NataliaDymnikova
commented
6 months ago We also encountered this problem.
Closed vladimirovichsa closed 5 months ago
NataliaDymnikova
commented
6 months ago We also encountered this problem.
gow
commented
5 months ago @vladimirovichsa I've added an entry in the server config to provide an option to specify a custom authenticator in https://github.com/temporalio/temporal/pull/6155. You just have to add the appropriate config entry in your deployment. Is this sufficient in your cases?
Not sure what do mean by setting it via helm. Helm charts for temporal are in a separate repo that is mainly driven by community. Is that what you were referring to?
vladimirovichsa
commented
5 months ago @gow Yes, that's exactly what I mean, but can you also add a system environment? Then, in general, you do not need to add to helm, the main thing is that there would be support for the system environment in the code temporal
gow
commented
5 months ago @vladimirovichsa thanks for confirming. Regarding adding environment variables for config entries, I'm not sure if that is the convention in Temporal repo. Mainly because there are way too many possible config entries and providing environment variables for them might be difficult. I'll look around and report here if an env variable can be added.
vladimirovichsa
commented
5 months ago @gow I tried to fork the repository and finalize it myself, because I do not have rights to create branches and a pool requests in your temporary repository. This pool is a request from my fork.
gow
commented
5 months ago @vladimirovichsa thanks for the reference PR. I made slight modifications to make it a list. Here is the PR - https://github.com/temporalio/temporal/pull/6194.
You can now set the value using export CASSANDRA_ALLOWED_AUTHENTICATORS="org.apache.cassandra.auth.LDAPAuthenticator"
gow
commented
5 months ago Looks like this issue got closed automatically when I closed our internal tracking ticket. Please feel free to reopen this issue if anything is missing.
vladimirovichsa
commented
5 months ago @gow Thank you so much for the feature Which version will it be included in?
We are faced with the fact that if Cassandra has the authentication type set as org.apache.cassandra.auth.LDAPAuthenticator, then we get an error.
Unable to establish CQL session. {"error": "gocql: unable to create session: unable to connect to initial hosts: unexpected authenticator \"org.apache.cassandra.auth.LDAPAuthenticator\"", "logging-call-at": "handler.go:80"}After looking at the gocql sources, we found that they use a list of supported identifications, but you can also pass your own type to gocql, which can be passed to AllowedAuthenticators in the PasswordAuthenticator type
Could you add such a setting via helm?