search

argoproj-labs / hera

Hera is an Argo Python SDK. Hera aims to make construction and submission of various Argo Project resources easy and accessible to everyone! Hera abstracts away low-level setup details while still maintaining a consistent vocabulary with Argo. ⭐️ Remember to star!
https://hera.rtfd.io
Apache License 2.0
550 stars 105 forks source link

Support user-provided certificates and keys #1079

Closed flaviuvadan closed 2 months ago

flaviuvadan commented 2 months ago

Is your feature request related to a problem? Please describe. The requests package that Hera relies on to send requests to the Argo server supports specifying client-provided certificates and keys. This is very useful for specific user setups, such as having a proxy that intercepts a request and performs authentication not on the bearer token but on the certificate.

Describe the solution you'd like An API on the global config similar to the token API that allows either a string path to the certificate / key or a function to load that from a custom location (useful for when the cert is loaded dynamically from another location that needs auth on the user side). Maybe cert would be enough, and all it does is load a tuple that's passed to requests like this

Describe alternatives you've considered Could explore ways to intercept a requests package request but that feels like extra burden on the user and conflicts with Hera's ambition to support "configuring a platform" via hooks

Additional context None atm

mrendi29 commented 2 months ago

@flaviuvadan I will give this a try this week. First I'll open a PR that only covers the global config. Then I am thinking to also patch (separate PR) the WorkflowService to include the cert

What do you think?

flaviuvadan commented 2 months ago

@mrendi29 sounds great!