Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trust store reload endpoint and node ops method #523

Merged
merged 17 commits into from
Aug 30, 2024
Merged

Trust store reload endpoint and node ops method #523

merged 17 commits into from
Aug 30, 2024

Conversation

Miles-Garnsey
Copy link
Member

Fixes #483

@Miles-Garnsey Miles-Garnsey changed the title Rrust store reload endpoint and node ops method Trust store reload endpoint and node ops method Aug 20, 2024
@burmanm
Copy link
Contributor

burmanm commented Aug 22, 2024

As noted in the Slack, I'll add it here also: Add a new item to the FeatureSet to indicate this API endpoint is available.

@Miles-Garnsey
Rename all functions and endpoints to reflect that this is internode …
1db9116 
…only.

Update URIs so that they are clearer and more RESTful.

Add functionality to get issuers in truststore, so we can e2e test this in a more self contained way.

Add to features enum for backwards compability.
emerkle826
emerkle826 requested changes Aug 28, 2024
View reviewed changes
Copy link
Contributor

@emerkle826 emerkle826 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Miles-Garnsey a few more issues/suggestions. The biggest one being the need for a proper model class for the Issuers API endpoint.

management-api-server/src/main/java/com/datastax/mgmtapi/resources/NodeOpsResources.java Show resolved Hide resolved
management-api-server/src/main/java/com/datastax/mgmtapi/resources/NodeOpsResources.java Show resolved Hide resolved
management-api-server/src/main/java/com/datastax/mgmtapi/resources/NodeOpsResources.java Outdated Show resolved Hide resolved
management-api-server/src/main/java/com/datastax/mgmtapi/resources/NodeOpsResources.java Outdated Show resolved Hide resolved
management-api-server/src/main/java/com/datastax/mgmtapi/resources/NodeOpsResources.java Outdated Show resolved Hide resolved
emerkle826
emerkle826 requested changes Aug 28, 2024
View reviewed changes
Copy link
Contributor

@emerkle826 emerkle826 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Miles-Garnsey @burmanm After discussing with Miles, I don't think exposing the server's trust store is something normal API consumers need. It poses a security risk and the intended use was for testing/verification. Let's remove all the bits that return truststore info and trim this down to just a call to rotating the certificates.

management-api-server/src/main/java/com/datastax/mgmtapi/resources/NodeOpsResources.java Outdated Show resolved Hide resolved
@emerkle826
Copy link
Contributor

@Miles-Garnsey please add a Changelog entry as well when you get this all sorted.

emerkle826
emerkle826 requested changes Aug 30, 2024
View reviewed changes
Copy link
Contributor

@emerkle826 emerkle826 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

3 minor fixes (2 for unused imports)

management-api-agent-dse-6.8/src/main/java/com/datastax/mgmtapi/shim/DseAPI68.java Outdated Show resolved Hide resolved
management-api-agent-dse-6.9/src/main/java/com/datastax/mgmtapi/shim/DseAPI69.java Outdated Show resolved Hide resolved
management-api-server/src/main/java/com/datastax/mgmtapi/resources/NodeOpsResources.java Show resolved Hide resolved
@emerkle826 emerkle826 merged commit 1516901 into master Aug 30, 2024
121 of 129 checks passed
@emerkle826 emerkle826 deleted the feature/tsreload branch August 30, 2024 20:09
emerkle826 added a commit that referenced this pull request Sep 4, 2024
@emerkle826
Release v0.1.85
d68b012 
* [FEATURE] [#523](#523) Trust store reload functionality for DSE only (not Cassandra)
* [FEATURE] [#527](#527) Add Cassandra 4.1.6 to the build matrix
* [FEATURE] [#522](#522) Add DSE 6.9.1 to the build matrix
* [FEATURE] [#529](#529) Add DSE 6.9.2 to the build matrix
* [ENHANCEMENT] [#521](#521) Add management-api to Cassandra conf in the Dockerfile, not entrypoint for DSE 6.9, Cassandra 4.1 and Cassandra 5.0. This allows to run the container with readOnlyRootFilesystem.
* [BUGFIX] [#524](#524) Fix HintsService Hint_delays- metrics parsing and ReadCoordination metrics parsing
* [BUGFIX] [#520](#520) Update DSE 6.9.0 dependnecy
* [BUGFIX] [#531](#531) Fix DSE 6.9 UBI image agent loading
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@burmanm burmanm burmanm left review comments

@emerkle826 emerkle826 emerkle826 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

tsreload endpoint
3 participants
@Miles-Garnsey @burmanm @emerkle826