ARROW-10206: [C++][Python][FlightRPC] Allow disabling server validation

[jduo]

@lidavidm WIP:

• Demonstrate changes for C++ and Java clients.
• Need to determine how to specify gRPC version in C++.
• Need to check over coding style in C++ and Java code.
• Python client changes pending.
• Unit tests pending.
• Does it make sense to deprecate use of SslCredentialsOptions in C++ and use TlsCredentialsOptions for other SSL properties? This is higher in blast radius and uses an experimental API for more, but would be more consistent.

[github-actions]

https://issues.apache.org/jira/browse/ARROW-10105

[lidavidm]

Hey James, I'll review this later today hopefully, but just to answer a few questions

• Style in C++ can be done automatically with clang-format, see the developer guide.
• For Python similarly you can use the flake8 config
• The versions are scattered but as a start see thirdparty.txt: https://github.com/apache/arrow/blob/master/cpp/thirdparty/versions.txt though note you may also have to update CI scripts, Homebrew/Conda packages, etc.
• I'd rather avoid very recent experimental features as that will create a lot of churn for us as gRPC upgrades frequently. It may be worth considering in a few versions if it looks like the API settles down, since I agree it would be nice to consolidate the options + it does bring the ability to do certificate rotation.

[lidavidm]

Actually, it seems the relevant changes have been there since early this year. It may be OK to switch fully.

[lidavidm]

Looks good to me as a start. Can unit tests be added? There are already tests set up to use (self-signed) certs that could serve as a starting point.

[jduo]

Hey James, I'll review this later today hopefully, but just to answer a few questions

• Style in C++ can be done automatically with clang-format, see the developer guide.
• For Python similarly you can use the flake8 config
• The versions are scattered but as a start see thirdparty.txt: https://github.com/apache/arrow/blob/master/cpp/thirdparty/versions.txt though note you may also have to update CI scripts, Homebrew/Conda packages, etc.
• I'd rather avoid very recent experimental features as that will create a lot of churn for us as gRPC upgrades frequently. It may be worth considering in a few versions if it looks like the API settles down, since I agree it would be nice to consolidate the options + it does bring the ability to do certificate rotation.

Hi @lidavidm .

• I have made the Python edits now and am running them through CI while I get my environment working.

• Unit tests have been added for all three languages.

• I updated basically every file every file I could find that referenced a C++ gRPC version.

[lidavidm]

@kszucs - are we ok to bump the gRPC versions like this?

[wesm]

