feat(docs): security demos and connector docs update#35124
Open
sheyanjie-qq wants to merge 2 commits intomainfrom
Open
feat(docs): security demos and connector docs update#35124sheyanjie-qq wants to merge 2 commits intomainfrom
sheyanjie-qq wants to merge 2 commits intomainfrom
Conversation
sheyanjie-qq
requested review from
a team,
guanshengliang and
zitsen
as code owners
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Code Review
This pull request introduces comprehensive security documentation and a Java demo project for TDengine connectors, focusing on SSL/TLS configuration, token-based authentication, and dynamic token rotation with Nacos. The review feedback highlights several necessary corrections, including fixing incorrect parameter names in Node.js DSN examples, correcting an invalid Jackson version in the Maven configuration, and repairing broken relative links in the Chinese documentation.
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds end-to-end documentation and runnable Java demo code to illustrate TDengine connector security practices (Token auth + SSL/TLS) and token rotation patterns, and then links those guides from existing connector reference docs.
Changes:
- Added new zh/en security guides: connector-security-best-practices and ssl-configuration-guide.
- Added JDBC security demo implementations (pool + TMQ rotation, Nacos integration) plus unit tests and a validation report.
- Updated zh/en Java connector and TMQ docs to reference token/SSL guidance.
Reviewed changes
Copilot reviewed 19 out of 20 changed files in this pull request and generated 10 comments.
Show a summary per file
| File | Description |
|---|---|
| TEST-VALIDATION.md | Adds a test/validation report for the new security demo utilities and scenarios. |
| docs/zh/14-reference/05-connector/14-java.mdx | Adds links/warnings to the new security best-practices content for token + SSL. |
| docs/en/14-reference/05-connector/14-java.md | Adds links to the new security best-practices content for token + SSL. |
| docs/zh/07-develop/ssl-configuration-guide.md | New server-side SSL/TLS configuration guide (zh). |
| docs/en/07-develop/ssl-configuration-guide.md | New server-side SSL/TLS configuration guide (en). |
| docs/zh/07-develop/connector-security-best-practices.md | New connector security best-practices guide (zh), including language examples. |
| docs/en/07-develop/connector-security-best-practices.md | New connector security best-practices guide (en), including language examples. |
| docs/zh/07-develop/07-tmq.md | Clarifies TMQ token vs user/pass configuration guidance (zh). |
| docs/en/07-develop/07-tmq.md | Clarifies TMQ token vs user/pass configuration guidance (en). |
| docs/examples/JDBC/JDBCDemo/src/main/java/com/taos/example/security/*.java | Adds runnable Java demos and shared helpers for secure JDBC/TMQ token rotation. |
| docs/examples/JDBC/JDBCDemo/src/test/java/com/taos/example/security/NacosSecurityDemoTest.java | Adds unit tests for the security utility helpers. |
| docs/examples/JDBC/JDBCDemo/pom.xml | Adds/updates dependencies to support the demos (Nacos + logging + tests). |
| docs/examples/JDBC/JDBCDemo/certs/README.md | Adds instructions for generating demo certs/truststore. |
| docs/examples/JDBC/JDBCDemo/certs/.gitignore | Ensures generated cert artifacts are not committed. |
| docs/examples/JDBC/JDBCDemo/.env.example | Adds an environment variable template for running the demos. |
| .gitignore | Updates ignore rules related to debug coverage output. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
sheyanjie-qq
force-pushed
the
docs/6658900952
branch
from
0eb9eb2 to
913e515
Compare
- add JDBC security demo implementations and rotation helpers (SecurityPoolDemo, SecurityTmqDemo, NacosSecurityDemo, SecurityUtils, TmqRotationManager) - add validation artifacts (NacosSecurityDemoTest and TEST-VALIDATION.md) - add new zh/en security guides: connector-security-best-practices and ssl-configuration-guide - sync zh/en TMQ and Java connector reference docs for token/SSL guidance - add demo env/cert support files and related project config updates
sheyanjie-qq
force-pushed
the
docs/6658900952
branch
from
913e515 to
bb7e911
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 18 out of 19 changed files in this pull request and generated 9 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- fix NacosSecurityDemo TMQ rotation call to pass currentToken for duplicate-token guard - tighten step1 token validation and remove shaded StringUtil dependency - align SecurityUtils masking/auth detection with tests and rename test class accordingly - sync zh/en connector-security-best-practices Node.js token and REST API examples - refine demo env and pool/rotation guard checks
Contributor
Author
|
失败用例与本次修改无关 
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
add JDBC security demo implementations and rotation helpers (SecurityPoolDemo, SecurityTmqDemo, NacosSecurityDemo, SecurityUtils, TmqRotationManager)
add validation artifacts (NacosSecurityDemoTest and TEST-VALIDATION.md)
add new zh/en security guides: connector-security-best-practices and ssl-configuration-guide
sync zh/en TMQ and Java connector reference docs for token/SSL guidance
add demo env/cert support files and related project config updates
Issue(s)
Checklist
Please check the items in the checklist if applicable.