Alexander Scheel
Alexander Scheel
@busser Point 2 is handled by the underlying storage mechanism. My thought is by adding "non-voters" to other storage backends we can mimic raft's functionality in this regard. Here, HA...
@busser #996 was merged recently and will likely be backported to v2.2.0 GA, so if you wanted to test things out in a multi-DC test environment and report back if...
> Not sure it would be easy to implement an arbiter role - basically a voter which would never try to be elected as leader and, ideally, doesn't participate in...
Related discussion: https://github.com/openbao/openbao/pull/1905 + https://github.com/openbao/openbao/pull/996#issuecomment-3382139174 Note from (10/9/2025) community call: standby nodes on PostgreSQL should fully follow the underlying PostgreSQL status: you can simply promote PostgreSQL read-replica to write-replica and...
> backends should be correctly remounted at the new location When this happens cross-namespace, we'll need to incur storage overhead fwiw.
In particular as well, I think we can talk about threat modeling: To prevent a malicious commit from being pushed, we are better off disabling direct pushes to `main`, which...
> @cipherboy : in our previous discussion, in some way related to this topic, you had defined roles and authorizations, also inspired by other security projects, it would be useful...
@edomaur I'm sorry... What is the attack model here? A user opens a PR with an unsigned commit(s) whose author=maintainer and another maintainer... Merges it without looking at it, even...
@edomaur What's the name of the regulation? The only one I can find is UK's: https://engineering.homeoffice.gov.uk/standards/signing-code-commits/ But it looks like this is an internal requirement and not enforced regulation to...
@JanMa Very good, I've done so and marked the workflow required. Do you want to open a PR to add this (revised) policy to the website and close the issue...