Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support PostgreSQL connection with SSL #1243 #1244

Merged
merged 52 commits into from
Mar 14, 2025
+303 −30
Merged

Support PostgreSQL connection with SSL #1243 #1244

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
52 commits
Select commit Hold shift + click to select a range
bbb2e66
docs(disclaimer): remove disclaimer
LinkinStars Jan 13, 2025
5886c1e
build(release): remove DISCLAIMER file from release assets
LinkinStars Jan 13, 2025
0fd7e81
build(ci): update action upload-artifact to v4
LinkinStars Feb 6, 2025
17f8895
front end and backend added for the feature
unical1988 Feb 6, 2025
4680ad4
added visual components and linked to the backend, TODO: testing
unical1988 Feb 7, 2025
90af293
added changeCallback for select component, TODO: testing
unical1988 Feb 7, 2025
2a5710f
fixed select component, TODO: testing
unical1988 Feb 7, 2025
e40e299
checkbox and select are in two seperated form groups, TODO: testing
unical1988 Feb 8, 2025
e058e76
Select now in react bootstrap format, TODO: testing
unical1988 Feb 8, 2025
3948f70
check in checkbox not radio now in react bootstrap, TODO: testing
unical1988 Feb 8, 2025
aaf9bb6
chcked var removed, TODO: testing
unical1988 Feb 8, 2025
8b56599
few other frontend fixes, TODO: testing
unical1988 Feb 8, 2025
ed7b120
few other frontend fixes, TODO: testing
unical1988 Feb 8, 2025
919c87b
few other frontend fixes: select options population error fixed and s…
unical1988 Feb 8, 2025
98b5f80
few other frontend fixes: added three input text fields for the ssl f…
unical1988 Feb 9, 2025
58e6b2a
added postgres files to the backend
unical1988 Feb 9, 2025
59f0496
removed unused files
unical1988 Feb 10, 2025
e302026
added translations for simplified chinese and american languages
unical1988 Feb 10, 2025
f165177
added ssl_mode var to backend
unical1988 Feb 11, 2025
066a0d4
ssl_enabled is boolean
unical1988 Feb 14, 2025
86c270e
ssl_modes include verify-all
unical1988 Feb 14, 2025
5a8118d
small marging for label of ssl checkbox
unical1988 Feb 14, 2025
6ee1cdb
ssl_modes include verify-all 2
unical1988 Feb 14, 2025
550d1d8
checkValidated logic check
unical1988 Feb 19, 2025
61070b1
checkValidated logic check: now working
unical1988 Feb 19, 2025
0a2fd3e
ssl mode name corrected
unical1988 Feb 24, 2025
cab4102
bug of database checked ok
unical1988 Feb 24, 2025
f12bf74
bug of database checked ok
unical1988 Feb 24, 2025
cf3f468
prettier enabled
unical1988 Feb 24, 2025
52b00ef
file paths check bug set
unical1988 Feb 24, 2025
c36b80f
file paths check bug set
unical1988 Feb 24, 2025
e67a45f
file paths check bug set 2
unical1988 Feb 24, 2025
e23d10f
file paths check bug set 2
unical1988 Feb 24, 2025
725c6fd
prettier enabled
unical1988 Feb 24, 2025
286bd4b
SSL file paths fixed
unical1988 Feb 25, 2025
c17a136
SSLMode with certificates, OK
unical1988 Feb 25, 2025
b276c51
config file bug fixed
unical1988 Feb 26, 2025
51156a8
format of second step index and removal of ui compile file
unical1988 Feb 27, 2025
fcb541f
format of install index file
unical1988 Feb 27, 2025
ca94415
Changed Checkbox to Switch
unical1988 Feb 28, 2025
8aa2243
Checksum Logic adjusted to check for certifs only if ssl_enabled is true
unical1988 Feb 28, 2025
082a39e
ErrorMsg displays on validation fail for certif files
unical1988 Feb 28, 2025
5a73a91
ErrorMsg displays on validation fail for certif files (seperate error…
unical1988 Feb 28, 2025
d64d14c
ErrorMsg displays on validation fail for certif files (seperate error…
unical1988 Feb 28, 2025
fbf65dd
added postgres db check for checksum logic
unical1988 Mar 4, 2025
e5778c1
added form label for ssl_enabled
unical1988 Mar 5, 2025
d8ba161
UI exception fixed with 3 form groups instead
unical1988 Mar 5, 2025
e419bbf
re-initialize relevant values after switching ssl_enabled
unical1988 Mar 5, 2025
9cff793
dynamic label for switch button added
unical1988 Mar 6, 2025
55baf9a
dynamic label for switch button added with translations
unical1988 Mar 6, 2025
a6cf7b4
removed className from inner Form.Groups and changed label to ENable SSL
unical1988 Mar 7, 2025
f11ec86
adjusted backend logic with customized messages when certifs not prov…
unical1988 Mar 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/build-binary-for-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ jobs:
args: release --clean --skip=validate
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- uses: actions/upload-artifact@v3
- uses: actions/upload-artifact@v4
with:
name: answer
path: ./dist/*
2 changes: 0 additions & 2 deletions .goreleaser.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,8 +65,6 @@ archives:
dst: NOTICE
- src: "docs/release/licenses/*"
dst: licenses/
- src: "DISCLAIMER"
dst: DISCLAIMER
wrap_in_directory: true
checksum:
name_template: 'checksums.txt'
Expand Down
10 changes: 0 additions & 10 deletions DISCLAIMER
View file
Open in desktop

