Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rustls support with dynamic choice of TLS provider for cloud #1254

Merged
merged 38 commits into from
Feb 25, 2025
Merged

Rustls support with dynamic choice of TLS provider for cloud #1254

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
38 commits
Select commit Hold shift + click to select a range
a2bce58
node: fix docstring
wprzytula Feb 2, 2025
fa40ad2
connection_pool: fix outdated comments
wprzytula Jan 29, 2025
a6d44b3
connection_pool: impl Default for PoolConfig only for tests
wprzytula Jan 29, 2025
e059f63
PoolConfig: remove keepalive_interval
Lorak-mmk Nov 30, 2024
4e699b2
Cargo.toml: bump openssl dep to 0.10.70
wprzytula Jan 29, 2025
9558069
scylla: rename "ssl" feature to "openssl-010"
nrxus Jan 15, 2025
9dc9624
conn: extract common logic for obtaining router join handle
muzarski Feb 20, 2025
99537ce
codewide: wrap openssl usage with generic TLS wrappers
nrxus Jan 16, 2025
c73d5cd
connection: don't ignore openssl connection error
nrxus Jan 27, 2025
60f37cb
network: introduce Host{Connection,Pool}Config
Lorak-mmk Nov 30, 2024
ef32111
connection: simplify HostConnectionConfig::is_tls()
wprzytula Feb 1, 2025
b21fa05
cloud: refactor `set_ssl_config_for_scylla_cloud_host`
wprzytula Feb 1, 2025
7574af6
cloud: refactor `make_tls_config_for_scylla_cloud_host`
wprzytula Feb 1, 2025
6474955
cloud: make `make_tls_config_for_scylla_cloud_host` method on CloudCo…
wprzytula Feb 1, 2025
3d1d2d2
connection: introduce TlsProvider
wprzytula Feb 1, 2025
2d1400c
connection_pool: pass &PoolConfig to NodeConnectionPool::new()
wprzytula Feb 2, 2025
acfd744
metadata: MetadataReader: create PoolConfig only once
wprzytula Feb 2, 2025
a6af13e
cloud: use AddressTranslator instead of hand-crafted logic
wprzytula Feb 1, 2025
b299f14
connection: remove CloudConfig from ConnectionConfig
wprzytula Feb 1, 2025
9ef8bb9
metadata: derive Debug for UntranslatedPeer
wprzytula Feb 2, 2025
b9f9955
metadata: expose only getters for UntranslatedPeer
wprzytula Feb 2, 2025
66537c5
metadata: UntranslatedPeer holds borrowed &str
wprzytula Feb 2, 2025
0402867
metadata: move UntranslatedPeer to address_translator.rs
wprzytula Feb 14, 2025
9465e6b
connection: support rustls
nrxus Jan 17, 2025
efc570f
cloud: support rustls
wprzytula Feb 2, 2025
87d4d53
cloud: allow to choose the tls provider in runtime
muzarski Feb 19, 2025
ab33659
cloud: extract TlsInfo::get_dc_tls_context method
muzarski Feb 24, 2025
8060db5
document rustls where relevant
nrxus Jan 19, 2025
f572336
examples: rename tls.rs -> tls-openssl.rs
wprzytula Feb 3, 2025
42a03e3
add rustls example
nrxus Jan 19, 2025
cce794d
examples: rename cloud.rs -> cloud-openssl.rs
muzarski Feb 19, 2025
7b5d3ac
examples: add cloud-rustls example
muzarski Feb 19, 2025
ac3aca3
connection[_pool]: propagate UntranslatedEndpoint borrowing
wprzytula Feb 2, 2025
7c95833
rename feature: cloud -> unstable-cloud
wprzytula Feb 2, 2025
a8de364
network: extract tls module from connection
wprzytula Feb 2, 2025
9d618fb
rust.yml: reorder and comment feature checks
wprzytula Feb 12, 2025
d8b870b
rust.yml: TLS and cloud feature set checks
wprzytula Feb 12, 2025
bf62952
tls: update certs (#4)
muzarski Feb 13, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 17 additions & 2 deletions .github/workflows/rust.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,12 +41,19 @@ jobs:
run: cargo clippy --verbose --all-targets --all-features
- name: Cargo check with cpp_rust_unstable cfg
run: RUSTFLAGS="--cfg cpp_rust_unstable" cargo clippy --verbose --all-targets --all-features

