Skip to content

feat(grpc) Add channel credentials API + Insecure credentials #2495

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
arjan-bal wants to merge 13 commits into
base: master
Choose a base branch
from
Open

feat(grpc) Add channel credentials API + Insecure credentials #2495

arjan-bal wants to merge 13 commits into from
+848 −32

Conversation

@arjan-bal
Copy link
Collaborator

@arjan-bal arjan-bal commented Feb 4, 2026
edited
Loading

This change introduces a channel credentials API to abstract over TLS/Insecure/Local credentials. Implementations for TLS and local credentials will follow in future PRs.

Key Changes

  • Renamed rt::TcpStream to GrpcEndpoint to reflect a more generic connection interface.
  • GrpcEndpoint is now sealed. This allows us to change the API in the future (e.g., to align with gRPC C++) without breaking changes. This restricts implementations of rt::Runtime and channel credentials to the grpc crate.

Other changes

  • Most credential components are pub(crate) as users can't to implement them due to GrpcEndpoint trait being sealed.
  • Restricted the rt module to pub(crate) and exposed Runtime as pub to resolve private_bounds lints when using runtime types in pub APIs.

@arjan-bal arjan-bal requested review from dfawley and sauravzg February 4, 2026 20:32
@arjan-bal arjan-bal assigned dfawley and sauravzg and unassigned sauravzg Feb 4, 2026
sauravzg
sauravzg reviewed Feb 5, 2026
View reviewed changes
sauravzg
sauravzg reviewed Feb 5, 2026
View reviewed changes
sauravzg
sauravzg reviewed Feb 5, 2026
View reviewed changes
sauravzg
sauravzg reviewed Feb 5, 2026
View reviewed changes
sauravzg
sauravzg reviewed Feb 9, 2026
View reviewed changes
grpc/src/credentials/dyn_wrapper.rs
@@ -0,0 +1,132 @@
/*
Copy link
Collaborator

@sauravzg sauravzg Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this file need unit test coverage to verify the blanket implementation?

Copy link
Collaborator Author

@arjan-bal arjan-bal Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added tests for the client creds wrapper, will add tests for the server side after making the required additions in the Runtime trait.

sauravzg
sauravzg reviewed Feb 9, 2026
View reviewed changes
grpc/src/credentials/insecure.rs
@@ -0,0 +1,134 @@
/*
Copy link
Collaborator

@sauravzg sauravzg Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unit tests

Copy link
Collaborator Author

@arjan-bal arjan-bal Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added tests for the client side. I realized that the Runtime trait lacks methods to create TCP listeners, which are required to test the server-side logic. I will add these methods in a follow-up PR, along with tests for insecure and type-erased server credentials.

sauravzg
sauravzg reviewed Feb 9, 2026
View reviewed changes
grpc/src/credentials/dyn_wrapper.rs Outdated
String,
> {
let (stream, sec_info) =
SendFuture::send(self.connect(authority, source, info, runtime)).await?;
Copy link
Collaborator

@sauravzg sauravzg Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: Shouldn't we be able to do self.connect(...).send().await?;

Copy link
Collaborator Author

@arjan-bal arjan-bal Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that works. Changed.

sauravzg
sauravzg approved these changes Feb 9, 2026
View reviewed changes
Copy link
Collaborator

@sauravzg sauravzg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR looks good overall. Please address the comments about unit test.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sauravzg sauravzg sauravzg approved these changes

@dfawley dfawley Awaiting requested review from dfawley

Assignees

@dfawley dfawley

@sauravzg sauravzg

Labels

A-grpc-next

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@arjan-bal @sauravzg @dfawley