From 8582b570a5fe1e971886d77fcdbc94754c4f4fb9 Mon Sep 17 00:00:00 2001 From: Magic Cat Date: Mon, 17 Apr 2023 13:21:49 +0700 Subject: [PATCH 1/5] add optional db SSL mode handling --- database/config/config.go | 10 +++++++++- database/postgresql/postgresql.go | 14 +++++++++++++- types/env/const.go | 6 +++++- 3 files changed, 27 insertions(+), 3 deletions(-) diff --git a/database/config/config.go b/database/config/config.go index 42fd4bc6..e0ec795b 100644 --- a/database/config/config.go +++ b/database/config/config.go @@ -8,6 +8,10 @@ type Config struct { MaxIdleConnections int `yaml:"max_idle_connections"` PartitionSize int64 `yaml:"partition_size"` PartitionBatchSize int64 `yaml:"partition_batch"` + SSLModeEnable string `yaml:"ssl_mode_enable"` + SSLRootCert string `yaml:"ssl_root_cert"` + SSLCert string `yaml:"ssl_cert"` + SSLKey string `yaml:"ssl_key"` } func (c *Config) getURL() *url.URL { @@ -44,7 +48,7 @@ func (c *Config) GetSSLMode() string { } func NewDatabaseConfig( - url string, + url, sslModeEnable, sslRootCert, sslCert, sslKey string, maxOpenConnections int, maxIdleConnections int, partitionSize int64, batchSize int64, ) Config { @@ -54,6 +58,10 @@ func NewDatabaseConfig( MaxIdleConnections: maxIdleConnections, PartitionSize: partitionSize, PartitionBatchSize: batchSize, + SSLModeEnable: sslModeEnable, + SSLRootCert: sslRootCert, + SSLCert: sslCert, + SSLKey: sslKey, } } diff --git a/database/postgresql/postgresql.go b/database/postgresql/postgresql.go index 8e6df0c5..6c33db18 100644 --- a/database/postgresql/postgresql.go +++ b/database/postgresql/postgresql.go @@ -24,7 +24,19 @@ import ( // from config. It returns a database connection handle or an error if the // connection fails. func Builder(ctx *database.Context) (database.Database, error) { - postgresDb, err := sqlx.Open("postgres", utils.GetEnvOr(env.DatabaseURI, ctx.Cfg.URL)) + dbURI := utils.GetEnvOr(env.DatabaseURI, ctx.Cfg.URL) + dbEnableSSL := utils.GetEnvOr(env.DatabaseSSLModeEnable, ctx.Cfg.SSLModeEnable) + + // Configure SSL certificates (optional) + if dbEnableSSL == "true" { + dbRootCert := utils.GetEnvOr(env.DatabaseSSLRootCert, ctx.Cfg.SSLRootCert) + dbCert := utils.GetEnvOr(env.DatabaseSSLCert, ctx.Cfg.SSLCert) + dbKey := utils.GetEnvOr(env.DatabaseSSLKey, ctx.Cfg.SSLKey) + dbURI += fmt.Sprintf(" sslmode=require sslrootcert=%s sslcert=%s sslkey=%s", + dbRootCert, dbCert, dbKey) + } + + postgresDb, err := sqlx.Open("postgres", dbURI) if err != nil { return nil, err } diff --git a/types/env/const.go b/types/env/const.go index 09c3f9ec..adf370d6 100644 --- a/types/env/const.go +++ b/types/env/const.go @@ -1,5 +1,9 @@ package env const ( - DatabaseURI = "JUNO_DATABASE_URL" + DatabaseURI = "JUNO_DATABASE_URL" + DatabaseSSLModeEnable = "false" + DatabaseSSLRootCert = "" + DatabaseSSLCert = "" + DatabaseSSLKey = "" ) From 4a974c46b6f58f20c141da7b270667a887617aac Mon Sep 17 00:00:00 2001 From: Magic Cat Date: Mon, 17 Apr 2023 13:22:31 +0700 Subject: [PATCH 2/5] updated default db config --- database/config/config.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/database/config/config.go b/database/config/config.go index e0ec795b..e4b29856 100644 --- a/database/config/config.go +++ b/database/config/config.go @@ -69,6 +69,10 @@ func NewDatabaseConfig( func DefaultDatabaseConfig() Config { return NewDatabaseConfig( "postgresql://user:password@localhost:5432/database-name?sslmode=disable&search_path=public", + "false", + "", + "", + "", 1, 1, 100000, From 41faf816f48dd821e393e26580015df582f657df Mon Sep 17 00:00:00 2001 From: Magic Cat Date: Mon, 17 Apr 2023 13:56:02 +0700 Subject: [PATCH 3/5] updated db tests --- database/postgresql/postgresql_test.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/database/postgresql/postgresql_test.go b/database/postgresql/postgresql_test.go index 96e15db3..104172db 100644 --- a/database/postgresql/postgresql_test.go +++ b/database/postgresql/postgresql_test.go @@ -34,6 +34,10 @@ func (suite *DbTestSuite) SetupTest() { // Build the database dbCfg := databaseconfig.NewDatabaseConfig( "postgres://bdjuno:password@localhost:6433/bdjuno?sslmode=disable&search_path=public", + "false", + "", + "", + "", -1, -1, 100000, From db641f3ac4895869a4cd568726c615804096e842 Mon Sep 17 00:00:00 2001 From: Magic Cat Date: Mon, 17 Apr 2023 13:57:44 +0700 Subject: [PATCH 4/5] added CHANGELOG.md entry --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d69e0262..b21194fd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,7 @@ ## Unreleased ### Changes - ([\#93](https://github.com/forbole/juno/pull/93)) Decode IBC transfer data to JSON for `/ibc.core.channel.v1.MsgRecvPacket` message - +- ([\#94](https://github.com/forbole/juno/pull/94)) Added TSL support when connecting to database ## v4.1.0 ### Changes From 97676ac49f4168bf631bd062990c9d53912a1489 Mon Sep 17 00:00:00 2001 From: Magic Cat <37407870+MonikaCat@users.noreply.github.com> Date: Mon, 17 Apr 2023 20:38:20 +0800 Subject: [PATCH 5/5] Update types/env/const.go Co-authored-by: Riccardo --- types/env/const.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/types/env/const.go b/types/env/const.go index adf370d6..fe97f78c 100644 --- a/types/env/const.go +++ b/types/env/const.go @@ -2,8 +2,8 @@ package env const ( DatabaseURI = "JUNO_DATABASE_URL" - DatabaseSSLModeEnable = "false" - DatabaseSSLRootCert = "" - DatabaseSSLCert = "" - DatabaseSSLKey = "" + DatabaseSSLModeEnable = "JUNO_DATABASE_SSL_MODE_ENABLED" + DatabaseSSLRootCert = "JUNO_DATABASE_SSL_ROOT_CERT" + DatabaseSSLCert = "JUNO_DATABASE_SSL_CERT" + DatabaseSSLKey = "JUNO_DATABASE_SSL_KEY" )