-
Notifications
You must be signed in to change notification settings - Fork 4.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
🎉 Source MySql: Added SSL certificates to MySql Source (#15044)
* updated mysql source specification and added field for root and clients SSL certificates * added SSL mode for mysql source * fixed code style * updated run process timeout * updated method for create keystore and updated tests * updated normalization version for postgres destination * updated normalization version for postgres destination * added tests for connection with certificates * updated tests for connection with full certificates and added tests for CA certificate * updated tests * updated source-mysql-strict-encrypt and updated versions * updated code style * updated doc * updated specs * fixed minor remarks * fixed minor remarks * updated tests * fixed remarks and updated specification * fixed mysql sources connectors version * added CDC + SSL Certificates tests * added property for CDC and added tests for test SSL with CDC together * fixed MySqlStrictEncryptJdbcSourceAcceptanceTest for work with datetime format * added property for CDC and added tests for test SSL with CDC together * auto-bump connector version [ci skip] Co-authored-by: Octavia Squidington III <octavia-squidington-iii@users.noreply.github.com>
- Loading branch information
Showing
24 changed files
with
1,319 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
74 changes: 74 additions & 0 deletions
74
airbyte-db/db-lib/src/main/java/io/airbyte/db/MySqlUtils.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,74 @@ | ||
/* | ||
* Copyright (c) 2022 Airbyte, Inc., all rights reserved. | ||
*/ | ||
|
||
package io.airbyte.db; | ||
|
||
import com.google.common.annotations.VisibleForTesting; | ||
import java.io.IOException; | ||
import org.testcontainers.containers.MySQLContainer; | ||
|
||
public class MySqlUtils { | ||
|
||
@VisibleForTesting | ||
public static Certificate getCertificate(final MySQLContainer<?> container, | ||
final boolean useAllCertificates) | ||
throws IOException, InterruptedException { | ||
// add root and server certificates to config file | ||
container.execInContainer("sh", "-c", "sed -i '31 a ssl' /etc/my.cnf"); | ||
container.execInContainer("sh", "-c", "sed -i '32 a ssl-ca=/var/lib/mysql/ca.pem' /etc/my.cnf"); | ||
container.execInContainer("sh", "-c", "sed -i '33 a ssl-cert=/var/lib/mysql/server-cert.pem' /etc/my.cnf"); | ||
container.execInContainer("sh", "-c", "sed -i '34 a ssl-key=/var/lib/mysql/server-key.pem' /etc/my.cnf"); | ||
container.execInContainer("sh", "-c", "sed -i '35 a require_secure_transport=ON' /etc/my.cnf"); | ||
// add client certificates to config file | ||
if (useAllCertificates) { | ||
container.execInContainer("sh", "-c", "sed -i '39 a [client]' /etc/mysql/my.cnf"); | ||
container.execInContainer("sh", "-c", "sed -i '40 a ssl-ca=/var/lib/mysql/ca.pem' /etc/my.cnf"); | ||
container.execInContainer("sh", "-c", "sed -i '41 a ssl-cert=/var/lib/mysql/client-cert.pem' /etc/my.cnf"); | ||
container.execInContainer("sh", "-c", "sed -i '42 a ssl-key=/var/lib/mysql/client-key.pem' /etc/my.cnf"); | ||
} | ||
// copy root certificate and client certificates | ||
var caCert = container.execInContainer("sh", "-c", "cat /var/lib/mysql/ca.pem").getStdout().trim(); | ||
|
||
if (useAllCertificates) { | ||
var clientKey = container.execInContainer("sh", "-c", "cat /var/lib/mysql/client-key.pem").getStdout().trim(); | ||
var clientCert = container.execInContainer("sh", "-c", "cat /var/lib/mysql/client-cert.pem").getStdout().trim(); | ||
return new Certificate(caCert, clientCert, clientKey); | ||
} else { | ||
return new Certificate(caCert); | ||
} | ||
} | ||
|
||
public static class Certificate { | ||
|
||
private final String caCertificate; | ||
private final String clientCertificate; | ||
private final String clientKey; | ||
|
||
public Certificate(final String caCertificate) { | ||
this.caCertificate = caCertificate; | ||
this.clientCertificate = null; | ||
this.clientKey = null; | ||
} | ||
|
||
public Certificate(final String caCertificate, final String clientCertificate, final String clientKey) { | ||
this.caCertificate = caCertificate; | ||
this.clientCertificate = clientCertificate; | ||
this.clientKey = clientKey; | ||
} | ||
|
||
public String getCaCertificate() { | ||
return caCertificate; | ||
} | ||
|
||
public String getClientCertificate() { | ||
return clientCertificate; | ||
} | ||
|
||
public String getClientKey() { | ||
return clientKey; | ||
} | ||
|
||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.