mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jie Yu <yujie....@gmail.com>
Subject Re: Review Request 56052: Added the 'Secret' protobuf message.
Date Thu, 09 Feb 2017 19:46:14 GMT


> On Feb. 9, 2017, 6:31 p.m., Jie Yu wrote:
> > include/mesos/mesos.proto, line 1994
> > <https://reviews.apache.org/r/56052/diff/3/?file=1628247#file1628247line1994>
> >
> >     Actually, one thought here. Given that environment varaible's source cannot
be a byte stream. Do we want to have explicit typing: REFERENCE, TEXT, BYTES for secret so
that the validation for environment source can be easier and more explicit?
> 
> Greg Mann wrote:
>     When a user specifies a REFERENCE-type Secret, would they need to be able to specify
text vs. bytes in that case? If so, then we might want two different sets of type information.
I don't know if a user's module implementation might need to know the encoding (or lack thereof)
of a REFERENCE Secret when fetching it?
>     
>     If we don't think the REFERENCE-type secret needs any encoding information, then
we could use {REFERENCE, TEXT} for the enum types in this patch, so that we could add a BYTES
type at the top level later. Another option would be to include type information inside the
Value message, but this adds a bit more complexity to the message.

Yes, you're right that this also applies to REFERENCE type secret. What happen in the future
that we start to support REFERENCE type through modules. What the agent should do for environment
variable. Does the agent need to do base64 encoding (as you mentioned, how does the agent
know that the content received is a string or byte stream, and how does the user know?), or
leave it as a plain string?

Looks like k8s secret always do base64 encoding? Maybe that's how they solve the issue?

Let's do our due diligence to evaluate all the options thoroughly because this is a very important
API.


- Jie


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/56052/#review164960
-----------------------------------------------------------


On Feb. 9, 2017, 6:33 a.m., Greg Mann wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/56052/
> -----------------------------------------------------------
> 
> (Updated Feb. 9, 2017, 6:33 a.m.)
> 
> 
> Review request for mesos, Adam B, Jie Yu, Kapil Arya, Jan Schlicht, and Vinod Kone.
> 
> 
> Bugs: MESOS-6996
>     https://issues.apache.org/jira/browse/MESOS-6996
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> This patch adds a new `Secret` protobuf message which
> is designed to serve as a generic mechanism for passing
> priviledged information within Mesos.
> 
> 
> Diffs
> -----
> 
>   include/mesos/mesos.proto 34a288b6f5c2fca090a7aa7a61798e3255d6663a 
>   include/mesos/v1/mesos.proto 6638111d10f4a36cdf91dfce1019871e9839c306 
> 
> Diff: https://reviews.apache.org/r/56052/diff/
> 
> 
> Testing
> -------
> 
> `make check`
> 
> 
> Thanks,
> 
> Greg Mann
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message