There's some broken stuff for me locally with clang-8, I'm trying to fix

In file included from /home/wesm/code/arrow/cpp/src/arrow/flight/try_compile/check_tls_opts_127.cc:24:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/grpcpp.h:58:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/server.h:22:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/server_impl.h:37:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_interface.h:31:
/home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/rpc_service_method.h:51:16: error: parameter 'handler_data:' not found in the function declaration [-Werror,-Wdocumentation]
    /// \param handler_data: internal data for the handler.
               ^~~~~~~~~~~~~
/home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/rpc_service_method.h:51:16: note: did you mean 'handler_data'?
    /// \param handler_data: internal data for the handler.
               ^~~~~~~~~~~~~
               handler_data
In file included from /home/wesm/code/arrow/cpp/src/arrow/flight/try_compile/check_tls_opts_127.cc:24:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/grpcpp.h:58:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/server.h:22:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/server_impl.h:37:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_interface.h:32:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_context_impl.h:41:
/home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_callback_impl.h:406:18: error: parameter 'ok' not found in the function declaration [-Werror,-Wdocumentation]
  /// \param[in] ok Was it successful? If false, no further write-side operation
                 ^~
/home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_callback_impl.h:412:18: error: parameter 'ok' not found in the function declaration [-Werror,-Wdocumentation]
  /// \param[in] ok Was it successful? If false, no further read-side operation
                 ^~
/home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_callback_impl.h:419:18: error: parameter 'ok' not found in the function declaration [-Werror,-Wdocumentation]
  /// \param[in] ok Was it successful? If false, no further write-side operation
                 ^~
In file included from /home/wesm/code/arrow/cpp/src/arrow/flight/try_compile/check_tls_opts_127.cc:24:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/grpcpp.h:59:
/home/wesm/cpp-toolchain/include/grpcpp/server_builder.h:131:14: error: parameter 'selected_port[out]' not found in the function declaration [-Werror,-Wdocumentation]
  /// \param selected_port[out] If not `nullptr`, gets populated with the port
             ^~~~~~~~~~~~~~~~~~
/home/wesm/cpp-toolchain/include/grpcpp/server_builder.h:131:14: note: did you mean 'selected_port'?
  /// \param selected_port[out] If not `nullptr`, gets populated with the port
             ^~~~~~~~~~~~~~~~~~
             selected_port
/home/wesm/cpp-toolchain/include/grpcpp/server_builder.h:207:8: error: declaration is marked with '\deprecated' command but does not have a deprecation attribute [-Werror,-Wdocumentation-deprecated-sync]
  /// \deprecated For backward compatibility.
      ~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/wesm/cpp-toolchain/include/grpcpp/server_builder.h:208:56: note: add a deprecation attribute to the declaration to silence this warning
  ServerBuilder& SetMaxMessageSize(int max_message_size) {
                                                       ^
                                                         __attribute__((deprecated))
/home/wesm/code/arrow/cpp/src/arrow/flight/try_compile/check_tls_opts_127.cc:28:11: error: no member named 'experimental' in namespace 'grpc_impl'; did you mean 'grpc::experimental'?
    const grpc_impl::experimental::TlsCredentialsOptions* options) {
          ^~~~~~~~~~~~~~~~~~~~~~~
          grpc::experimental
/home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_context.h:34:11: note: 'grpc::experimental' declared here
namespace experimental {
          ^
/home/wesm/code/arrow/cpp/src/arrow/flight/try_compile/check_tls_opts_127.cc:34:39: error: unused variable 'opt' [-Werror,-Wunused-variable]
  grpc_tls_server_verification_option opt = check(nullptr);
                                      ^
8 errors generated.
ninja: build stopped: subcommand failed.

[jduo]

There's some broken stuff for me locally with clang-8, I'm trying to fix

In file included from /home/wesm/code/arrow/cpp/src/arrow/flight/try_compile/check_tls_opts_127.cc:24:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/grpcpp.h:58:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/server.h:22:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/server_impl.h:37:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_interface.h:31:
/home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/rpc_service_method.h:51:16: error: parameter 'handler_data:' not found in the function declaration [-Werror,-Wdocumentation]
    /// \param handler_data: internal data for the handler.
               ^~~~~~~~~~~~~
/home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/rpc_service_method.h:51:16: note: did you mean 'handler_data'?
    /// \param handler_data: internal data for the handler.
               ^~~~~~~~~~~~~
               handler_data
In file included from /home/wesm/code/arrow/cpp/src/arrow/flight/try_compile/check_tls_opts_127.cc:24:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/grpcpp.h:58:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/server.h:22:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/server_impl.h:37:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_interface.h:32:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_context_impl.h:41:
/home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_callback_impl.h:406:18: error: parameter 'ok' not found in the function declaration [-Werror,-Wdocumentation]
  /// \param[in] ok Was it successful? If false, no further write-side operation
                 ^~
/home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_callback_impl.h:412:18: error: parameter 'ok' not found in the function declaration [-Werror,-Wdocumentation]
  /// \param[in] ok Was it successful? If false, no further read-side operation
                 ^~
/home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_callback_impl.h:419:18: error: parameter 'ok' not found in the function declaration [-Werror,-Wdocumentation]
  /// \param[in] ok Was it successful? If false, no further write-side operation
                 ^~
In file included from /home/wesm/code/arrow/cpp/src/arrow/flight/try_compile/check_tls_opts_127.cc:24:
In file included from /home/wesm/cpp-toolchain/include/grpcpp/grpcpp.h:59:
/home/wesm/cpp-toolchain/include/grpcpp/server_builder.h:131:14: error: parameter 'selected_port[out]' not found in the function declaration [-Werror,-Wdocumentation]
  /// \param selected_port[out] If not `nullptr`, gets populated with the port
             ^~~~~~~~~~~~~~~~~~
/home/wesm/cpp-toolchain/include/grpcpp/server_builder.h:131:14: note: did you mean 'selected_port'?
  /// \param selected_port[out] If not `nullptr`, gets populated with the port
             ^~~~~~~~~~~~~~~~~~
             selected_port
/home/wesm/cpp-toolchain/include/grpcpp/server_builder.h:207:8: error: declaration is marked with '\deprecated' command but does not have a deprecation attribute [-Werror,-Wdocumentation-deprecated-sync]
  /// \deprecated For backward compatibility.
      ~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/wesm/cpp-toolchain/include/grpcpp/server_builder.h:208:56: note: add a deprecation attribute to the declaration to silence this warning
  ServerBuilder& SetMaxMessageSize(int max_message_size) {
                                                       ^
                                                         __attribute__((deprecated))
/home/wesm/code/arrow/cpp/src/arrow/flight/try_compile/check_tls_opts_127.cc:28:11: error: no member named 'experimental' in namespace 'grpc_impl'; did you mean 'grpc::experimental'?
    const grpc_impl::experimental::TlsCredentialsOptions* options) {
          ^~~~~~~~~~~~~~~~~~~~~~~
          grpc::experimental
/home/wesm/cpp-toolchain/include/grpcpp/impl/codegen/server_context.h:34:11: note: 'grpc::experimental' declared here
namespace experimental {
          ^
/home/wesm/code/arrow/cpp/src/arrow/flight/try_compile/check_tls_opts_127.cc:34:39: error: unused variable 'opt' [-Werror,-Wunused-variable]
  grpc_tls_server_verification_option opt = check(nullptr);
                                      ^
8 errors generated.
ninja: build stopped: subcommand failed.

