diff --git a/README.md b/README.md index f822267..3e7d055 100644 --- a/README.md +++ b/README.md @@ -59,7 +59,6 @@ datasources: port: 8812 username: admin tlsMode: disable - # tlsCACertFile: # timeout: # queryTimeout: maxOpenConnections: 100 diff --git a/pkg/plugin/driver.go b/pkg/plugin/driver.go index 68086e7..2029f6b 100644 --- a/pkg/plugin/driver.go +++ b/pkg/plugin/driver.go @@ -171,20 +171,6 @@ A24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Yw== connStr += fmt.Sprintf(" sslcert='%s' sslkey='%s'", escape(tlsClientCert), escape(tlsClientKey)) } - } else if settings.ConfigurationMethod == "file-path" { - // Attach root certificate if provided - if settings.TlsCACertFile != "" { - log.DefaultLogger.Debug("Setting server root certificate", "tlsRootCertFile", settings.TlsCACertFile) - connStr += fmt.Sprintf(" sslrootcert='%s'", escape(settings.TlsCACertFile)) - } - - // Attach client certificate and key if both are provided - if settings.TlsClientCertFile != "" && settings.TlsClientKeyFile != "" { - log.DefaultLogger.Debug("Setting TLS/SSL client auth", "tlsCertFile", settings.TlsClientCertFile, "tlsKeyFile", settings.TlsClientKeyFile) - connStr += fmt.Sprintf(" sslcert='%s' sslkey='%s'", escape(settings.TlsClientCertFile), escape(settings.TlsClientKeyFile)) - } else if settings.TlsClientCertFile != "" || settings.TlsClientKeyFile != "" { - return "", fmt.Errorf("TLS/SSL client certificate and key files must both be specified") - } } else if settings.ConfigurationMethod != "" { return "", errors.New(fmt.Sprintf("invalid ssl configuration method: %s", settings.ConfigurationMethod)) } diff --git a/pkg/plugin/settings.go b/pkg/plugin/settings.go index 5292610..e202f45 100644 --- a/pkg/plugin/settings.go +++ b/pkg/plugin/settings.go @@ -32,7 +32,6 @@ type Settings struct { TlsMode string `json:"tlsMode"` ConfigurationMethod string `json:"tlsConfigurationMethod"` - TlsCACertFile string `json:"tlsCaCertFile"` TlsClientCertFile string `json:"tlsClientCertFile"` TlsClientKeyFile string `json:"tlsClientKeyFile"` } @@ -130,9 +129,6 @@ func LoadSettings(config backend.DataSourceInstanceSettings) (settings Settings, settings.TlsMode = jsonData["tlsMode"].(string) } - if jsonData["tlsCACertFile"] != nil { - settings.TlsCACertFile = jsonData["tlsCACertFile"].(string) - } if jsonData["tlsClientCertFile"] != nil { settings.TlsClientCertFile = jsonData["tlsClientCertFile"].(string) } diff --git a/pkg/plugin/settings_test.go b/pkg/plugin/settings_test.go index 40d346f..8e7b039 100644 --- a/pkg/plugin/settings_test.go +++ b/pkg/plugin/settings_test.go @@ -88,47 +88,6 @@ func TestLoadSettings(t *testing.T) { }, expectedErr: nil, }, - { - name: "should parse json with tls and file-path mode", - args: args{ - config: backend.DataSourceInstanceSettings{ - UID: "ds-uid", - JSONData: []byte(`{ "server": "test", "port": 8812, "username": "john", - "enableSecureSocksProxy": true, "tlsMode": "verify-ca", "tlsConfigurationMethod": "file-path", - "tlsCACertFile": "/var/caCertFile", "tlsClientCertFile": "/var/clientCertFile", "tlsClientKeyFile": "/var/clientKeyFile", - "timeout": 10, "queryTimeout": 50, "maxOpenConnections": 100, "maxIdleConnections": 100, "maxConnectionLifetime": 14400 }`), - DecryptedSecureJSONData: map[string]string{"password": "rambo", "secureSocksProxyPassword": "test"}, - }, - }, - expectedSettings: Settings{ - Server: "test", - Port: 8812, - Username: "john", - Password: "rambo", - TlsCACertFile: "/var/caCertFile", - TlsClientCertFile: "/var/clientCertFile", - TlsClientKeyFile: "/var/clientKeyFile", - Timeout: 10, - QueryTimeout: 50, - MaxOpenConnections: 100, - MaxIdleConnections: 100, - MaxConnectionLifetime: 14400, - TlsMode: "verify-ca", - ConfigurationMethod: "file-path", - ProxyOptions: &proxy.Options{ - Enabled: true, - Auth: &proxy.AuthOptions{ - Username: "ds-uid", - Password: "test", - }, - Timeouts: &proxy.TimeoutOptions{ - Timeout: 10 * time.Second, - KeepAlive: proxy.DefaultTimeoutOptions.KeepAlive, - }, - }, - }, - expectedErr: nil, - }, { name: "should converting string values to the correct type", args: args{ diff --git