Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update default configuration for ssl to 'allow' #15917

Merged
merged 2 commits into from
Sep 27, 2023
Merged

Update default configuration for ssl to 'allow' #15917

merged 2 commits into from
Sep 27, 2023

Conversation

alexandre-normand
Copy link
Contributor

What does this PR do?

This updates the default config for ssl from disable to allow. The reason is that postgres 15 on RDS is switching the default for force_ssl to true. Setting the default to allow means that a failure to connect without ssl will trigger an attempt to connect using ssl.

We could also consider going a bit further and setting the default to prefer which means ssl would be used first but I went with a more conservative approach that's closer to our current value (prefer non-ssl and switch to ssl on failure).

Motivation

Help make for a smoother transition for RDS Postgres users when they upgrade to postgres 15.

Additional Notes

Review checklist (to be filled by reviewers)

  • Feature or bugfix MUST have appropriate tests (unit, integration, e2e)
  • Changelog entries must be created for modifications to shipped code
  • Add the qa/skip-qa label if the PR doesn't need to be tested during QA.

@alexandre-normand alexandre-normand force-pushed the alex.normand/dbm-2773-update-default-ssl-configuration branch from 3cdf4c3 to 1d76d4b Compare September 27, 2023 01:27
lu-zhengda
lu-zhengda previously approved these changes Sep 27, 2023
View reviewed changes
@alexandre-normand alexandre-normand force-pushed the alex.normand/dbm-2773-update-default-ssl-configuration branch from 1d76d4b to 6467428 Compare September 27, 2023 01:29
@alexandre-normand alexandre-normand requested a review from a team as a code owner September 27, 2023 01:31
@alexandre-normand alexandre-normand changed the title Update ssl default configuration to 'allow' Update ssl default configuration to allow Sep 27, 2023
@alexandre-normand alexandre-normand changed the title Update ssl default configuration to allow Update default configuration for ssl to 'allow' Sep 27, 2023
@codecov
Copy link

codecov bot commented Sep 27, 2023
edited
Loading

Codecov Report

Merging #15917 (a88af0a) into master (b3ba56f) will increase coverage by 0.11%.
Report is 6 commits behind head on master.
The diff coverage is 100.00%.

Flag Coverage Δ
activemq ?
cassandra ?
hive ?
hivemq ?
hudi ?
ignite ?
jboss_wildfly ?
kafka ?
postgres 91.84% <100.00%> (-0.07%) ⬇️
presto ?
solr ?
tomcat ?
weblogic ?

Flags with carried forward coverage won't be shown. Click here to find out more.

@github-actions
Copy link

Test Results

     12 files       12 suites   16m 57s ⏱️
   236 tests    234 ✔️   2 💤 0
1 422 runs  1 374 ✔️ 48 💤 0

Results for commit a88af0a.

@alexandre-normand alexandre-normand merged commit e225a8b into master Sep 27, 2023
35 checks passed
@alexandre-normand alexandre-normand deleted the alex.normand/dbm-2773-update-default-ssl-configuration branch September 27, 2023 17:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jmeunier28 jmeunier28 jmeunier28 approved these changes

@lu-zhengda lu-zhengda lu-zhengda left review comments

Assignees
No one assigned
Labels
documentation integration/postgres
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@alexandre-normand @lu-zhengda @jmeunier28