-
Notifications
You must be signed in to change notification settings - Fork 451
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable SQL Backend #709
base: master
Are you sure you want to change the base?
Enable SQL Backend #709
Conversation
This reverts commit 6dc0ed0.
You will see that some methods haven't changed to a SQL backend fully, and implement the old NoSQL methods under the sql.DB. I think there is an opportunity to slow roll and migrate to a SQL schema as time passes. This at least enables SQL for storing certificates, which is a great start and can be built on top of. |
Hey @mkkeffeler the way that we're beginning this implementation isn't quite what we're looking for. What we want (and would consider merging) is a SQL implementation of the following three interfaces:
Here's an example of one method on the Auth DB interface implemented with SQL:
There's ~40 methods across all 3 interfaces that will need to be implemented (with unit tests). Let me know if that does / doesn't make sense. Note: this is a big code change and it's possible we won't have time to prioritize and thoroughly review it until next year. |
There's more to what @dopey said. That works for a custom implementation of the start of the ca (ca/ca.go), the rest of the code stays the same, but to propper implement the functionality, there are some architectural changes that we need to make. For example to be able to register and load these interfaces in the right place. |
Description
This resolves #688 and enables users to perform a normal upgrade of smallstep, and the new schema will be migrated to. At which point users can begin to query for certificates the application has signed on a go forward basis.
Note, some tests fail at present because
GetCertificate
changed to use Context in some places. Figured we could discuss before changing that, or handle however your team prefers.