Skip to content

Commit 69594ac

Browse files
ThibsGThibsG
committed
Add client ssl tests for PostgreSQL
1 parent c1a17ca commit 69594ac

File tree

4 files changed

+54
-49
lines changed

4 files changed

+54
-49
lines changed

sqlx-core/src/postgres/options/parse.rs

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -57,9 +57,9 @@ impl FromStr for PgConnectOptions {
5757
options = options.ssl_root_cert(&*value);
5858
}
5959

60-
"sslcert" => options = options.ssl_client_cert(&*value),
60+
"sslcert" | "ssl-cert" => options = options.ssl_client_cert(&*value),
6161

62-
"sslkey" => options = options.ssl_client_key(&*value),
62+
"sslkey" | "ssl-key" => options = options.ssl_client_key(&*value),
6363

6464
"statement-cache-capacity" => {
6565
options =

tests/docker-compose.yml

Lines changed: 38 additions & 46 deletions
Original file line numberDiff line numberDiff line change
@@ -120,26 +120,24 @@ services:
120120
command: >
121121
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key
122122
123-
postgres_13:
123+
postgres_14_client_ssl:
124124
build:
125125
context: .
126126
dockerfile: postgres/Dockerfile
127127
args:
128-
VERSION: 13
128+
VERSION: 14
129129
ports:
130130
- 5432
131131
environment:
132132
POSTGRES_DB: sqlx
133-
POSTGRES_USER: postgres
134-
POSTGRES_PASSWORD: password
135-
POSTGRES_HOST_AUTH_METHOD: scram-sha-256
136-
POSTGRES_INITDB_ARGS: --auth-host=scram-sha-256
133+
POSTGRES_HOST_AUTH_METHOD: trust
134+
POSTGRES_INITDB_ARGS: --auth-host=trust
137135
volumes:
138136
- "./postgres/setup.sql:/docker-entrypoint-initdb.d/setup.sql"
139137
command: >
140-
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key
138+
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key -c ssl_ca_file=/var/lib/postgresql/ca.crt -c hba_file=/var/lib/postgresql/pg_hba.conf
141139
142-
postgres_13_cert:
140+
postgres_13:
143141
build:
144142
context: .
145143
dockerfile: postgres/Dockerfile
@@ -156,33 +154,31 @@ services:
156154
volumes:
157155
- "./postgres/setup.sql:/docker-entrypoint-initdb.d/setup.sql"
158156
command: >
159-
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key -c ssl_ca_file=/var/lib/postgresql/ca.crt -c hba_file=/var/lib/postgresql/pg_hba.conf
157+
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key
160158
161-
postgres_12:
159+
postgres_13_client_ssl:
162160
build:
163161
context: .
164162
dockerfile: postgres/Dockerfile
165163
args:
166-
VERSION: 12
164+
VERSION: 13
167165
ports:
168166
- 5432
169167
environment:
170168
POSTGRES_DB: sqlx
171-
POSTGRES_USER: postgres
172-
POSTGRES_PASSWORD: password
173-
POSTGRES_HOST_AUTH_METHOD: scram-sha-256
174-
POSTGRES_INITDB_ARGS: --auth-host=scram-sha-256
169+
POSTGRES_HOST_AUTH_METHOD: trust
170+
POSTGRES_INITDB_ARGS: --auth-host=trust
175171
volumes:
176172
- "./postgres/setup.sql:/docker-entrypoint-initdb.d/setup.sql"
177173
command: >
178-
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key
174+
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key -c ssl_ca_file=/var/lib/postgresql/ca.crt -c hba_file=/var/lib/postgresql/pg_hba.conf
179175
180-
postgres_12_cert:
176+
postgres_12:
181177
build:
182178
context: .
183179
dockerfile: postgres/Dockerfile
184180
args:
185-
VERSION: 12.3
181+
VERSION: 12
186182
ports:
187183
- 5432
188184
environment:
@@ -194,33 +190,31 @@ services:
194190
volumes:
195191
- "./postgres/setup.sql:/docker-entrypoint-initdb.d/setup.sql"
196192
command: >
197-
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key -c ssl_ca_file=/var/lib/postgresql/ca.crt -c hba_file=/var/lib/postgresql/pg_hba.conf
193+
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key
198194
199-
postgres_11:
195+
postgres_12_client_ssl:
200196
build:
201197
context: .
202198
dockerfile: postgres/Dockerfile
203199
args:
204-
VERSION: 11
200+
VERSION: 12.3
205201
ports:
206202
- 5432
207203
environment:
208204
POSTGRES_DB: sqlx
209-
POSTGRES_USER: postgres
210-
POSTGRES_PASSWORD: password
211-
POSTGRES_HOST_AUTH_METHOD: scram-sha-256
212-
POSTGRES_INITDB_ARGS: --auth-host=scram-sha-256
205+
POSTGRES_HOST_AUTH_METHOD: trust
206+
POSTGRES_INITDB_ARGS: --auth-host=trust
213207
volumes:
214208
- "./postgres/setup.sql:/docker-entrypoint-initdb.d/setup.sql"
215209
command: >
216-
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key
210+
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key -c ssl_ca_file=/var/lib/postgresql/ca.crt -c hba_file=/var/lib/postgresql/pg_hba.conf
217211
218-
postgres_10:
212+
postgres_11:
219213
build:
220214
context: .
221215
dockerfile: postgres/Dockerfile
222216
args:
223-
VERSION: 10
217+
VERSION: 11
224218
ports:
225219
- 5432
226220
environment:
@@ -234,25 +228,24 @@ services:
234228
command: >
235229
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key
236230
237-
postgres_10_cert:
231+
postgres_11_client_ssl:
238232
build:
239233
context: .
240234
dockerfile: postgres/Dockerfile
241235
args:
242-
VERSION: 10.13
236+
VERSION: 11
243237
ports:
244238
- 5432
245239
environment:
246240
POSTGRES_DB: sqlx
247-
POSTGRES_USER: postgres
248-
POSTGRES_PASSWORD: password
249241
POSTGRES_HOST_AUTH_METHOD: trust
242+
POSTGRES_INITDB_ARGS: --auth-host=trust
250243
volumes:
251244
- "./postgres/setup.sql:/docker-entrypoint-initdb.d/setup.sql"
252245
command: >
253246
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key -c ssl_ca_file=/var/lib/postgresql/ca.crt -c hba_file=/var/lib/postgresql/pg_hba.conf
254247
255-
postgres_9_6:
248+
postgres_10:
256249
build:
257250
context: .
258251
dockerfile: postgres/Dockerfile
@@ -271,55 +264,54 @@ services:
271264
command: >
272265
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key
273266
274-
postgres_9_6_cert:
267+
postgres_10_client_ssl:
275268
build:
276269
context: .
277270
dockerfile: postgres/Dockerfile
278271
args:
279-
VERSION: 9.6
272+
VERSION: 10.13
280273
ports:
281274
- 5432
282275
environment:
283276
POSTGRES_DB: sqlx
284-
POSTGRES_USER: postgres
285-
POSTGRES_PASSWORD: password
286-
POSTGRES_HOST_AUTH_METHOD: md5
277+
POSTGRES_HOST_AUTH_METHOD: trust
278+
POSTGRES_INITDB_ARGS: --auth-host=trust
287279
volumes:
288280
- "./postgres/setup.sql:/docker-entrypoint-initdb.d/setup.sql"
289281
command: >
290282
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key -c ssl_ca_file=/var/lib/postgresql/ca.crt -c hba_file=/var/lib/postgresql/pg_hba.conf
291283
292-
postgres_9_5:
284+
postgres_9_6:
293285
build:
294286
context: .
295287
dockerfile: postgres/Dockerfile
296288
args:
297-
VERSION: 9.6
289+
VERSION: 10
298290
ports:
299291
- 5432
300292
environment:
301293
POSTGRES_DB: sqlx
302294
POSTGRES_USER: postgres
303295
POSTGRES_PASSWORD: password
304-
POSTGRES_HOST_AUTH_METHOD: md5
296+
POSTGRES_HOST_AUTH_METHOD: scram-sha-256
297+
POSTGRES_INITDB_ARGS: --auth-host=scram-sha-256
305298
volumes:
306299
- "./postgres/setup.sql:/docker-entrypoint-initdb.d/setup.sql"
307300
command: >
308301
-c ssl=on -c ssl_cert_file=/var/lib/postgresql/server.crt -c ssl_key_file=/var/lib/postgresql/server.key
309302
310-
postgres_9_5_cert:
303+
postgres_9_6_client_ssl:
311304
build:
312305
context: .
313306
dockerfile: postgres/Dockerfile
314307
args:
315-
VERSION: 9.5
308+
VERSION: 9.6
316309
ports:
317310
- 5432
318311
environment:
319312
POSTGRES_DB: sqlx
320-
POSTGRES_USER: postgres
321-
POSTGRES_PASSWORD: password
322-
POSTGRES_HOST_AUTH_METHOD: password
313+
POSTGRES_HOST_AUTH_METHOD: trust
314+
POSTGRES_INITDB_ARGS: --auth-host=trust
323315
volumes:
324316
- "./postgres/setup.sql:/docker-entrypoint-initdb.d/setup.sql"
325317
command: >