This file was deleted.

6 changes: 6 additions & 0 deletions configs/config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,12 @@ data:
connection: "/data/sqlite3/answer.db"
cache:
file_path: "/data/cache/cache.db"
ssl:
enabled: "no"
mode: "require"
ssl_cert_file: "/data/cache/ssl/certs/server-ca.pem"
ssl_key_file: "/data/cache/ssl/certs/client-cert.pem"
ssl_client_cert_file: "/data/cache/ssl/certs/client-key.pem"
i18n:
bundle_dir: "/data/i18n"
swaggerui:
Expand Down
41 changes: 33 additions & 8 deletions internal/install/install_req.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,9 @@ package install

import (
"fmt"
"log"
"net/url"
"os"
"strings"

"github.com/apache/answer/internal/base/reason"
Expand All @@ -40,12 +42,17 @@ type CheckConfigFileResp struct {

// CheckDatabaseReq check database
type CheckDatabaseReq struct {
DbType string `validate:"required,oneof=postgres sqlite3 mysql" json:"db_type"`
DbUsername string `json:"db_username"`
DbPassword string `json:"db_password"`
DbHost string `json:"db_host"`
DbName string `json:"db_name"`
DbFile string `json:"db_file"`
DbType string `validate:"required,oneof=postgres sqlite3 mysql" json:"db_type"`
DbUsername string `json:"db_username"`
DbPassword string `json:"db_password"`
DbHost string `json:"db_host"`
DbName string `json:"db_name"`
DbFile string `json:"db_file"`
Ssl bool `json:"ssl_enabled"`
SslMode string `json:"ssl_mode"`
SslCrt string `json:"server-ca.pem"`
SslKey string `json:"client-cert.pem"`
SslCrtClient string `json:"client-key.pem"`
}

// GetConnection get connection string
Expand All @@ -59,8 +66,26 @@ func (r *CheckDatabaseReq) GetConnection() string {
}
if r.DbType == string(schemas.POSTGRES) {
host, port := parsePgSQLHostPort(r.DbHost)
return fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=disable",
host, port, r.DbUsername, r.DbPassword, r.DbName)
if !r.Ssl {
return fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=disable",
host, port, r.DbUsername, r.DbPassword, r.DbName)
//supporting two sslmodes (to be extended to all modes)
} else if r.SslMode == "require" {
return fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=%s",
host, port, r.DbUsername, r.DbPassword, r.DbName, r.SslMode)
} else if r.SslMode == "verify-ca" {
_, err_server_ca := os.Stat(r.SslCrt)
_, err_client_cert := os.Stat(r.SslKey)
_, err_client_key := os.Stat(r.SslCrtClient)
if err_server_ca != nil || err_client_cert != nil || err_client_key != nil {
if os.IsNotExist(err_server_ca) || os.IsNotExist(err_client_cert) || os.IsNotExist(err_client_key) {
log.Fatal("Certificate not Found !!")
}
}
return fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=%s sslrootcert=%s sslcert=%s sslkey=%s",
host, port, r.DbUsername, r.DbPassword, r.DbName, r.SslMode, r.SslCrt, r.SslKey, r.SslCrtClient)
}

