Open sabre1041 opened 4 months ago
That's interesting, I thought fulcio always enables the grpc endpoint with an http proxy. @bobcallaway? Can you share your config. If it truly makes sense to use http, then we can figure out how to enable this.
fulcio can be deployed only exposing HTTP, only exposing gRPC, or exposing both:
Yeah, there was an http client but we removed it since there was no perceived use for it, but that appears to be untrue. Happy to review a PR, but that's kinda low priority for me. Maybe a few steps via separate PRs
Currently, the FulcioClient communicates via gRPC. While this is acceptable when communicating with the Public Good Instance (prod/staging), gRPC may not be exposed/running in self hosted deployments, rendering the client to being unusable.
Add support for standard HTTP communication to Fulcio which could be implemented as an entirely separate function/method or as a fallback when gRPC is not available