tests/docker.py

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,10 @@ def start_database(driver, database, cwd):
6161
return f"mysql://root:[email protected]:{port}/{database}"
6262

6363
elif driver.startswith("postgres"):
64-
return f"postgres://postgres:password@localhost:{port}/{database}"
64+
if driver.endswith("client_ssl"):
65+
return f"postgres://postgres@localhost:{port}/{database}"
66+
else:
67+
return f"postgres://postgres:password@localhost:{port}/{database}"
6568

6669
elif driver.startswith("mssql"):
6770
return f"mssql://sa:[email protected]:{port}/{database}"

tests/x.py

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -148,6 +148,16 @@ def run(command, comment=None, env=None, service=None, tag=None, args=None, data
148148
tag=f"postgres_{version}_ssl" if runtime == "async-std" else f"postgres_{version}_ssl_{runtime}",
149149
)
150150

151+
## +client-ssl
152+
for version in ["14_client_ssl", "13_client_ssl", "12_client_ssl", "11_client_ssl", "10_client_ssl", "9_6_client_ssl"]:
153+
run(
154+
f"cargo test --no-default-features --features macros,offline,any,all-types,postgres,runtime-{runtime}-{tls}",
155+
comment=f"test postgres {version} no-password",
156+
database_url_args="sslmode=verify-ca&sslrootcert=.%2Ftests%2Fcerts%2Fca.crt&sslkey=.%2Ftests%2Fkeys%2Fclient.key&sslcert=.%2Ftests%2Fcerts%2Fclient.crt",
157+
service=f"postgres_{version}",
158+
tag=f"postgres_{version}_no_password" if runtime == "async-std" else f"postgres_{version}_no_password_{runtime}",
159+
)
160+
151161
#
152162
# mysql
153163
#

0 commit comments

Comments
 (0)