Skip to content

security: Reduce code duplication between auto_tls_init and the rest of the security package #64883

Open
Open
security: Reduce code duplication between auto_tls_init and the rest of the security package#64883
Labels
A-authenticationPertains to authn subsystemsC-cleanupTech debt, refactors, loose ends, etc. Solution not expected to significantly change behavior.T-server-and-securityDB Server & Security
@itsbilal

Description

@itsbilal
itsbilal
opened on May 7, 2021

A lot of the primitives in pkg/security/auto_tls_init.go are just shortcuts or
specializations around existing routines in the security package. As part of
this issue, tackle any major instances of code repetition between the two
parts of the package, and have any TLS auto-init/join related code
use existing.

An example of a repetition is CreateCACertAnd Key in auto_tls_init.go
being similar to code in pkg/security/x509.go. Rather, that method tries
to exactly mimic its behaviour. A simple restructure of code in auto_tls_init.go
to exclusively use existing routines elsewhere in the security package
would go a long way in cleaning up repetitive code.

Stems from #60632.

Jira issue: CRDB-7325
Epic: CRDB-6663

Metadata

Metadata

Assignees

No one assigned

    Labels

    A-authenticationPertains to authn subsystemsC-cleanupTech debt, refactors, loose ends, etc. Solution not expected to significantly change behavior.T-server-and-securityDB Server & Security

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions