-
Notifications
You must be signed in to change notification settings - Fork 929
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: support xds certificate #1945
Conversation
If u have finished ur work, pls delete the 'WIP'. |
@LaurenceLiZhixin @AlexStocks pls review this pr, tks. |
pls fix the ci failure |
@ZLBer 提交前使用 import-formatter 修正下代码。 % import-formatter . https://github.com/dubbogo/tools#5-how-to-get-imports-formatter |
@LaurenceLiZhixin fixed. |
@ZLBer so badly that the ci still failed. |
Codecov Report
@@ Coverage Diff @@
## 3.0 #1945 +/- ##
==========================================
- Coverage 45.00% 44.52% -0.49%
==========================================
Files 287 281 -6
Lines 17135 16826 -309
==========================================
- Hits 7711 7491 -220
+ Misses 8608 8543 -65
+ Partials 816 792 -24
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
@ZLBer Good Job 👍🏻 Could you give a draft document how to run this xds certificate provider and communicate with istiod locally? |
@thehackercat this doc has a example for how to use this:https://github.com/dubbogo/dubbogo.github.io/blob/master/docs/zh-cn/user/tasks/mesh/dubbogo_certificate_using_istio.md |
generally LGTM, will be better to add some examples on https://github.com/apache/dubbo-go-samples for example,
|
@thehackercat issue fixed, thanks for your review. Next i think we can inject certificate when user use xds. but, the tls of dubbo-go is not very convenient. i think i can do more about this. |
@AlexStocks this PR LGTM, I think it's ready to be merged. @justxuewei could u also help take a look at |
@thehackercat sure, will add an example on dubbo-go-samples |
Ok, I will review the code you mentioned later today. |
There are some slight problems, but most looks good to me. |
@justxuewei all fixed, thanks |
What this PR does:
support xds certificate , fetch cert from agent mode or no agent mode, using it for rpc tls and xds tls.
Which issue(s) this PR fixes:
Fixes #1808
You should pay attention to items below to ensure your pr passes our ci test
We do not merge pr with ci tests failed