-
Notifications
You must be signed in to change notification settings - Fork 101
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stop using *_STORAGE_API_ENDPOINT
environment variables
#759
Stop using *_STORAGE_API_ENDPOINT
environment variables
#759
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the PR, @shreyas-s-rao. Other than the comments #759 (comment), #759 (comment), the PR looks to be in good shape.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since you wanted to limit the scope of this PR, hence i have resolved all my comments.
/lgtm
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the PR, @shreyas-s-rao!
What this PR does / why we need it:
As mentioned in #727, it is not secure to be passing credential (secret) information to the etcdbr process via environment variables. This is ok while running locally, but when running on a k8s cluster (deployed by etcd-druid), it becomes important for etcdbrctl to be able to fetch the information about endpoint overrides directly from the mounted secret file, where the other default credentials already exist today.
This PR does two things:
storageAPIEndpoint
via file path, while still supporting the environment variableGOOGLE_STORAGE_API_ENDPOINT
env var (for users who may already be using it.AZURE_STORAGE_API_ENDPOINT
and now uses fielddomain
, in-line with Add support to override Azure Blob Storage Domain #756 . This now allows users to use custom domains for accessing special Azure region services, like this.Which issue(s) this PR fixes:
Fixes #727
Special notes for your reviewer:
/assign @renormalize @unmarshall
/cc @AleksandarSavchev
Release note: