Add OpenSslLegacyShim to ensure OpenSSL 1.1 libraries are accessible on Linux
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
This commit introduces the OpenSslLegacyShim class, which sets the LD_LIBRARY_PATH environment variable to include the directory containing OpenSSL 1.1 native libraries. This is necessary for Mongo2Go to function correctly on Linux platforms that do not ship these libraries by default. The shim checks if the current operating system is Linux and whether the required directory exists before modifying the environment variable.
This commit is contained in:
master
@@ -2,10 +2,11 @@
|
||||
|
||||
**What changed**
|
||||
|
||||
- Introduced new `orch:quota` scope and `Orch.Admin` role for Orchestrator quota and burst adjustments.
|
||||
- Introduced new `orch:quota` scope and expanded `Orch.Admin` role for Orchestrator quota, burst, and historical backfill adjustments.
|
||||
- Client credential requests for `orch:quota` now require `quota_reason` (≤256 chars) and accept optional `quota_ticket` (≤128 chars). Authority records both values under `quota.reason` / `quota.ticket` audit properties.
|
||||
- Tokens embedding `orch:quota` expose the reason/ticket claims so downstream services and audit tooling can trace quota increases or emergency backfills.
|
||||
- Console, CLI, and configuration samples include the new role plus environment variables (`STELLAOPS_ORCH_QUOTA_REASON`, `STELLAOPS_ORCH_QUOTA_TICKET`) for automation.
|
||||
- Added dedicated `orch:backfill` scope. Tokens must include `backfill_reason` (≤256 chars) and `backfill_ticket` (≤128 chars); Authority persists them as `backfill.reason` / `backfill.ticket` claims and audit properties alongside operator metadata.
|
||||
- Tokens embedding `orch:quota` or `orch:backfill` expose the corresponding reason/ticket claims so downstream services and audit tooling can trace quota increases or emergency backfills.
|
||||
- Console, CLI, and configuration samples include the updated role plus environment variables (`STELLAOPS_ORCH_QUOTA_REASON`, `STELLAOPS_ORCH_QUOTA_TICKET`, `STELLAOPS_ORCH_BACKFILL_REASON`, `STELLAOPS_ORCH_BACKFILL_TICKET`) for automation.
|
||||
|
||||
**Why**
|
||||
|
||||
@@ -14,5 +15,5 @@ Quotas and replay backfills materially affect tenant isolation and platform capa
|
||||
**Actions**
|
||||
|
||||
1. Update Authority configuration/offline bundles to seed `Orch.Admin` role for the handful of ops identities that manage quotas.
|
||||
2. Adjust automation to pass `quota_reason`/`quota_ticket` when exchanging tokens for `orch:quota`.
|
||||
3. Monitor `authority.client_credentials.grant` records for the new `quota.*` audit properties when reviewing change windows.
|
||||
2. Adjust automation to pass `quota_reason`/`quota_ticket` when exchanging tokens for `orch:quota` and `backfill_reason`/`backfill_ticket` for `orch:backfill`.
|
||||
3. Monitor `authority.client_credentials.grant` records for the new `quota.*` and `backfill.*` audit properties when reviewing change windows.
|
||||
|
||||
Reference in New Issue
Block a user