mirror of
https://github.com/maplibre/martin.git
synced 2024-12-19 04:41:46 +03:00
fbb282dcb7
This is a partial fix for #496 * BREAKING: Now Martin behaves the same way as `psql` -- by default, if SSL is available on the server, it will be used, even though it will not verify that the server has a valid SSL certificate * Martin now understands `PGSSLCERT`, `PGSSLKEY`, and `PGSSLROOTCERT` env vars (and corresponding config keys) - same as psql. * Martin can now process `?sslmode=verify-ca` and `verify-full` (just like psql). The verify modes require root and/or client cert & key. * remove `danger_accept_invalid_certs` -- turns out that behavior is expected by default unless ssl mode is set to verify - which upstream lib [does not support](https://github.com/sfackler/rust-postgres/issues/768) - PR [submitted](https://github.com/sfackler/rust-postgres/pull/988). * added connection_timeout_ms option for postgres and set it to 5 seconds by default. This way it will fail out earlier. * added error reporting to bb8 - but it is currently [broken upstream](https://github.com/djc/bb8/issues/151) - not sure we can fix it easily, so may need to switch to deadpool later. * added docker-based TLS test (horray!) - wasn't trivial at all, despite ending up fairly simple. |
||
|---|---|---|
| .. | ||
| workflows | ||
| dependabot.yml | ||
| FUNDING.yml | ||