it compiles. still missing metrics

Author: BenoitRanque

Cargo.lock

@@ -31,8 +31,8 @@ similar_names = "allow"
 too_many_lines = "allow"
 
 [workspace.dependencies]
-ndc-models = { git = "https://github.com/hasura/ndc-spec.git", tag = "v0.2.3" }
-ndc-sdk = { git = "https://github.com/hasura/ndc-sdk-rs.git", rev = "e2a1aeb" }
+ndc-models = { git = "https://github.com/hasura/ndc-spec.git", tag = "v0.2.4" }
+ndc-sdk = { git = "https://github.com/hasura/ndc-sdk-rs.git", rev = "v0.7.0" }
 ndc-test = { git = "https://github.com/hasura/ndc-spec.git", tag = "v0.2.3" }
 
 anyhow = "1"

Cargo.toml

@@ -1,15 +1,18 @@
 //! Configuration for the connector.
 
+use std::collections::BTreeMap;
 use std::path::Path;
 
 use query_engine_metadata::metadata;
+use sqlx::postgres::PgConnectOptions;
 
+use crate::connect::SslInfo;
 use crate::environment::Environment;
 use crate::error::{
     MakeRuntimeConfigurationError, MultiError, ParseConfigurationError,
     WriteParsedConfigurationError,
 };
-use crate::values::{IsolationLevel, PoolSettings};
+use crate::values::{IsolationLevel, PoolSettings, Redacted};
 use crate::version3;
 use crate::version4;
 use crate::version5;
@@ -72,11 +75,35 @@ pub struct Configuration {
     pub metadata: metadata::Metadata,
     pub configuration_version_tag: VersionTag,
     pub pool_settings: PoolSettings,
-    pub connection_uri: String,
+    pub connection_settings: ConnectionSettings,
     pub isolation_level: IsolationLevel,
     pub mutations_version: Option<metadata::mutations::MutationsVersion>,
     pub mutations_prefix: Option<String>,
 }
+
+type ConnectionName = String;
+type ConnectionString = String;
+
+#[derive(Debug)]
+pub enum ConnectionSettings {
+    Static {
+        connection_uri: Redacted<ConnectionString>,
+        ssl: Redacted<SslInfo>,
+    },
+    Named {
+        fallback_connection_uri: Redacted<ConnectionString>,
+        fallback_to_static: bool,
+        ssl: Redacted<SslInfo>,
+        connection_uris: BTreeMap<ConnectionName, Redacted<ConnectionString>>,
+        eager_connections: bool,
+    },
+    Dynamic {
+        fallback_connection_uri: Redacted<ConnectionString>,
+        fallback_to_static: bool,
+        ssl: Redacted<SslInfo>,
+    },
+}
+
 pub async fn introspect(
     input: ParsedConfiguration,
     environment: impl Environment,

crates/configuration/src/configuration.rs

@@ -10,47 +10,40 @@ use crate::values::{ConnectionUri, Secret};
 
 /// Get the connect options from the connection string and environment.
 pub fn get_connect_options(
-    connection_uri: &ConnectionUri,
-    environment: impl Environment,
+    connection_uri: &str,
+    ssl: &SslInfo,
 ) -> anyhow::Result<PgConnectOptions> {
-    let uri = match &connection_uri {
-        ConnectionUri(Secret::Plain(value)) => Cow::Borrowed(value),
-        ConnectionUri(Secret::FromEnvironment { variable }) => {
-            Cow::Owned(environment.read(variable)?)
-        }
-    };
-
-    let connect_options = PgConnectOptions::from_url(&uri.parse()?)?;
-
-    let ssl = read_ssl_info(environment);
+    let connect_options = PgConnectOptions::from_url(&connection_uri.parse()?)?;
 
     // Add ssl client info if present.
-    let connect_options = match ssl.client {
+    let connect_options = match &ssl.client {
         None => connect_options,
         Some(client) => connect_options
-            .ssl_client_cert_from_pem(client.certificate)
-            .ssl_client_key_from_pem(client.key),
+            .ssl_client_cert_from_pem(&client.certificate)
+            .ssl_client_key_from_pem(&client.key),
     };
     // Add ssl root certificate if present.
-    Ok(match ssl.root_certificate {
+    Ok(match &ssl.root_certificate {
         None => connect_options,
-        Some(root_certificate) => connect_options.ssl_root_cert_from_pem(root_certificate),
+        Some(root_certificate) => connect_options.ssl_root_cert_from_pem(root_certificate.clone()),
     })
 }
 
