Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

1203 add config option to disable ssl #1255

Merged
merged 2 commits into from
Mar 8, 2024
Merged

1203 add config option to disable ssl #1255

merged 2 commits into from
Mar 8, 2024

Conversation

junaidzm13
Copy link
Contributor

@junaidzm13 junaidzm13 commented Mar 6, 2024
edited
Loading

Summary of the changes:

  • now we can enable/disable ssl in the demo app by setting the property vuu.ssl to true/false.
  • and to build UI demo so that it uses the insecure websocket connection, need to run build:app:insecure or build:app -- --insecure. Or if the vuuConfig is to be directly used then either specify the websocketUrl directly or set the ssl property so the fallback/default websocket url reflects the required protocol (ws vs wss).

@netlify Netlify
Copy link

netlify bot commented Mar 6, 2024
edited
Loading

Deploy Preview for papaya-valkyrie-395400 canceled.

Name Link
🔨 Latest commit d652bdf
🔍 Latest deploy log https://app.netlify.com/sites/papaya-valkyrie-395400/deploys/65ea78e4c0cc7d000833777e

@junaidzm13 junaidzm13 force-pushed the 1203-add-config-option-to-disable-ssl branch from 9f4a317 to 9874c1d Compare March 6, 2024 05:22
@junaidzm13 junaidzm13 self-assigned this Mar 6, 2024
@junaidzm13 junaidzm13 force-pushed the 1203-add-config-option-to-disable-ssl branch 4 times, most recently from c09506f to 04b4c97 Compare March 6, 2024 09:54
heswell
heswell approved these changes Mar 6, 2024
View reviewed changes
Copy link
Contributor

@heswell heswell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

UI code looks good to me

chrisjstevo
chrisjstevo reviewed Mar 7, 2024
View reviewed changes
example/main/src/main/scala/org/finos/vuu/SimulMain.scala Outdated

val config = VuuServerConfig(
VuuHttp2ServerOptions()
//only specify webroot if we want to load the source locally, we'll load it from the jar
//otherwise
.withWebRoot(webRoot)
.withSsl(certPath, keyPath)
.withSsl(sslEnabled, certPath, keyPath)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it be possible to not call this method at all, or indeed call .withUnencryptedWs()?
It looks a bit odd calling withSsl, passing in certs, but not using them....

Copy link
Contributor Author

@junaidzm13 junaidzm13 Mar 8, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Decided to not call this when ssl is disabled. Can always add another method to do withUnencryptedWs or withoutWss if/when needed. Let me know what you think

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, that is fine to get this over the line. Can we add another ticket to make opting out of Ssl explicit pls?

The reason I say is if you don't have to choose explicitly one or the other, we may well find lots of poeple deploying unencrypted websockets or http connections without really understanding they've done that.

It would be good to have a project under the examples/ folder that has unencrypted websockets/http and explains in a readme what our intended use of this would be (i.e. only in containerized environments where the ssl termination occurs in a sidecar setup at the pod level.)

As said, am happy to approve for now, but lets create another ticket to track this.

Chris

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah makes sense. Let me do that

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done: #1258

@junaidzm13 junaidzm13 force-pushed the 1203-add-config-option-to-disable-ssl branch from 04b4c97 to 13ae49f Compare March 8, 2024 02:29
@junaidzm13 junaidzm13 force-pushed the 1203-add-config-option-to-disable-ssl branch from 13ae49f to d652bdf Compare March 8, 2024 02:33
@chrisjstevo chrisjstevo merged commit e6ffbc1 into finos:main Mar 8, 2024
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chrisjstevo chrisjstevo chrisjstevo left review comments

@heswell heswell heswell approved these changes

Assignees

@junaidzm13 junaidzm13

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@junaidzm13 @heswell @chrisjstevo