The files in try_compile shouldn't be built as part of the project -- they should only be invoked by CMake for assessing grpc-cpp version information.

[wesm]

The files in try_compile shouldn't be built as part of the project -- they should only be invoked by CMake for assessing grpc-cpp version information.

Right, but the CMAKE_CXX_FLAGS set at that point are passed along, including -Werror. I'm pushing a fix here in a minute

[jduo]

The files in try_compile shouldn't be built as part of the project -- they should only be invoked by CMake for assessing grpc-cpp version information.

Right, but the CMAKE_CXX_FLAGS set at that point are passed along, including -Werror. I'm pushing a fix here in a minute

Thanks for fixing that Wes.

[lidavidm]

LGTM. I'll follow up on the ML.

[emkornfield]

nit: constexpr? or static.

[jduo]

Made a constexpr

[emkornfield]

there shouldn't be two ways of getting the default values. If there needs to be another constructor that takes credentials, then use the static factory pattern.

[jduo]

The default constructor was already there prior to this patch, it was just being implicitly defined instead of explicitly. I agree in principle that the Defaults() method should be used, however the constructor has already been public and I'm not sure it's worth breaking existing application code.

We're not really consistent about this internally either.
The C++ unit tests make use of both the public constructor and Defaults() method. The Python wrapper uses the public constructor.

[lidavidm]

Given there's already code using the default constructor, I think we can remove it separately: https://issues.apache.org/jira/browse/ARROW-10250

[pitrou]

Mention the reason in the error message?

[jduo]

Done.

[pitrou]

So gRPC has both TlsCredentialsOptions and SslCredentialOptions?

[jduo]

Yes, but they aren't interchangeable. One works against TlsCredentials and one works against SslCredentials. TlsCredentials is a newer, currently experimental API that can do everything SslCredentials can do and more, such as do certificate reloading and supplying custom callbacks for cert verification.

[lidavidm]

Waiting for CI here...

[lidavidm]

Ok, looks like the MacOS build is failing due to an unrelated reason (Cython not being found) and other PRs (and master) are failing in the same way. (Travis still pending...)

[lidavidm]

Given there's already code using the default constructor, I think we can remove it separately: https://issues.apache.org/jira/browse/ARROW-10250

[wesm]

thanks everyone

[kou]

This doesn't work with -Werror=SOMETHING: #8419