 /// SSL certificate information.
-struct SslInfo {
+#[derive(Clone)]
+pub struct SslInfo {
     client: Option<SslClientInfo>,
     root_certificate: Option<Vec<u8>>,
 }
 /// SSL client certificate information.
+#[derive(Clone)]
 struct SslClientInfo {
     certificate: String,
     key: String,
 }
 
 /// Read ssl certificate and key from the environment.
-fn read_ssl_info(environment: impl Environment) -> SslInfo {
+pub fn read_ssl_info(environment: impl Environment) -> SslInfo {
     // read ssl info
     let certificate = environment.read(&Variable::from("CLIENT_CERT")).ok();
     let key = environment.read(&Variable::from("CLIENT_KEY")).ok();

crates/configuration/src/connect.rs

@@ -71,4 +71,9 @@ pub enum MakeRuntimeConfigurationError {
         file_path: std::path::PathBuf,
         message: String,
     },
+    #[error("malformed environment variable value when processing {file_path}: {message}")]
+    MalformedEnvironmentVariableValue {
+        file_path: std::path::PathBuf,
+        message: String,
+    },
 }

crates/configuration/src/error.rs

@@ -12,14 +12,14 @@ pub mod version5;
 
 pub use configuration::{
     generate_latest_schema, introspect, make_runtime_configuration, parse_configuration,
-    upgrade_to_latest_version, write_parsed_configuration, Configuration, ParsedConfiguration,
-    DEFAULT_CONNECTION_URI_VARIABLE,
+    upgrade_to_latest_version, write_parsed_configuration, Configuration, ConnectionSettings,
+    ParsedConfiguration, DEFAULT_CONNECTION_URI_VARIABLE,
 };
-pub use values::{ConnectionUri, IsolationLevel, PoolSettings, Secret};
+pub use values::{ConnectionUri, IsolationLevel, PoolSettings, Redacted, Secret};
 
 pub use metrics::Metrics;
 
-pub use connect::get_connect_options;
+pub use connect::{get_connect_options, SslInfo};
 
 #[derive(Debug, Copy, Clone)]
 pub enum VersionTag {

crates/configuration/src/lib.rs

@@ -1,9 +1,11 @@
 mod isolation_level;
 mod pool_settings;
+mod redacted;
 mod secret;
 mod uri;
 
 pub use isolation_level::IsolationLevel;
 pub use pool_settings::PoolSettings;
+pub use redacted::Redacted;
 pub use secret::Secret;
 pub use uri::ConnectionUri;

crates/configuration/src/values/mod.rs

@@ -0,0 +1,28 @@
+use serde::Deserialize;
+
+/// A struct use to store sensitive information in configuration
+/// If printed out for any reason, will redact the inner value
+/// While we should not intentionally print out this information anyways, this is more of a safety measure that cannot hurt
+/// This also helps us mark the sensitive nature of the value.
+#[derive(Clone, PartialEq, Eq, Deserialize)]
+pub struct Redacted<T>(T);
+
+impl<T> Redacted<T> {
+    pub fn new(value: T) -> Self {
+        Self(value)
+    }
+
+    pub fn into_inner(self) -> T {
+        self.0
+    }
+
+    pub fn inner(&self) -> &T {
+        &self.0
+    }
+}
+
+impl<T> std::fmt::Debug for Redacted<T> {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.write_str("[REDACTED]")
+    }
+}

crates/configuration/src/values/redacted.rs

@@ -19,11 +19,13 @@ use tracing::{info_span, Instrument};
 
 use metadata::database;
 
+use crate::configuration::ConnectionSettings;
+use crate::connect::read_ssl_info;
 use crate::environment::Environment;
 use crate::error::{
     MakeRuntimeConfigurationError, ParseConfigurationError, WriteParsedConfigurationError,
 };
-use crate::values::{ConnectionUri, Secret};
+use crate::values::{ConnectionUri, Redacted, Secret};
 use crate::VersionTag;
 
 const CONFIGURATION_FILENAME: &str = "configuration.json";
@@ -594,10 +596,20 @@ pub fn make_runtime_configuration(
             })
         }
     }?;
+
+    let connection_uri = Redacted::new(connection_uri);
+    let ssl = read_ssl_info(&environment);
+    let ssl = Redacted::new(ssl);
+
+    let connection_settings = ConnectionSettings::Static {
+        connection_uri,
+        ssl,
+    };
+
     Ok(crate::Configuration {
         metadata: convert_metadata(configuration.metadata),
         pool_settings: configuration.connection_settings.pool_settings,
-        connection_uri,
+        connection_settings,
         isolation_level: configuration.connection_settings.isolation_level,
         mutations_version: convert_mutations_version(configuration.mutations_version),
         configuration_version_tag: VersionTag::Version3,