HPCC-Platform icon indicating copy to clipboard operation
HPCC-Platform copied to clipboard
verified publisher icon hpcc-systems

HPCC-34819 Document SSL/TLS setup for Containerized ESPs

Open g-pan opened this issue 5 months ago • 4 comments

Please review content carefully - Copilot was used extensively in writing this material Examples are prone to hallucinations @asselitx I believe that you maybe most familiar with this content to review, please add any another reviewer as necessary. Thank you.

Type of change:

  • [x] This change is a bug fix (non-breaking change which fixes an issue).
  • [ ] This change is a new feature (non-breaking change which adds functionality).
  • [ ] This change improves the code (refactor or other change that does not change the functionality)
  • [ ] This change fixes warnings (the fix does not alter the functionality or the generated code)
  • [ ] This change is a breaking change (fix or feature that will cause existing behavior to change).
  • [ ] This change alters the query API (existing queries will have to be recompiled)

Checklist:

  • [x] My code follows the code style of this project.
    • [ ] My code does not create any new warnings from compiler, build system, or lint.
  • [x] The commit message is properly formatted and free of typos.
    • [ ] The commit message title makes sense in a changelog, by itself.
    • [ ] The commit is signed.
  • [x] My change requires a change to the documentation.
    • [x] I have updated the documentation accordingly, or...
    • [ ] I have created a JIRA ticket to update the documentation.
    • [ ] Any new interfaces or exported functions are appropriately commented.
  • [x] I have read the CONTRIBUTORS document.
  • [x] The change has been fully tested:
    • [ ] I have added tests to cover my changes.
    • [ ] All new and existing tests passed.
    • [ ] I have checked that this change does not introduce memory leaks.
    • [ ] I have used Valgrind or similar tools to check for potential issues.
  • [ ] I have given due consideration to all of the following potential concerns:
    • [ ] Scalability
    • [ ] Performance
    • [ ] Security
    • [ ] Thread-safety
    • [ ] Cloud-compatibility
    • [ ] Premature optimization
    • [ ] Existing deployed queries will not be broken
    • [ ] This change fixes the problem, not just the symptom
    • [ ] The target branch of this pull request is appropriate for such a change.
  • [x] There are no similar instances of the same problem that should be addressed
    • [ ] I have addressed them here
    • [ ] I have raised JIRA issues to address them separately
  • [ ] This is a user interface / front-end modification
    • [ ] I have tested my changes in multiple modern browsers
    • [ ] The component(s) render as expected

Smoketest:

  • [ ] Send notifications about my Pull Request position in Smoketest queue.
  • [ ] Test my draft Pull Request.

Testing:

see: https://github.com/g-pan/github-action-dev-build/actions/runs/17959821424

g-pan avatar Sep 23 '25 22:09 g-pan

Jira Issue: https://hpccsystems.atlassian.net//browse/HPCC-34819

Jirabot Action Result: Workflow Transition To: Merge Pending Updated PR

github-actions[bot] avatar Sep 23 '25 22:09 github-actions[bot]

I cannot confirm the correctness, However, is there a scenario where the certificates are store in a vault? I ask because the platform supports retrieving secrets both from Kubernetes and from a vault. If certs can be store in a vault, that should be covered here. If not, it should be stated that only certs retrieved as a Kubernetes secret is supported.

Yes I think that's true. I'll confirm and add information if so.

asselitx avatar Sep 30 '25 21:09 asselitx

@g-pan this will need rebasing.

ghalliday avatar Oct 07 '25 10:10 ghalliday

This still needs rebasing.

ghalliday avatar Oct 17 '25 10:10 ghalliday

Closing this PR Unmerged. To replace with a clean PR based on Candidate 10.0.x

g-pan avatar Nov 11 '25 15:11 g-pan