Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

reorg: Decouple TLS implementation from proxy client #1349

Merged
merged 2 commits into from
Nov 2, 2021
Merged

Conversation

olix0r
Copy link
Member

@olix0r olix0r commented Nov 1, 2021

Currently the TLS implementation in proxy-identity-default depends on
proxy-identity, which depends on the proxy API to implement its
refreshing identity client.

This change updates these crates so that the TLS implementation only
depends on the core identity crate as follows:

  • Move proxy_identity::Credentials to identity::Credentials;
  • Move proxy/identity/default to identity/default;
  • Rename proxy/identity to proxy/identity-client to help
    disambiguate it from the core identity crate.

Currently the TLS implementation in `proxy-identity-default` depends on
`proxy-identity`, which depends on the proxy API to implement its
refreshing identity client.

This change updates these crates so that the TLS implementation only
depends on the core identity crate as follows:

* Move `proxy_identity::Credentials` to `identity::Credentials`;
* Move `proxy/identity/default` to `identity/default`;
* Rename `proxy/identity` to `proxy/identity-client` to help
  disambiguate it from the core identity crate.
@olix0r olix0r requested a review from a team November 1, 2021 21:34
Copy link
Contributor

@hawkw hawkw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yup, this makes sense to me, ship it!

@olix0r olix0r merged commit 731d12d into main Nov 2, 2021
@olix0r olix0r deleted the ver/identity-modes branch November 2, 2021 04:59
olix0r added a commit to linkerd/linkerd2 that referenced this pull request Nov 4, 2021
This release improves retries so that requests without a
`content-length` can be retried. This should permit requests emitted by
grpc-go to be retried.

Discovery diagnostics have also been improved by ensuring that service
discovery updates are logged at DEBUG. Previously these messages were
only emitted at the TRACE level.

---

* build(deps): bump hdrhistogram from 7.3.0 to 7.4.0 (linkerd/linkerd2-proxy#1330)
* build(deps): bump libc from 0.2.104 to 0.2.105 (linkerd/linkerd2-proxy#1332)
* tracing: update `tracing-subscriber` to v0.3.x (linkerd/linkerd2-proxy#1327)
* tls: Avoid circular dependencies (linkerd/linkerd2-proxy#1334)
* Fix misspecified dependencies (linkerd/linkerd2-proxy#1335)
* build(deps): bump tracing-subscriber from 0.2.25 to 0.3.1 (linkerd/linkerd2-proxy#1328)
* update `tonic`, `prost`, and `linkerd2-proxy-api` (linkerd/linkerd2-proxy#1339)
* Refactor mTLS & identity crates (linkerd/linkerd2-proxy#1333)
* Log discovery changes at DEBUG (linkerd/linkerd2-proxy#1340)
* build(deps): bump tokio-util from 0.6.8 to 0.6.9 (linkerd/linkerd2-proxy#1342)
* build(deps): bump tokio from 1.12.0 to 1.13.0 (linkerd/linkerd2-proxy#1343)
* build(deps): bump tokio-stream from 0.1.7 to 0.1.8 (linkerd/linkerd2-proxy#1344)
* retry: allow retrying requests without content-length headers  (linkerd/linkerd2-proxy#1341)
* retry: Simplify ReplayBody::poll_data for readability (linkerd/linkerd2-proxy#1346)
* build(deps): bump libc from 0.2.105 to 0.2.106 (linkerd/linkerd2-proxy#1348)
* reorg: Decouple TLS implementation from proxy client (linkerd/linkerd2-proxy#1349)
* build(deps): bump actions/checkout from 2.3.5 to 2.4.0 (linkerd/linkerd2-proxy#1352)
* Introduce `meshtls` facade to hide rustls crate (linkerd/linkerd2-proxy#1353)
olix0r added a commit to linkerd/linkerd2 that referenced this pull request Nov 5, 2021
This release improves retries so that requests without a
`content-length` can be retried. This should permit requests emitted by
grpc-go to be retried.

Discovery diagnostics have also been improved by ensuring that service
discovery updates are logged at DEBUG. Previously these messages were
only emitted at the TRACE level.

---

* build(deps): bump hdrhistogram from 7.3.0 to 7.4.0 (linkerd/linkerd2-proxy#1330)
* build(deps): bump libc from 0.2.104 to 0.2.105 (linkerd/linkerd2-proxy#1332)
* tracing: update `tracing-subscriber` to v0.3.x (linkerd/linkerd2-proxy#1327)
* tls: Avoid circular dependencies (linkerd/linkerd2-proxy#1334)
* Fix misspecified dependencies (linkerd/linkerd2-proxy#1335)
* build(deps): bump tracing-subscriber from 0.2.25 to 0.3.1 (linkerd/linkerd2-proxy#1328)
* update `tonic`, `prost`, and `linkerd2-proxy-api` (linkerd/linkerd2-proxy#1339)
* Refactor mTLS & identity crates (linkerd/linkerd2-proxy#1333)
* Log discovery changes at DEBUG (linkerd/linkerd2-proxy#1340)
* build(deps): bump tokio-util from 0.6.8 to 0.6.9 (linkerd/linkerd2-proxy#1342)
* build(deps): bump tokio from 1.12.0 to 1.13.0 (linkerd/linkerd2-proxy#1343)
* build(deps): bump tokio-stream from 0.1.7 to 0.1.8 (linkerd/linkerd2-proxy#1344)
* retry: allow retrying requests without content-length headers  (linkerd/linkerd2-proxy#1341)
* retry: Simplify ReplayBody::poll_data for readability (linkerd/linkerd2-proxy#1346)
* build(deps): bump libc from 0.2.105 to 0.2.106 (linkerd/linkerd2-proxy#1348)
* reorg: Decouple TLS implementation from proxy client (linkerd/linkerd2-proxy#1349)
* build(deps): bump actions/checkout from 2.3.5 to 2.4.0 (linkerd/linkerd2-proxy#1352)
* Introduce `meshtls` facade to hide rustls crate (linkerd/linkerd2-proxy#1353)
* rustls: Configure the initial TLS client with trust roots (linkerd/linkerd2-proxy#1355)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants