[PR] feat(go): implement TCP/TLS connection in Go SDK [iggy]

[via GitHub]

avirajkhare00 opened a new pull request, #2869:
URL: https://github.com/apache/iggy/pull/2869

   Replace the stub 'TLS connection is not implemented yet' error with a full 
stdlib crypto/tls implementation:
     - ServerName derived from tlsDomain or extracted via net.SplitHostPort
     - InsecureSkipVerify controlled by tlsValidateCertificate config field
     - Optional custom CA cert pool loaded from tlsCAFile
     - tls.Client wrap + explicit Handshake with clean error propagation
   
     No external dependencies added (stdlib crypto/tls only), consistent with 
the Rust and Node.js TLS implementations.
   
     ## Which issue does this PR close?
   
     Closes #2824
   
     ## Rationale
   
     The Go SDK was the only client without a working TLS implementation. Any 
user trying to connect to a TLS-enabled iggy server from Go would get an 
immediate hard error at connection
     time.
   
     ## What changed?
   
     `tcp_core.go` had a single-line stub returning `errors.New("TLS connection 
is not implemented yet")`. The plain TCP path was already complete; TLS just 
needed to wrap the established
     connection.
   
     The fix wraps the `net.Conn` with `tls.Client()` after the plain TCP dial, 
derives `ServerName` from `tlsDomain` or falls back to `net.SplitHostPort`, 
respects `tlsValidateCertificate`
     for cert validation, and optionally loads a custom CA pool from 
`tlsCAFile`. All four existing config fields are now wired up with no new 
fields or dependencies added.
   
     ## Local Execution
   
     - `go build ./...` — passed
     - `golangci-lint run` — passed, 0 issues
     - BDD tests (Docker) — not run. Happy to add those tests if required.
   
     ## AI Usage
   
     1. **Tools:** Claude (claude-sonnet-4-6) via Claude Code + yoyo (local 
code-intelligence MCP server)
     2. **Scope:** Entire implementation. yoyo was used to read the existing 
codebase and cross-reference the Rust (`tcp_tls_connection_stream.rs`) and 
Node.js (`client.connection.ts`) TLS
     implementations. Claude generated the Go implementation based on those 
patterns.
     3. **Verification:** `go build ./...` and `golangci-lint run` both pass. 
The logic mirrors the working Rust and Node.js SDKs line-for-line in terms of 
intent.
     4. **Explainability:** Yes, every line is explainable. I don't know the 
iggy codebase deeply but I understand the Go TLS code fully.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscr...@iggy.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org