Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NIFI-14027 Add SSLContextProvider Controller Service Interface #9537

Closed
wants to merge 1 commit into from
Closed

NIFI-14027 Add SSLContextProvider Controller Service Interface #9537

wants to merge 1 commit into from

Conversation

exceptionfactory
Copy link
Contributor

Summary

NIFI-14027 Adds the SSLContextProvider Controller Service interface to the nifi-ssl-context-service-api and refactors most existing references from SSLContextService to SSLContextProvider.

The SSLContextProvider interface includes the createContext and createTrustManager methods from SSLContextService along with a new createKeyManager method.

These methods return the common objects necessary for TLS communication, without providing access to the underlying configuration properties. This abstraction decouples TLS communication capabilities from key and certificate files. This approach provides the foundation for subsequent support of PEM Key and Certificate files in a new service implementation, building on framework support implemented in NIFI-14001.

The following extension components retain references to SSLContextService as they require direct access to the Key Store and Trust Store configuration files:

  • CaptureCahngeMySQL
  • StandardHashiCorpVaultClientService
  • ConsumeJMS
  • PublishJMS
  • Kafka3ConnectionService
  • ConsumeMQTT
  • PublishMQTT

All other Processors and Controller Services keep existing property names, but reference the SSLContextProvider interface in place of the SSLContextService interface.

Tracking

Please complete the following tracking steps prior to pull request creation.

Issue Tracking

Pull Request Tracking

  • Pull Request title starts with Apache NiFi Jira issue number, such as NIFI-00000
  • Pull Request commit message starts with Apache NiFi Jira issue number, as such NIFI-00000

Pull Request Formatting

  • Pull Request based on current revision of the main branch
  • Pull Request refers to a feature branch with one commit containing changes

Verification

Please indicate the verification steps performed prior to pull request creation.

Build

  • Build completed using mvn clean install -P contrib-check
    • JDK 21

Licensing

  • New dependencies are compatible with the Apache License 2.0 according to the License Policy
  • New dependencies are documented in applicable LICENSE and NOTICE files

Documentation

  • Documentation formatting appears as expected in rendered files

@exceptionfactory
NIFI-14027 Added SSLContextProvider Controller Service Interface
76e0fe0 
- Updated SSLContextService to extend SSLContextProvider
- Updated Processors and Controller Services to use SSLContextProvider where supported
pvillard31
pvillard31 approved these changes Nov 21, 2024
View reviewed changes
Copy link
Contributor

@pvillard31 pvillard31 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code changes LGTM, and I have confirmed proper behaviour with a few flows. Thanks for the changes @exceptionfactory !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pvillard31 pvillard31 pvillard31 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@exceptionfactory @pvillard31