This patch adds TLS support for GrpcServer and AsyncGrpcClient by
implementing `GrpcCredentialsProvider` and using that to get channel
credentials. It adds `FlowGrpc` which is a flow global instance, and
initializes TLS credentials that are consistent with the ones provided
to FlowTransport.
- Added `FlowGrpc` to manage gRPC server initialization and TLS
configuration globally.
- `GrpcCredentialsProvider` abstracts secure/insecure communications
configurations for server/clients.
- Introduced `GrpcTlsCredentialProvider` for dynamic TLS certificate
reloading from filesystem and `GrpcTlsCredentialStaticProvider` for
static in-memory credentials.
- Updated `GrpcServer` to accept a `GrpcCredentialProvider`, enabling
dynamic TLS credential management.
- Modified `fdbserver` to use `FlowGrpc::init()` for gRPC server
initialization instead of `GrpcServer::initInstance()`, aligning it
with FlowTransport behavior.
- Modified `GrpcServer::run()` to use the provided
`GrpcCredentialProvider` instead of hardcoded insecure credentials.
Testing:
- Implemented a basic mTLS test case (`/fdbrpc/grpc/basic_tls`) to
verify secure gRPC connections using
`GrpcTlsCredentialStaticProvider`.
Todo:
- Generate certificates during testruns instead statically.
- Add test for `GrpcTlsCredentialProvider` which reads keys/certs from
filesystem and monitors changes.
- Verify peers rules/criterias like FDB --verify-peer feature.
38b7d6ff66