Skip to content
This repository has been archived by the owner on Jan 8, 2024. It is now read-only.

HTTP is enforced to communicate with Mesos #34

Closed
mlowicki opened this issue Apr 5, 2017 · 7 comments
Closed

HTTP is enforced to communicate with Mesos #34

mlowicki opened this issue Apr 5, 2017 · 7 comments

Comments

@mlowicki
Copy link

mlowicki commented Apr 5, 2017
edited
Loading

https://github.com/ChannelMeter/vault-gatekeeper-mesos/blob/master/mesos.go#L121

"http://" is hardcoded and it should be possible to use HTTPS as well to avoid eavesdropping.
@nemosupremo
Copy link
Owner

nemosupremo commented Apr 5, 2017
edited
Loading

I'm thinking about a fix like this e485d87

However, I don't think using a zks protocol is idiomatic, and it doesn't control whether or not the connect to zookeeper is encrypted. Nonetheless I'm actually traveling in a couple hours so I wont get back to this for a couple day.

@mlowicki
Copy link
Author

mlowicki commented Apr 5, 2017

LGTM. Thanks for fast reaction. Looking forward to try it out.

@mlowicki
Copy link
Author

mlowicki commented Apr 6, 2017

Would be good though to pass custom CA cert while talking with Mesos (In our case we're using HTTPS). In the same way as with VAULT_CAPATH or VAULT_CACERT.

@mlowicki
Copy link
Author

@nemosupremo any news on this one?

@nemosupremo
Copy link
Owner

Hi sorry for the slowness on merging this - I ended up on going on a trip to very busy Europe shortly after I wrote this. I'll try to merge this and cut a new release before the end of the week

@mlowicki
Copy link
Author

mlowicki commented May 4, 2017

Hey @nemosupremo. Friendly reminder :-)

@mlowicki
Copy link
Author

@nemosupremo ping

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mlowicki @nemosupremo