Feature #55640
closedmake lua scripting optional
30%
Description
- Make Lua scripting, the runtime- and the compiletime-dependency optional
- Introduce a compile-time flag for enabling/disabling it via the build system
- Make sure disabling Lua scripting automatically also disables Lua packages, but not vice versa
- Keep backwards-compatible defaults
The RGW supports executing Lua scripts on either the pre-request hook or the post-request hook.
Optionally, it can also support loading Lua packages in addition to what the Lua standart library supports
for use in these Lua scripts, but this feature must be enabled at compile time.
There are however also benefits to making the entire Lua scripting feature optional, enabled or disabled by compile time flags.
For one, the minimum requirements to build the RGW in any capacity shrink a bit. Also the runtime requirement of the Lua runtime
can be removed, if desired. In high-security environments, the Lua feature may be a problem and last but not least, reducing the
minimal requirements for building and developing ceph may help the community.
Updated by Moritz Roehrich almost 2 years ago
I'd like to work on this. I have done some work already and produced a build that does not depend on Lua at runtime or at compile time. What's left to do is cleanup and documentation, possibly tests also.
Updated by Casey Bodley almost 2 years ago
- Status changed from New to Fix Under Review
- Tags set to lua
- Pull request ID set to 46282
Updated by Yuval Lifshitz over 1 year ago
- Assignee changed from Yuval Lifshitz to Moritz Roehrich
Updated by Casey Bodley 8 days ago
- Status changed from Fix Under Review to Rejected
the attached pull request closed a year ago
i personally don't see much benefit to disabling lua at compile time. it's not a heavy-weight dependency, and other components in ceph depended on this before rgw did
lua scripts can only be added to rgw using radosgw-admin commands, so the admin has full control over their use and can avoid them where desired. if we ever add user-facing scripting functionality, admins should absolutely have the ability to disable that
closing for now, but feel free to reopen with further motivation