a/provisioning/datasources/questdb_questdb_datasource.yaml b/provisioning/datasources/questdb_questdb_datasource.yaml index 1cae193..b2975b3 100644 --- a/provisioning/datasources/questdb_questdb_datasource.yaml +++ b/provisioning/datasources/questdb_questdb_datasource.yaml @@ -7,7 +7,6 @@ datasources: port: 8812 username: admin tlsMode: disable - # tlsCACertFile: # timeout: # queryTimeout: maxOpenConnections: 100 diff --git a/src/selectors.ts b/src/selectors.ts index 7f3ab82..66304e0 100644 --- a/src/selectors.ts +++ b/src/selectors.ts @@ -36,11 +36,6 @@ export const Components = { placeholder: 'Client Key. Begins with -----BEGIN RSA PRIVATE KEY-----', }, - TLSCACertFile: { - label: 'TLS/SSL Root Certificate File', - placeholder: - 'If the selected TLS/SSL mode requires a server root certificate, provide the path to the file here.', - }, TLSClientCertFile: { label: 'TLS/SSL Client Certificate File', placeholder: diff --git a/src/types.ts b/src/types.ts index 9a10c3f..7cf38f0 100644 --- a/src/types.ts +++ b/src/types.ts @@ -33,7 +33,6 @@ export interface QuestDBConfig extends DataSourceJsonData { tlsMode?: PostgresTLSModes; tlsConfigurationMethod?: PostgresTLSMethods; - tlsCACertFile?: string; tlsClientCertFile?: string; tlsClientKeyFile?: string; } diff --git a/src/views/QuestDBConfigEditor.test.tsx b/src/views/QuestDBConfigEditor.test.tsx index bb06120..713ee74 100644 --- a/src/views/QuestDBConfigEditor.test.tsx +++ b/src/views/QuestDBConfigEditor.test.tsx @@ -22,6 +22,7 @@ describe('ConfigEditor', () => { expect(screen.getByPlaceholderText(Components.ConfigEditor.Username.placeholder)).toBeInTheDocument(); expect(screen.getByPlaceholderText(Components.ConfigEditor.Password.placeholder)).toBeInTheDocument(); expect(screen.getByText(Components.ConfigEditor.TlsMode.placeholder)).toBeInTheDocument(); + expect(screen.getByText(Components.ConfigEditor.TlsMethod.label)).toBeInTheDocument(); }); it('with password', async () => { render( @@ -53,7 +54,6 @@ describe('ConfigEditor', () => { ); expect(screen.queryByText(PostgresTLSModes.disable)).toBeInTheDocument(); expect(screen.queryByPlaceholderText(Components.ConfigEditor.TlsMethod.placeholder)).not.toBeInTheDocument(); - expect(screen.queryByPlaceholderText(Components.ConfigEditor.TLSCACertFile.placeholder)).not.toBeInTheDocument(); expect( screen.queryByPlaceholderText(Components.ConfigEditor.TLSClientCertFile.placeholder) ).not.toBeInTheDocument(); @@ -62,7 +62,7 @@ describe('ConfigEditor', () => { expect(screen.queryByPlaceholderText(Components.ConfigEditor.TLSClientCert.placeholder)).not.toBeInTheDocument(); expect(screen.queryByPlaceholderText(Components.ConfigEditor.TLSClientKey.placeholder)).not.toBeInTheDocument(); }); - it('with verifyCA tlsMode and fileContent tlsMethod', async () => { + it('with tlsMode and filePath tlsMethod', async () => { render( { jsonData: { ...mockConfigEditorProps().options.jsonData, tlsMode: PostgresTLSModes.verifyCA, - tlsConfigurationMethod: PostgresTLSMethods.fileContent, + tlsConfigurationMethod: PostgresTLSMethods.filePath, }, }} /> ); expect(screen.queryByText(PostgresTLSModes.verifyCA)).toBeInTheDocument(); - expect(screen.queryByPlaceholderText(Components.ConfigEditor.TLSCACertFile.placeholder)).not.toBeInTheDocument(); - expect(screen.queryByPlaceholderText(Components.ConfigEditor.TLSCACert.placeholder)).toBeInTheDocument(); + expect(screen.queryByText(Components.ConfigEditor.TlsMethod.placeholder)).toBeInTheDocument(); + expect(screen.queryByPlaceholderText(Components.ConfigEditor.TLSCACert.placeholder)).not.toBeInTheDocument(); }); it('with verifyFull tlsMode and fileContent tlsMethod', async () => { @@ -96,7 +96,7 @@ describe('ConfigEditor', () => { /> ); expect(screen.queryByText(PostgresTLSModes.verifyFull)).toBeInTheDocument(); - expect(screen.queryByPlaceholderText(Components.ConfigEditor.TLSCACertFile.placeholder)).not.toBeInTheDocument(); + expect(screen.queryByText(Components.ConfigEditor.TlsMethod.placeholder)).toBeInTheDocument(); expect(screen.queryByPlaceholderText(Components.ConfigEditor.TLSCACert.placeholder)).toBeInTheDocument(); });