SOLR-17584: Remove code and documentation for "trusted" configsets

[abumarjikar]

https://issues.apache.org/jira/browse/SOLR-17584

Description

This PR is targeting to remove use of trustedness check and references for configsets

Solution

The solution involved removing isConfigtrusted method and there references in other class wherever if check for trusted config flag

Tests

Please describe the tests you've developed or run to confirm this patch implements the feature or solves the problem.

Checklist

Please review the following and check all that apply:

• I have reviewed the guidelines for How to Contribute and my code conforms to the standards described there to the best of my ability.
• I have created a Jira issue and added the issue ID to my pull request title.
• I have given Solr maintainers access to contribute to my PR branch. (optional but recommended, not available for branches on forks living under an organisation)
• I have developed this patch against the main branch.
• I have run ./gradlew check.
• I have added tests for my changes.
• I have added documentation for the Reference Guide

[epugh]

Two questions, how this looks very much in the right direction!

[epugh]

I triggered the various tests... Can you update the link in the description to have teh JIRA? that is how we link the PR to the JIRA.

[dsmiley]

when posting a PR, please update the JIRA link. As to the rest of the PR template; remove it if you aren't going to fill it out (no judgement from me)

[gerlowskija]

This looks great @abumarjikar! I knew the "trustedness" plumbing needing removing, but I had no idea there was so much.

I left a few comments inline, that I'm curious for feedback on from you and others. But otherwise this looks close to committing IMO!

[dsmiley]

Wow there's a lot to the notion of a "trusted" configSet. So glad to see you rid us of this maintenance burden!

[dsmiley]

Are there any ref-guide updates to do? I would assume so.

At a minimum, an update to major-changes-in-solr-10.adoc with a new "Security" section to explain that there is no longer a distinction of trusted configSets. They are all trusted; Solr should be protected (with authentication, authorization, etc.) so that only trusted users publish them with administrative level permissions.

[abumarjikar]

@dsmiley Changes made in major changes doc file. Please review.
@gerlowskija and @epugh Please review the PR.

[dsmiley]

Thanks! And of course a CHANGES.txt entry under 10.0 "Other" section is needed too.

[dsmiley]

Looks good to me! I'm happy to merge tomorrow, or sooner if @gerlowskija +1s.

[gerlowskija]

LGTM - go for it @dsmiley !

Thanks for the PR @abumarjikar. (Not sure if this is your first PR, but if so, congrats!)

[abumarjikar]

Thanks @dsmiley and @gerlowskija for approval. @gerlowskija Thanks for considering the PR and Yes, this is my first PR.

One last thing for this PR, can i get the approval for workflows? I could see this is waiting for approval "4 workflows awaiting approval". I guess after this i can merge this PR.