tracking: Custom SSL certificate with secret

[st1page]

After #17456, RisingWave has gained a certain level of capability in managing certificates for administration. User can write options like xxx.location = SECRET yyy AS FILE. But there is still work to be done to support SSL configurations with secrets in different places.

We at least need to prioritize support for the following distinct requirements, and then additional connectors can be supplemented as needed afterward. We should provide support for the following and add corresponding tests and docs.

• Source
  • Kafka
  • MySQL
  • Postgres CDC: allow user specify a cert via SECRET and support verify-full sslmode #17785
• Sink
  • Kafka
  • MySQL
  • PostgreSQL
• schema registry
  • SSL configurations is not supported for schema registry #17173

[BugenZhao]

Also link to #17202

[fuyufjh]

cc. @tabVersion Can you please help to support SECRET in those connectors that already has SSL support? such as Kafka.

[github-actions]

This issue has been open for 60 days with no activity.

If you think it is still relevant today, and needs to be done in the near future, you can comment to update the status, or just manually remove the no-issue-activity label.

You can also confidently close this issue as not planned to keep our backlog clean.
Don't worry if you think the issue is still valuable to continue in the future.
It's searchable and can be reopened when it's time. 😄