Skip to content

Commit

Permalink
feat/trim-column-name (#36)
Browse files Browse the repository at this point in the history
* chore: refactor tls

* feat: trim comlumn name
  • Loading branch information
fengjiachun authored Mar 11, 2024
1 parent 7338cd5 commit cb8fa23
Show file tree
Hide file tree
Showing 6 changed files with 63 additions and 58 deletions.
4 changes: 2 additions & 2 deletions ingester-example/src/main/java/io/greptime/TestConnector.java
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,8 @@ public static GreptimeDB connectToDefaultDB() {
//
// Sets the RPC options, in general, the default configuration is fine.
.rpcOptions(RpcOptions.newDefault())
// Enable TLS connection when remote port is secured by TLS
// .tlsOptions(null)
// Optional, the default value is fine.
//
// In some case of failure, a retry of write can be attempted.
Expand Down Expand Up @@ -85,8 +87,6 @@ public static GreptimeDB connectToDefaultDB() {
.router(null)
// Sets authentication information. If the DB is not required to authenticate, we can ignore this.
.authInfo(AuthInfo.noAuthorization())
// Enable TLS connection when remote port is secured by TLS
// .tlsOptions(new TlsOptions())
// A good start ^_^
.build();

Expand Down
26 changes: 15 additions & 11 deletions ingester-grpc/src/main/java/io/greptime/rpc/GrpcClient.java
Original file line number Diff line number Diff line change
Expand Up @@ -58,8 +58,10 @@
import io.grpc.stub.StreamObserver;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.File;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.ArrayBlockingQueue;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.CopyOnWriteArrayList;
Expand Down Expand Up @@ -547,22 +549,23 @@ private Channel getCheckedChannel(Endpoint endpoint, Consumer<Throwable> onFaile
}

private SslContext newSslContext(TlsOptions tlsOptions) {

try {
SslContextBuilder builder = GrpcSslContexts.forClient();

if (tlsOptions.getClientCertChain().isPresent() && tlsOptions.getPrivateKey().isPresent()) {
if (tlsOptions.getPrivateKeyPassword().isPresent()) {
builder.keyManager(tlsOptions.getClientCertChain().get(), tlsOptions.getPrivateKey().get(),
tlsOptions.getPrivateKeyPassword().get());
Optional<File> clientCertChain = tlsOptions.getClientCertChain();
Optional<File> privateKey = tlsOptions.getPrivateKey();
Optional<String> privateKeyPassword = tlsOptions.getPrivateKeyPassword();

if (clientCertChain.isPresent() && privateKey.isPresent()) {
if (privateKeyPassword.isPresent()) {
builder.keyManager(clientCertChain.get(), privateKey.get(),
privateKeyPassword.get());
} else {
builder.keyManager(tlsOptions.getClientCertChain().get(), tlsOptions.getPrivateKey().get());
builder.keyManager(clientCertChain.get(), privateKey.get());
}
}

if (tlsOptions.getRootCerts().isPresent()) {
builder.trustManager(tlsOptions.getRootCerts().get());
}
tlsOptions.getRootCerts().ifPresent(builder::trustManager);

return builder.build();
} catch (SSLException e) {
Expand All @@ -574,8 +577,9 @@ private IdChannel newChannel(Endpoint endpoint) {
NettyChannelBuilder innerChannelBuilder =
NettyChannelBuilder.forAddress(endpoint.getAddr(), endpoint.getPort());

if (this.opts.getTlsOptions().isPresent()) {
innerChannelBuilder.useTransportSecurity().sslContext(newSslContext(this.opts.getTlsOptions().get()));
TlsOptions tlsOptions = this.opts.getTlsOptions();
if (tlsOptions != null) {
innerChannelBuilder.useTransportSecurity().sslContext(newSslContext(tlsOptions));
} else {
innerChannelBuilder.usePlaintext();
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -144,6 +144,9 @@ public Builder addColumn(String name, //
"Invalid timestamp data type: %s, only support `DataType.TimestampXXX`", dataType);
}

// trim leading and trailing spaces
name = name.trim();

this.columnNames.add(name);
this.semanticTypes.add(semanticType.toProtoValue());
this.dataTypes.add(dataType.toProtoValue());
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,8 @@ public static final class Builder {
private Executor asyncPool;
// Rpc options, in general the default configuration is fine.
private RpcOptions rpcOptions = RpcOptions.newDefault();
// GreptimeDB secure connection options
private TlsOptions tlsOptions;
private int writeMaxRetries = 1;
// Write flow limit: maximum number of data points in-flight.
private int maxInFlightWritePoints = 10 * 65536;
Expand Down Expand Up @@ -191,6 +193,18 @@ public Builder rpcOptions(RpcOptions rpcOptions) {
return this;
}

/**
* Set `TlsOptions` to use secure connection between client and server. Set to `null` to use
* plaintext connection instead.
*
* @param tlsOptions for configure secure connection, set to null to use plaintext
* @return this builder
*/
public Builder tlsOptions(TlsOptions tlsOptions) {
this.tlsOptions = tlsOptions;
return this;
}