# Features checks.
# No features.
- name: Cargo check without features
run: cargo check --all-targets --manifest-path "scylla/Cargo.toml" --features ""
- name: Cargo check with all serialization features
run: cargo check --all-targets --manifest-path "scylla/Cargo.toml" --features "full-serialization"

# All features.
- name: Cargo check with all features
run: cargo check --all-targets --manifest-path "scylla/Cargo.toml" --all-features

# Various (de)serialization features.
- name: Cargo check with all serialization features
run: cargo check --all-targets --manifest-path "scylla/Cargo.toml" --features "full-serialization"
- name: Cargo check with secrecy-08 feature
run: cargo check --all-targets --manifest-path "scylla/Cargo.toml" --features "secrecy-08"
- name: Cargo check with chrono-04 feature
Expand All @@ -59,6 +66,14 @@ jobs:
run: cargo check --all-targets --manifest-path "scylla/Cargo.toml" --features "num-bigint-04"
- name: Cargo check with bigdecimal-04 feature
run: cargo check --all-targets --manifest-path "scylla/Cargo.toml" --features "bigdecimal-04"

# TLS-related feature sets.
- name: Cargo check with openssl-x feature
run: cargo check --all-targets --manifest-path "scylla/Cargo.toml" --features "openssl-010"
- name: Cargo check with rustls-x feature
run: cargo check --all-targets --manifest-path "scylla/Cargo.toml" --features "rustls-023"
# (openssl-x, rustls-x) is checked in tls.yml.

- name: Build scylla-cql
run: cargo build --verbose --all-targets --manifest-path "scylla-cql/Cargo.toml" --features "full-serialization"
- name: Build
Expand Down
15 changes: 13 additions & 2 deletions .github/workflows/serverless.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ on:
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: full
RUSTFLAGS: -Dwarnings

jobs:
build:
Expand All @@ -31,8 +32,18 @@ jobs:
run: rustup update
- name: Check
run: cargo check --verbose
- name: Run cloud example
run: cargo run --example cloud -- $HOME/.ccm/serverless/config_data.yaml
# Cloud-related feature sets.
- name: Cargo check with unstable-cloud and openssl-x features
run: cargo check --all-targets --manifest-path "scylla/Cargo.toml" --features "unstable-cloud" --features "openssl-010"
- name: Cargo check with unstable-cloud and rustls-x features
run: cargo check --all-targets --manifest-path "scylla/Cargo.toml" --features "unstable-cloud" --features "rustls-023"
- name: Cargo check with unstable-cloud, openssl-x and rustls-x features
run: cargo check --all-targets --manifest-path "scylla/Cargo.toml" --features "unstable-cloud" --features "openssl-010" --features "rustls-023"

- name: Run cloud-openssl example
run: cargo run --example cloud-openssl -- $HOME/.ccm/serverless/config_data.yaml
- name: Run cloud-rustls example
run: cargo run --example cloud-rustls -- $HOME/.ccm/serverless/config_data.yaml
- name: Run cloud tests
run: CLOUD_CONFIG_PATH=$HOME/.ccm/serverless/config_data.yaml RUSTFLAGS="--cfg scylla_cloud_tests" RUST_LOG=trace cargo test --verbose

Expand Down
8 changes: 5 additions & 3 deletions .github/workflows/tls.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,14 +26,16 @@ jobs:
run: rustup update

- name: Check
run: cargo check --verbose --features "ssl"
run: cargo check --verbose --features "openssl-010" --features "rustls-023"
working-directory: ${{env.working-directory}}

- name: Start the cluster
run: docker compose -f test/tls/docker-compose-tls.yml up -d

- name: Run tests
run: SCYLLA_URI=172.44.0.2 RUST_LOG=trace cargo run --example tls
- name: Run openssl example
run: SCYLLA_URI=172.44.0.2 RUST_LOG=trace cargo run --example tls-openssl
- name: Run rustls example
run: SCYLLA_URI=172.44.0.2 RUST_LOG=trace cargo run --example tls-rustls

- name: Stop the cluster
if: ${{ always() }}
Expand Down
Loading
Loading