-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: reload TLS certificate without restarting server #5516
Merged
Merged
Changes from 1 commit
Commits
Show all changes
14 commits
Select commit
Hold shift + click to select a range
83e607a
feat: implement auto cert reload
vcrfxia dafa8e0
chore: checkstyle
vcrfxia 0ffaf29
chore: minor rename
vcrfxia 4e0c365
chore: use Vert.x worker rather than executor service
vcrfxia 48929a9
chore: move logic for restarting server from ServerVerticle to Server
vcrfxia 2849468
test: client trust store should always be valid
vcrfxia d5e0821
chore: findbugs
vcrfxia 87917ea
fix: use separate thread for file watcher
vcrfxia 7ff1082
test: prevent cert reload test from affecting other TLS tests
vcrfxia 7221ead
Merge branch 'master' into auto-cert-reload
vcrfxia c700eb9
test: add logging to debug potential flakiness with shouldReloadCert()
vcrfxia b23542f
test: update assertion to be more informative on failure
vcrfxia 1958270
refactor: file watcher extends thread
vcrfxia 7a1d136
fix: configure cert reload before deploying instances
vcrfxia File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
test: prevent cert reload test from affecting other TLS tests
- Loading branch information
commit 7ff1082b15566cc52fb7aed1006efd40a199aa30
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it would be good to test reloading the server more than once - i.e. changing the cert more than once, as there might be a bug in the filewatcher/reloading that only manifests after the reload has been done once.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The test already reloads the server twice: once with a bad cert, and then again with a good cert. Are you suggesting we should repeat the cycle twice, for a total of four reloads?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, if you're already reloading more than once that seems fine :)