hasura/graphql-engine
1
0
Fork 0
mirror of https://github.com/hasura/graphql-engine.git synced 2024-12-14 08:02:15 +03:00
Code Issues Projects Releases Wiki Activity

PG SSL-cert maybe fields

Browse Source 
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4767
GitOrigin-RevId: 042fa622c6f208cf72fee40acee28e87ebcf1f67
This commit is contained in:
Lyndon Maydwell 2022-06-28 11:25:03 +10:00 committed by hasura-bot
parent 2f3ae93ab0
commit ab8369bdcf
4 changed files with 24 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@ -71,6 +71,9 @@ Event Triggers support has been added for MS SQL Server. Now, you can invoke ext
- console: introduce new table relationships UI in alpha
- cli: fix performance regression with large metadata in `metadata apply`
- cli: fix error reporting in `metadata apply` command (#8280)
- server: query runtime performance optimizations
- server: fix bug that had disabled expression-based indexes in Postgress variants (fix Zendesk 5146)
- server: add optionality to additional postgres-client-cert fields: sslcert, sslkey and sslpassword
## v2.8.1

8
docs-old/graphql/core/api-reference/syntax-defs.rst
View File

@ -312,20 +312,20 @@ PGCertSettings
- ``String``
- The SSL connection mode. See the libpq ssl `support docs <https://www.postgresql.org/docs/9.1/libpq-ssl.html>` for more details.
* - sslrootcert
- true
- false
- FromEnv_
- Environment variable which stores trusted certificate authorities.
* - sslcert
- true
- false
- FromEnv_
- Environment variable which stores the client certificate.
* - sslkey
- true
- false
- FromEnv_
- Environment variable which stores the client private key.
* - sslpassword
- false
- ``String`` | FromEnv_
- FromEnv_
- Password in the case where the sslkey is encrypted.
.. _MsSQLPoolSettings:

14
docs/docs/graphql/core/api-reference/syntax-defs.mdx
View File

@ -155,13 +155,13 @@ keywords:
## PGCertSettings {#pgcertsettings}
| Key | Required | Schema | Description |
|-------------|----------|---------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------|
| sslmode | true | `String` | The SSL connection mode. See the libpq ssl [support docs](https://www.postgresql.org/docs/9.1/libpq-ssl.html) for more details. |
| sslrootcert | true | [FromEnv](#fromenv) | Environment variable which stores trusted certificate authorities. |
| sslcert | true | [FromEnv](#fromenv) | Environment variable which stores the client certificate. |
| sslkey | true | [FromEnv](#fromenv) | Environment variable which stores the client private key. |
| sslpassword | false | `String` \| [FromEnv](#fromenv) | Password in the case where the sslkey is encrypted. |
| Key | Required | Schema | Description |
|-------------|----------|-----------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------|
| sslmode | true | `String` | The SSL connection mode. See the libpq ssl [support docs](https://www.postgresql.org/docs/9.1/libpq-ssl.html) for more details. |
| sslrootcert | false | [FromEnv](#fromenv) | Environment variable which stores trusted certificate authorities. |
| sslcert | false | [FromEnv](#fromenv) | Environment variable which stores the client certificate. |
| sslkey | false | [FromEnv](#fromenv) | Environment variable which stores the client private key. |
| sslpassword | false | [FromEnv](#fromenv) | Password in the case where the sslkey is encrypted. |
## MsSQLPoolSettings {#mssqlpoolsettings}

23
server/src-lib/Hasura/Backends/Postgres/Connection/Settings.hs
View File

@ -152,9 +152,8 @@ instance FromJSON SSLMode where
"verify-full" -> pure VerifyFull
err -> fail $ "Invalid SSL Mode " <> unpack err
data CertVar
newtype CertVar
= CertVar String
| CertLiteral String
deriving (Show, Eq, Generic)
instance Cacheable CertVar
@ -165,11 +164,9 @@ instance NFData CertVar
instance ToJSON CertVar where
toJSON (CertVar var) = (object ["from_env" .= var])
toJSON (CertLiteral var) = String (T.pack var)
instance FromJSON CertVar where
parseJSON (String s) = pure (CertLiteral (T.unpack s))
parseJSON x = withObject "CertVar" (\o -> CertVar <$> o .: "from_env") x
parseJSON = withObject "CertVar" (\o -> CertVar <$> o .: "from_env")
newtype CertData = CertData {unCert :: Text}
deriving (Show, Eq, Generic)
@ -178,16 +175,16 @@ instance ToJSON CertData where
toJSON = String . unCert
data PGClientCerts p a = PGClientCerts
{ pgcSslCert :: a,
pgcSslKey :: a,
pgcSslRootCert :: a,
{ pgcSslCert :: Maybe a,
pgcSslKey :: Maybe a,
pgcSslRootCert :: Maybe a,
pgcSslMode :: SSLMode,
pgcSslPassword :: Maybe p
}
deriving (Show, Eq, Generic, Functor, Foldable, Traversable)
$(deriveFromJSON (aesonDrop 3 (fmap toLower)) ''PGClientCerts)
$(deriveToJSON (aesonDrop 3 (fmap toLower)) ''PGClientCerts)
$(deriveToJSON (aesonDrop 3 (fmap toLower)) {omitNothingFields = True} ''PGClientCerts)
instance Bifunctor PGClientCerts where
bimap f g oldCerts@(PGClientCerts {pgcSslPassword}) =
@ -196,16 +193,16 @@ instance Bifunctor PGClientCerts where
instance Bifoldable PGClientCerts where
bifoldMap f g PGClientCerts {..} =
let gs = foldMap g [pgcSslCert, pgcSslKey, pgcSslRootCert]
let gs = foldMap (foldMap g) [pgcSslCert, pgcSslKey, pgcSslRootCert]
fs = foldMap f pgcSslPassword
in gs <> fs
instance Bitraversable PGClientCerts where
bitraverse f g PGClientCerts {..} =
PGClientCerts
<$> g pgcSslCert
<*> g pgcSslKey
<*> g pgcSslRootCert
<$> traverse g pgcSslCert
<*> traverse g pgcSslKey
<*> traverse g pgcSslRootCert
<*> pure pgcSslMode
<*> traverse f pgcSslPassword