rust/neon
1
0
Fork 0
mirror of https://github.com/neondatabase/neon.git synced 2026-01-17 10:22:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

[proxy/redis] impr: use redis_auth_type to switch between auth types

Browse Source 
This adds `redis_auth_type` to the config with default value of "irsa". Not specifying it will enforce the `regional_redis_client` to be configured with IRSA redis (as it's done now).
If "plain" is specified, then the regional client is condifigured with `redis_notifications`, consuming username:password auth from URI. We plan to do that for Azure.

Configuring `regional_redis_client` is required now, there is no opt-out from configuring it.
This commit is contained in:
Anton Chaporgin
2024-07-19 11:34:45 +03:00
parent d263b1804e
commit 095af95bd9
1 changed files with 48 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
proxy/src/bin/proxy.rs
View File

@@ -176,6 +176,9 @@ struct ProxyCliArgs {
/// redis url for notifications (if empty, redis_host:port will be used for both notifications and streaming connections)
#[clap(long)]
redis_notifications: Option<String>,
/// what from the available authentications type to use for the regional redis we have. Supported are "irsa" and "plain".
#[clap(long, default_value = "irsa")]
redis_auth_type: String,
/// redis host for streaming connections (might be different from the notifications host)
#[clap(long)]
redis_host: Option<String>,
@@ -319,23 +322,54 @@ async fn main() -> anyhow::Result<()> {
),
aws_credentials_provider,
));
let regional_redis_client = match (args.redis_host, args.redis_port) {
(Some(host), Some(port)) => Some(
ConnectionWithCredentialsProvider::new_with_credentials_provider(
host,
port,
elasticache_credentials_provider.clone(),
),
),
(None, None) => {
warn!("Redis events from console are disabled");
None
// let regional_redis_client = match (args.redis_host, args.redis_port) {
// (Some(host), Some(port)) => Some(
// ConnectionWithCredentialsProvider::new_with_credentials_provider(
// host,
// port,
// elasticache_credentials_provider.clone(),
// ),
// ),
// (None, None) => {
// warn!("Redis events from console are disabled");
// None
// }
// _ => {
// bail!("redis-host and redis-port must be specified together");
// }
// };
let regional_redis_client = match args.redis_auth_type.as_str() {
"plain" => {
match args.redis_notifications {
None => {
bail!("plain auth requires redis_notifications to be set");
},
Some(url) => Some(ConnectionWithCredentialsProvider::new_with_static_credentials(url)),
}
}
"irsa" => {
match (&args.redis_host, args.redis_port) {
(Some(host), Some(port)) => Some(
ConnectionWithCredentialsProvider::new_with_credentials_provider(
host.to_string(),
port,
elasticache_credentials_provider.clone(),
),
),
(None, None) => {
bail!("irsa auth requires redis-host and redis-port to be set");
}
_ => {
bail!("redis-host and redis-port must be specified together");
}
}
}
_ => {
bail!("redis-host and redis-port must be specified together");
bail!("unknown auth type given");
}
};
let redis_notifications_client = if let Some(url) = args.redis_notifications {
let redis_notifications_client = if let Some(url) = &args.redis_notifications {
Some(ConnectionWithCredentialsProvider::new_with_static_credentials(url))
} else {
regional_redis_client.clone()
@@ -357,7 +391,7 @@ async fn main() -> anyhow::Result<()> {
let cancel_map = CancelMap::default();
let redis_publisher = match &regional_redis_client {
let redis_publisher = match &redis_notifications_client {
Some(redis_publisher) => Some(Arc::new(Mutex::new(RedisPublisherClient::new(
redis_publisher.clone(),
args.region.clone(),