Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #8
Based on top of #16
The proxy now takes new arguments to configure a remote SpiceDB:
spicedb-endpoint
: URL to the remote SpiceDBspicedb-insecure
: allows connecting to SpiceDB in plain textspicedb-skip-verify-ca
: lets the proxy connect to a remote service withoutverifying the certificate trust chain
spicedb-token
: the preshared key of the remote serverif spicedb-endpoint is set to
embedded://
, the originalbehavior of spinning up an embedded SpiceDB will take place, which
is useful for testing purposes.
An additional flag to support setting a path for the durable task database is
also added:
durabletask-database-path
. It will default to/tmp/dtx.sqlite
.Note
I implemented it so
Complete(context.Context)
wouldn't fail if it was unable to reach to the server. I could have usedWithBlock
and make it fail with a timeout, so that it ends up restarted after it fails kube's health check. I considered that having rakis call the proxy and get a "no healthy backend" wasn't much better than getting an error because the gRPC connection is broken.