nexus security clarification - add limitation warning to Option 3 encryption pattern#4626
nexus security clarification - add limitation warning to Option 3 encryption pattern#4626jsundai wants to merge 4 commits into
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
📖 Docs PR preview links
|
jsundai
changed the title
jsundai
changed the title
|
|
||
| This approach only works when the operation is passed as a string name. | ||
| For typed operations, pass the Nexus endpoint info through the workflow context instead of the wrapped input. | ||
| This requires a Nexus workflow outbound interceptor and a context-aware codec converter, and does not work with synchronous operations. |
There was a problem hiding this comment.
does not work with synchronous operations
Is this true? I don't have enough knowledge to know for sure, will need to get someone from the Nexus team to confirm
There was a problem hiding this comment.
I don't think we have a concept of a context-aware codec converter so I don't think this section is correct? Where did this information come from?
There was a problem hiding this comment.
i think it's referring to a custom implementation like this https://github.com/temporalio/saas-control-plane/blob/94dd6279177060599fef797d4fe647012b7e6f2d/services/codec/converter.go#L73-L86
There was a problem hiding this comment.
AH but that requires a whole customer DataConverter, not just a context-aware codec converter.
Co-authored-by: Xinyi Chen <xinyi.chen@temporal.io>
3 participants
What does this PR do?
warn about wrapper type incompatibility with typed operations
Notes to reviewers
┆Attachments: EDU-6438 nexus security clarification