Skip to content

Fix TLS config resolution for GraphQL clients #49624

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 20, 2025
Merged

Fix TLS config resolution for GraphQL clients #49624

merged 1 commit into from
Aug 20, 2025

Conversation

jmartisk
Copy link
Contributor

@jmartisk jmartisk commented Aug 20, 2025
edited
Loading

Fixes #49623

This makes the TLS configuration resolution a bit more reasonable and predictable.

The main fix is that when a GraphQL client declares a specific TLS configuration, it will be used (currently it uses the default one instead of the named one if the default one has some trust options defined, which is clearly a bug).

As a side fix, when the deprecated properties (quarkus.smallrye-graphql-client.CLIENT-NAME.key-store and quarkus.smallrye-graphql-client.CLIENT-NAME.trust-store) are defined, they will now always take precedence over TLS configuration (logging a warning if an explicit TLS config is supplied too). Before this PR, they would or would not take precedence depending on whether the default TLS configuration had trust options defined or not, which is very weird.

I'm planning to remove the deprecated properties soon anyway, but I wanted to split it into steps so that this step can be backported to 3.20.

@jmartisk jmartisk requested a review from geoand August 20, 2025 07:44
@jmartisk jmartisk requested a review from cescoffier August 20, 2025 07:44
@quarkus-bot quarkus-bot

This comment has been minimized.

Sign in to view
@gsmet
Copy link
Member

gsmet commented Aug 20, 2025

To be backported to 3.20, it needs to be backported to 3.26 too, adding the label.

@quarkus-bot quarkus-bot
Copy link

quarkus-bot bot commented Aug 20, 2025
edited by github-actions bot
Loading

Status for workflow Quarkus CI

This is the status report for running Quarkus CI on commit 98026e3.

✅ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

You can consult the Develocity build scans.

@jmartisk jmartisk merged commit 72e5719 into quarkusio:main Aug 20, 2025
25 checks passed
@jmartisk jmartisk deleted the main-issue-49623 branch August 20, 2025 09:42
@quarkus-bot quarkus-bot bot added this to the 3.28 - main milestone Aug 20, 2025
@gsmet gsmet modified the milestones: 3.28 - main, 3.26.1 Aug 27, 2025
@jmartisk jmartisk modified the milestones: 3.26.1, 3.20.3 Sep 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cescoffier cescoffier cescoffier approved these changes

@geoand geoand geoand approved these changes

Assignees
No one assigned
Labels
area/graphql area/smallrye kind/bugfix
Projects
None yet
Milestone
3.20.3
Development

Successfully merging this pull request may close these issues.

GraphQL client's resolution of TLS configuration is wrong
4 participants
@jmartisk @gsmet @cescoffier @geoand