}
return ""
}
Expand Down
77 changes: 74 additions & 3 deletions ui/src/pages/Install/components/SecondStep/index.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
* under the License.
*/

import { FC, FormEvent } from 'react';
import { FC, FormEvent, useState } from 'react';
import { Form, Button } from 'react-bootstrap';
import { useTranslation } from 'react-i18next';

Expand Down Expand Up @@ -51,7 +51,7 @@ const Index: FC<Props> = ({ visible, data, changeCallback, nextCallback }) => {

const checkValidated = (): boolean => {
let bol = true;
const { db_type, db_username, db_password, db_host, db_name, db_file } =
const { db_type, db_username, db_password, db_host, db_name, db_file,ssl_enabled,ssl_mode } =
data;

if (db_type.value !== 'sqlite3') {
Expand Down Expand Up @@ -81,7 +81,23 @@ const Index: FC<Props> = ({ visible, data, changeCallback, nextCallback }) => {
errorMsg: t('db_host.msg'),
};
}

if (!ssl_enabled.value) {
bol = false;
data.ssl_enabled = {
value: '',
isInvalid: true,
errorMsg: t('ssl_enabled.msg'),
};
}
if (!ssl_mode.value) {
bol = false;
data.ssl_mode = {
value: '',
isInvalid: true,
errorMsg: t('ssl_mode.msg'),
};
}

if (!db_name.value) {
bol = false;
data.db_name = {
Expand Down Expand Up @@ -113,6 +129,14 @@ const Index: FC<Props> = ({ visible, data, changeCallback, nextCallback }) => {
nextCallback();
};

//checkbox for sslmode enabled or not
const [checked, setChecked] = useState(false);

const handleChange = () => {
// Change state to the opposite when checkbox changes
setChecked(!checked);
};

if (!visible) return null;
return (
<Form noValidate onSubmit={handleSubmit}>
Expand Down Expand Up @@ -183,6 +207,52 @@ const Index: FC<Props> = ({ visible, data, changeCallback, nextCallback }) => {
<Form.Control.Feedback type="invalid">
{data.db_password.errorMsg}
</Form.Control.Feedback>
{data.db_type.value=== 'postgres' && (
<div className='conditional-checkbox'>
<label htmlFor='sslEnabled' className='switch switch-default'>
SSL Mode On
</label>
<input
id='sslEnabled'
type='checkbox'
checked={checked}
onChange={(e) => {
changeCallback({
ssl_enabled: {
value: e.target.value,
isInvalid: false,
errorMsg: '',
},
});
}}
/>
{checked && (
<Form.Group controlId="sslmodeOptionsDropdown" className="mb-3">
<Form.Label>{"SSL mode"}</Form.Label>
<Form.Select
value={data.value}
isInvalid={data.isInvalid}
onChange={(e) => {
changeCallback({
ssl_mode: {
value: e.target.value,
isInvalid: false,
errorMsg: '',
},
});
}}>
{["require","verify-ca"].map((item) => {
return (
<option value={item} key={item}>
{item}
</option>
);
})}
</Form.Select>
</Form.Group>
)}
</div>
)}
</Form.Group>

<Form.Group controlId="db_host" className="mb-3">
Expand Down Expand Up @@ -228,6 +298,7 @@ const Index: FC<Props> = ({ visible, data, changeCallback, nextCallback }) => {
{data.db_name.errorMsg}
</Form.Control.Feedback>
</Form.Group>

</>
) : (
<Form.Group controlId="file" className="mb-3">
Expand Down
10 changes: 10 additions & 0 deletions ui/src/pages/Install/index.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -130,6 +130,16 @@ const Index: FC = () => {
isInvalid: false,
errorMsg: '',
},
ssl_enabled: {
value: '',
isInvalid: false,
errorMsg: '',
},
ssl_mode: {
value: '',
isInvalid: false,
errorMsg: '',
},
});

const updateFormData = (params: FormDataType) => {
Expand Down