steveniemitz commented on code in PR #21457: URL: https://github.com/apache/flink/pull/21457#discussion_r1041220381
########## flink-core/src/main/java/org/apache/flink/configuration/SecurityOptions.java: ########## @@ -217,6 +217,16 @@ public class SecurityOptions { .withDescription( "Turns on SSL for external communication via the REST endpoints."); + @Documentation.Section(Documentation.Sections.EXPERT_SECURITY_SSL) + public static final ConfigOption<String> SSL_REST_SSL_CONTEXT_SUPPLIER = + key("security.ssl.rest.ssl-context-supplier") + .stringType() + .noDefaultValue() + .withDescription( + "A fully qualified class name that implements the Supplier<SslContext> interface." + + " The implementation must have a public constructor with the signature" + + " (Configuration config, boolean isClient, SslProvider sslProvider)"); Review Comment: It's not just easy to pass, its keeping good abstraction between components. The consumers of SslContexts shouldn't need to know how to create them imo, merging both the factory and supplier couples those concerns together. I think I have a good way to get both though. I'll update the review in a second. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org