-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support setting ssl client certificate information via environment variables #574
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great!
I would love to see an automated test at some point.
root_certificate, | ||
}) | ||
} | ||
_ => None, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we log a warning if some, but not all, are None
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will create a ticket.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice!
What
We'd like to support setting ssl certificate information via environment variables.
How
get_connect_options
, which will read both the uri and the ssl information, and use it andconnect_with
everywhere instead ofconnect
with just theuri
. We make sure all operations using configuration version 5 including the connector and the cli useget_connect_options
(except tests).client_cert
,client_key
androot_cert
from the environment and put them directly into the sqlx connection options.How we tested this
We used this article as a guide on how to set up postgres+certs with docker.
After running all of the commands, we had to do the following as well:
Then, we added the following environment variables:
Initialized and updated the connector:
Added a native query:
Started the connector:
CONNECTION_URI="postgresql://postgres:postgres@localhost:64009/postgres?sslmode=verify-ca" target/debug/ndc-postgres serve --configuration /tmp/ssltest
And ran a query: