Skip to content

Commit

Permalink
Merge pull request #81 from ashsmith/add-db-ssl-ca-support
Browse files Browse the repository at this point in the history 
Initial support for DB SSL CA
  • Loading branch information
@gareth-e-james
gareth-e-james authored Dec 7, 2023
2 parents fe9e965 + 1eefa5d commit d883e87
Show file tree
Hide file tree
Showing 5 changed files with 33 additions and 4 deletions.
6 changes: 4 additions & 2 deletions src/Application/Config.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,8 @@ public function getDatabaseCredentials()
$configReader->getDatabaseUsername() ?? '',
$configReader->getDatabasePassword() ?? '',
$configReader->getDatabaseHost() ?? '',
$configReader->getDatabasePort() ?? ''
$configReader->getDatabasePort() ?? '',
// @TODO: Support SSL CA from config reader.
);

return $this->databaseCredentials;
Expand All @@ -103,7 +104,8 @@ public function getDatabaseCredentials()
$this->get(Option::DB_USER, true) ?? '',
$this->get(Option::DB_PASS, true) ?? '',
$this->get(Option::DB_HOST, true) ?? 'localhost',
$this->get(Option::DB_PORT, true) ?? '3306'
$this->get(Option::DB_PORT, true) ?? '3306',
$this->get(Option::DB_SSL_CA, true) ?? null,
);
}

Expand Down
21 changes: 19 additions & 2 deletions src/Application/Config/DatabaseCredentials.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,18 +29,25 @@ class DatabaseCredentials
*/
private $port;

/**
* @var string
*/
private $sslCAPath;

public function __construct(
string $name,
string $username,
string $password = null,
string $host = 'localhost',
string $port = '3306'
string $port = '3306',
string $sslCAPath = null
) {
$this->name = $name;
$this->username = $username;
$this->password = $password;
$this->host = $host;
$this->port = $port;
$this->sslCAPath = $sslCAPath;
}

/**
Expand Down Expand Up @@ -83,11 +90,20 @@ public function getPort(): string
return $this->port;
}

public function getSSLCAPath(): ?string {
return $this->sslCAPath;
}

/**
* @return \PDO
*/
public function createPDO(): \PDO
{
$options = array()
if ($this->getSSLCAPath() !== null) {
$options[PDO::MYSQL_ATTR_SSL_CA] = $this->getSSLCAPath();
$options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = false;
}
return new \PDO(
sprintf(
'mysql:dbname=%s;host=%s;port=%s;charset=utf8',
Expand All @@ -96,7 +112,8 @@ public function createPDO(): \PDO
$this->getPort()
),
$this->getUsername(),
$this->getPassword()
$this->getPassword(),
$options
);
}
}
3 changes: 3 additions & 0 deletions src/Application/Config/Option.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,14 @@ final class Option
const DB_USER = 'db-user';
const DB_PASS = 'db-pass';
const DB_PORT = 'db-port';
const DB_SSL_CA = 'db-ssl-ca';

const YAML_DB_HOST = 'db_host';
const YAML_DB_NAME = 'db_name';
const YAML_DB_USER = 'db_user';
const YAML_DB_PASS = 'db_pass';
const YAML_DB_PORT = 'db_port';
const YAML_DB_SSL_CA = 'db_ssl_ca';

const TABLE_GROUPS = 'table-groups';

Expand Down Expand Up @@ -57,6 +59,7 @@ public static function allowUserToPersist()
self::YAML_DB_USER,
self::YAML_DB_PASS,
self::YAML_DB_PORT,
self::YAML_DB_SSL_CA,

self::YAML_STORAGE_ACCESS_KEY,
self::YAML_STORAGE_SECRET_KEY,
Expand Down
6 changes: 6 additions & 0 deletions src/Command/BaseCommand.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -164,6 +164,12 @@ protected function configure()
InputOption::VALUE_REQUIRED,
'Database name'
),
new InputOption(
Option::DB_SSL_CA,
null,
InputOption::VALUE_OPTIONAL,
'Path to SSL CA e.g. /etc/ssl/my-cert.pem'
),
new InputOption(
Option::ROOT_DIR,
null,
Expand Down
1 change: 1 addition & 0 deletions tests/Command/ConfigureCommandTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ public function testInteractive()
'',
'',
'',
'',
'yes' // Confirm write
]);

Expand Down

0 comments on commit d883e87

Please sign in to comment.