are meaningless to split, and this way has less to get tangled up with.
@groob
Copy link
Contributor

groob commented Feb 26, 2019

Have you considered not passing a second "insecure" option to NewJSONRPC? The reason gRPC has two is because it's possible to use tls(with a insecure cert) or drop tls entirely.

Currently for JSONRPC you're passing two "insecure" flags. one manages TLS. What does the other do?

@directionless
Copy link
Contributor Author

For good or ill, the jsonrpc transport intends to follow the same model. You can connect to http or https, and you can verify or not verify the certs.

I've certainly considered merging the two options, or renaming insecure to no-verify-tls, but it felt like it might have wider impact.

blaedj
blaedj reviewed Feb 26, 2019
View reviewed changes
Copy link
Contributor

@blaedj blaedj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me, but I think we should either mention it explicitly in a change log or just check & error if the insecure_grpc flag is passed.

@directionless
Copy link
Contributor Author

@blaedj Normal flag parsing will spit an error back for unknown flags. I don't want to extend that.

blaedj
blaedj approved these changes Feb 27, 2019
View reviewed changes
Copy link
Contributor

@blaedj blaedj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah thats true, :shipit:

@directionless directionless merged commit 69bed63 into kolide:master Feb 27, 2019
@directionless directionless deleted the insecure-flags branch February 27, 2019 15:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blaedj blaedj blaedj approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@directionless @groob @blaedj