Page MenuHomeElementl

Add 'use_ssl' boolean to grpc server workspace entry
ClosedPublic

Authored by dgibson on Mar 2 2021, 4:50 PM.

Details

Summary

If this boolean is set, we use a secure channel in the dagster gRPC client.

Future work could include:

  • letting you specify a .pem file with the specific credentials for the client to use
  • setting up the server to accept SSL

The user request that triggered this does not require either of these, (The SSL routing is happening before it reaches the gRPC server, so the server still receives an insecure connection).

Test Plan

BK, will send this to the user as well to verify that it meets their requirements

Diff Detail

Repository
R1 dagster
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

Harbormaster returned this revision to the author for changes because remote builds failed.Mar 2 2021, 5:09 PM
Harbormaster failed remote builds in B26668: Diff 32594!

were you able to test this working end to end at all?

python_modules/dagster/dagster/cli/workspace/config_schema.py
103

musing:
seems like we could have a better config schema here using Selector given the incompatibility of sibling arguments and considering how future ssl options would work

python_modules/dagster/dagster/core/host_representation/origin.py
168โ€“170

add a test for this?

python_modules/dagster/dagster/grpc/client.py
73

does ssl make sense with socket?

python_modules/dagster/dagster/core/host_representation/origin.py
168โ€“170

this is tested in test_origin_ids_stable (includes a gRPC server origin) unless you had something else in mind

python_modules/dagster/dagster/grpc/client.py
73

i'm not sure. I think it's possible? But may not be useful

use_ssl => ssl so we can make it a ScalarUnion someday

"were you able to test this working end to end at all?" - user did this successfully this morning

coolbeans

python_modules/dagster/dagster/cli/workspace/config_schema.py
103

maybe explicit default_value=False

This revision is now accepted and ready to land.Mar 3 2021, 7:40 PM