Skip to content

Commit

Permalink
feat: 🎸 enable setting allow cleartext password flag
Browse files Browse the repository at this point in the history
  • Loading branch information
Amri committed Nov 6, 2019
1 parent 1892127 commit 2338b19
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 6 deletions.
25 changes: 19 additions & 6 deletions mysql/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,11 @@ import (
"golang.org/x/net/proxy"
)

const (
cleartextPasswords = "cleartext"
nativePasswords = "native"
)

type MySQLConfiguration struct {
Config *mysql.Config
MaxConnLifetime time.Duration
Expand Down Expand Up @@ -73,6 +78,13 @@ func Provider() terraform.ResourceProvider {
Type: schema.TypeInt,
Optional: true,
},

"authentication_plugin": {
Type: schema.TypeString,
Optional: true,
Default: nativePasswords,
ValidateFunc: validation.StringInSlice([]string{cleartextPasswords, nativePasswords}, true),
},
},

ResourcesMap: map[string]*schema.Resource{
Expand All @@ -97,12 +109,13 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
}

conf := mysql.Config{
User: d.Get("username").(string),
Passwd: d.Get("password").(string),
Net: proto,
Addr: endpoint,
TLSConfig: d.Get("tls").(string),
AllowNativePasswords: true,
User: d.Get("username").(string),
Passwd: d.Get("password").(string),
Net: proto,
Addr: endpoint,
TLSConfig: d.Get("tls").(string),
AllowNativePasswords: d.Get("authentication_plugin").(string) == nativePasswords,
AllowCleartextPasswords: d.Get("authentication_plugin").(string) == cleartextPasswords,
}

dialer := proxy.FromEnvironment()
Expand Down
1 change: 1 addition & 0 deletions website/docs/index.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -82,3 +82,4 @@ The following arguments are supported:
* `tls` - (Optional) The TLS configuration. One of `false`, `true`, or `skip-verify`. Defaults to `false`. Can also be sourced from the `MYSQL_TLS_CONFIG` environment variable.
* `max_conn_lifetime_sec` - (Optional) Sets the maximum amount of time a connection may be reused. If d <= 0, connections are reused forever.
* `max_open_conns` - (Optional) Sets the maximum number of open connections to the database. If n <= 0, then there is no limit on the number of open connections.
* `authentication_plugin` - (Optional) Sets the authentication plugin, it can be one of the following: `native` or `cleartext`. Defaults to `native`.

0 comments on commit 2338b19

Please sign in to comment.