/**
* In some case of failure, a retry of write can be attempted.
*
Expand Down Expand Up @@ -280,24 +294,16 @@ public Builder router(Router<Void, Endpoint> router) {
return this;
}

/**
* Set `TlsOptions` to use secure connection between client and server. Set to `null` to use
* plaintext connection instead.
*
* @param tlsOptions for configure secure connection, set to null to use plaintext
* @return this builder
*/
public Builder tlsOptions(TlsOptions tlsOptions) {
this.rpcOptions.setTlsOptions(tlsOptions);
return this;
}

/**
* A good start, happy coding.
*
* @return nice things
*/
public GreptimeOptions build() {
// Set tls options to rpc options if tls options is not null
if (this.tlsOptions != null && this.rpcOptions != null) {
this.rpcOptions.setTlsOptions(this.tlsOptions);
}
GreptimeOptions opts = new GreptimeOptions();
opts.setEndpoints(this.endpoints);
opts.setRpcOptions(this.rpcOptions);
Expand Down
6 changes: 3 additions & 3 deletions ingester-rpc/src/main/java/io/greptime/rpc/RpcOptions.java
Original file line number Diff line number Diff line change
Expand Up @@ -105,14 +105,14 @@ public class RpcOptions implements Copiable<RpcOptions> {
* Set `TlsOptions` to use secure connection between client and server. Set to `null` to use
* plaintext connection instead.
*/
private Optional<TlsOptions> tlsOptions = Optional.empty();
private TlsOptions tlsOptions;

public Optional<TlsOptions> getTlsOptions() {
public TlsOptions getTlsOptions() {
return tlsOptions;
}

public void setTlsOptions(TlsOptions tlsOptions) {
this.tlsOptions = Optional.ofNullable(tlsOptions);
this.tlsOptions = tlsOptions;
}

public boolean isUseRpcSharedPool() {
Expand Down
52 changes: 22 additions & 30 deletions ingester-rpc/src/main/java/io/greptime/rpc/TlsOptions.java
Original file line number Diff line number Diff line change
Expand Up @@ -26,73 +26,65 @@
*/
public class TlsOptions implements Copiable<TlsOptions> {

private Optional<File> clientCertChain = Optional.empty();
private File clientCertChain;

private Optional<File> privateKey = Optional.empty();
private File privateKey;

private Optional<String> privateKeyPassword = Optional.empty();
private String privateKeyPassword;

private Optional<File> rootCerts = Optional.empty();
private File rootCerts;

@Override
public TlsOptions copy() {
TlsOptions that = new TlsOptions();

that.setClientCertChain(this.getClientCertChain());
that.setPrivateKey(this.getPrivateKey());
that.setPrivateKeyPassword(this.getPrivateKeyPassword());
that.setRootCerts(this.getRootCerts());
that.setClientCertChain(this.clientCertChain);
that.setPrivateKey(this.privateKey);
that.setPrivateKeyPassword(this.privateKeyPassword);
that.setRootCerts(this.rootCerts);

return that;
}

public Optional<File> getClientCertChain() {
return clientCertChain;
return Optional.ofNullable(this.clientCertChain);
}

public void setClientCertChain(Optional<File> clientCertChain) {
public void setClientCertChain(File clientCertChain) {
this.clientCertChain = clientCertChain;
}

public Optional<File> getPrivateKey() {
return privateKey;
return Optional.ofNullable(this.privateKey);
}

public void setPrivateKey(Optional<File> privateKey) {
public void setPrivateKey(File privateKey) {
this.privateKey = privateKey;
}

public Optional<String> getPrivateKeyPassword() {
return privateKeyPassword;
return Optional.ofNullable(this.privateKeyPassword);
}

public void setPrivateKeyPassword(Optional<String> privateKeyPassword) {
public void setPrivateKeyPassword(String privateKeyPassword) {
this.privateKeyPassword = privateKeyPassword;
}

public Optional<File> getRootCerts() {
return rootCerts;
return Optional.ofNullable(this.rootCerts);
}

public void setRootCerts(Optional<File> rootCerts) {
public void setRootCerts(File rootCerts) {
this.rootCerts = rootCerts;
}

@Override
public String toString() {
return "TlsOptions{"
+ //
"clientCertChain="
+ this.clientCertChain
+ //
", privateKey="
+ this.privateKey
+ //
", privateKeyPassword="
+ this.privateKeyPassword.map((v) -> "****")
+ //
", rootCerts="
+ this.rootCerts
+ '}';
return "TlsOptions{" + //
"clientCertChain=" + clientCertChain + //
", privateKey=" + privateKey + //
", privateKeyPassword='" + getPrivateKeyPassword().map((v) -> "****") + '\'' + //
", rootCerts=" + rootCerts + //
'}';
}
}

0 comments on commit cb8fa23

Please sign in to comment.