Closed bmtcril closed 1 year ago
Ian2012
commented
1 year ago We should update this line in the init. The "superset" is hardcoded, that's intended for use with docker-compose but it's incompatible if the service is outside the running instance
Ian2012
commented
1 year ago The following tasks were performed:
mariajgrimaldi
commented
1 year ago These are the checks we ran on this repo (security-wise):
Packages up-to-date: each package must be in its latest security release.
dependabot to update Github actions automatically like these PRs shows. Configurations: no hard-coded secrets/passwords. Done.
Scan for vulnerabilities in the implementation: security measures are implemented. So we checked each file manually:
Ian2012
commented
1 year ago @mariajgrimaldi as clickhouse is a database we would prefer to use the latest LTS version (as with MySQL) and as updates are needed, provide and easy migration path from one to another LTS version.
bmtcril
commented
1 year ago I think ideally we would want to run secure by default, but it's a non-trivial configuration to set up: https://clickhouse.com/docs/en/guides/sre/configuring-ssl
It's definitely a worthy task, though, so: https://github.com/openedx/tutor-contrib-clickhouse/issues/20
Ian2012
commented
1 year ago @bmtcril can we close this one and take the conversation in the other issue (as this is not blocking v1)?
There are a number of production use cases and configurations that we need to test and fix where broken. This issue is to track all of those, and they can be broken out into separate issues if the size of the work warrants it. Right now this is just collecting things in one place.