This repository was archived by the owner on Oct 11, 2024. It is now read-only.
Use a simple grpc connection to Trillian backends#760
Closed
gdbelvin wants to merge 2 commits intogoogle:masterfrom
Closed
Use a simple grpc connection to Trillian backends#760gdbelvin wants to merge 2 commits intogoogle:masterfrom
gdbelvin wants to merge 2 commits intogoogle:masterfrom
Conversation
Previously, the signer used a verifying trillian log client in the signer. This: - Required a separate build step to acquire the verifying key - Was tied to a confusing and only partially implemented multi-tennant configuration system. This commit simplifies the situation to make a pure grpc call to the trillian log backend, simplifying debugging, and makes things consistent consistent with the way we are querying the trillian map server, and is also consistent with the way the Certificate Transparency frontends treat their own trillian backends.
The appender interface is a defunct wrapper for the trillian log. The admin interface is a defunct api for multi-tennant configuration.
Codecov Report
@@ Coverage Diff @@
## master #760 +/- ##
==========================================
- Coverage 49.18% 49.05% -0.13%
==========================================
Files 30 28 -2
Lines 2507 2446 -61
==========================================
- Hits 1233 1200 -33
+ Misses 1077 1061 -16
+ Partials 197 185 -12
Continue to review full report at Codecov.
|
This was referenced Aug 17, 2017
cesarghali
reviewed
Aug 17, 2017
|
|
||
| // Connection to append only log | ||
| tlog, err := config.LogClient(*logID, *logURL, *logPubKey) | ||
| lconn, err := grpc.Dial(*logURL, grpc.WithInsecure()) |
Contributor
There was a problem hiding this comment.
Is this on the same machine? If yes, will it always be on the same machine? If not, why did we switch to an insecure connection?
Contributor
Author
There was a problem hiding this comment.
The trillian log and map are not always on the same machine.
Using grpc.WithInsecure() is not a change. It was previously hidden behind config. This makes it a bit more obvious and consistent.
| return err | ||
| } | ||
| // TODO(gbelvin): Add leaf at a specific index. trillian#423 | ||
| // TODO(gdbelvin): If the log doesn't do this, we need to generate an emergency alert. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Previously, the signer used a verifying trillian log client in the
signer. This:
configuration system.
This PR simplifies the situation to make a pure grpc call to the
trillian log backend, simplifying debugging, and makes things consistent
consistent with the way we are querying the trillian map server, and is
also consistent with the way the Certificate Transparency frontends
treat their own trillian backends.
This PR also removes the dead code associated with these defunct interfaces.