Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add ssl config to postgres #36

Closed
wants to merge 5 commits into from
+57 −19
Closed

feat: add ssl config to postgres #36

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
ee18f52
feat: add ssl config to postgres
vishal-chdhry Jan 25, 2024
0fe57b1
Merge branch 'main' into pg-ssl
eddycharly Jan 25, 2024
e8298cc
Merge branch 'main' into pg-ssl
vishal-chdhry Jan 26, 2024
e94855d
fix: codegen
vishal-chdhry Jan 26, 2024
a0af018
chore: chart dependency update
vishal-chdhry Jan 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions charts/reports-server/Chart.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,5 @@ dependencies:
- name: postgresql
repository: oci://registry-1.docker.io/bitnamicharts
version: 13.4.1
digest: sha256:ac38b83c061b6851340ec78ea88bc2ac4a24d705235ebeeab2edc69ceb18f598
generated: "2024-01-23T21:13:53.879046+01:00"
digest: sha256:7cbc27b5bb538d7d09c4c5a5ea31bcc0628aa27fe4a5bdfb71dfca288b80bc89
generated: "2024-01-26T10:24:28.144328+05:30"
4 changes: 4 additions & 0 deletions charts/reports-server/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,10 @@ helm install reports-server --namespace reports-server --create-namespace report
| config.db.name | string | `"reportsdb"` | Database name |
| config.db.user | string | `"postgres"` | Database user |
| config.db.password | string | `"reports"` | Database password |
| config.db.sslmode | string | `"disable"` | Database SSL |
| config.db.sslrootcert | string | `""` | Database SSL root cert |
| config.db.sslkey | string | `""` | Database SSL key |
| config.db.sslcert | string | `""` | Database SSL cert |

## Source Code

Expand Down
4 changes: 4 additions & 0 deletions charts/reports-server/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,10 @@ spec:
- --dbname={{ .Values.config.db.name }}
- --dbuser={{ .Values.config.db.user }}
- --dbpassword={{ .Values.config.db.password }}
- --dbsslmode={{ .Values.config.db.sslmode }}
- --dbsslrootcert={{ .Values.config.db.sslrootcert }}
- --dbsslkey={{ .Values.config.db.sslkey }}
- --dbsslcert={{ .Values.config.db.sslcert }}
{{- end }}
- --cert-dir=/tmp
- --secure-port=4443
Expand Down
12 changes: 12 additions & 0 deletions charts/reports-server/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -149,3 +149,15 @@ config:

# -- Database password
password: reports

# -- Database SSL
sslmode: disable

# -- Database SSL root cert
sslrootcert: ""

# -- Database SSL key
sslkey: ""

# -- Database SSL cert
sslcert: ""
34 changes: 24 additions & 10 deletions pkg/app/opts/options.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,11 +33,17 @@ type Options struct {
ShowVersion bool
Debug bool
Kubeconfig string
DBHost string
DBPort int
DBUser string
DBPassword string
DBName string

// dbopts
DBHost string
DBPort int
DBUser string
DBPassword string
DBName string
DBSSLMode string
DBSSLRootCert string
DBSSLKey string
DBSSLCert string

// Only to be used to for testing
DisableAuthForTesting bool
Expand Down Expand Up @@ -67,6 +73,10 @@ func (o *Options) Flags() (fs flag.NamedFlagSets) {
msfs.StringVar(&o.DBUser, "dbuser", "postgres", "Username to login into postgres")
msfs.StringVar(&o.DBPassword, "dbpassword", "password", "Password to login into postgres")
msfs.StringVar(&o.DBName, "dbname", "reportsdb", "Name of the database to store policy reports in")
msfs.StringVar(&o.DBSSLMode, "dbsslmode", "disable", "SSL mode of the postgres database.")
msfs.StringVar(&o.DBSSLRootCert, "dbsslrootcert", "", "Path to database root cert.")
msfs.StringVar(&o.DBSSLKey, "dbsslkey", "", "Path to database ssl key.")
msfs.StringVar(&o.DBSSLCert, "dbsslcert", "", "Path to database ssl cert.")

o.SecureServing.AddFlags(fs.FlagSet("apiserver secure serving"))
o.Authentication.AddFlags(fs.FlagSet("apiserver authentication"))
Expand Down Expand Up @@ -101,11 +111,15 @@ func (o Options) ServerConfig() (*server.Config, error) {
}

dbconfig := &db.PostgresConfig{
Host: o.DBHost,
Port: o.DBPort,
User: o.DBUser,
Password: o.DBPassword,
DBname: o.DBName,
Host: o.DBHost,
Port: o.DBPort,
User: o.DBUser,
Password: o.DBPassword,
DBname: o.DBName,
SSLMode: o.DBSSLMode,
SSLRootCert: o.DBSSLRootCert,
SSLKey: o.DBSSLKey,
SSLCert: o.DBSSLCert,
}

return &server.Config{
Expand Down
18 changes: 11 additions & 7 deletions pkg/storage/db/new.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,15 +70,19 @@ func (p *postgresstore) Ready() bool {
}

type PostgresConfig struct {
Host string
Port int
User string
Password string
DBname string
Host string
Port int
User string
Password string
DBname string
SSLMode string
SSLRootCert string
SSLKey string
SSLCert string
}

func (p PostgresConfig) String() string {
return fmt.Sprintf("host=%s port=%d user=%s "+
"password=%s dbname=%s sslmode=disable",
p.Host, p.Port, p.User, p.Password, p.DBname)
"password=%s dbname=%s sslmode=%s sslrootcert=%s sslkey=%s sslcert=%s",
p.Host, p.Port, p.User, p.Password, p.DBname, p.SSLMode, p.SSLRootCert, p.SSLKey, p.SSLCert)
}
Loading