diff --git a/lib/ecto/repo/supervisor.ex b/lib/ecto/repo/supervisor.ex index 42d3584056..dcb5826ea8 100644 --- a/lib/ecto/repo/supervisor.ex +++ b/lib/ecto/repo/supervisor.ex @@ -1,6 +1,7 @@ defmodule Ecto.Repo.Supervisor do @moduledoc false use Supervisor + require Logger @defaults [timeout: 15000, pool_size: 10] @integer_url_query_params ["timeout", "pool_size", "idle_interval"] @@ -25,7 +26,20 @@ defmodule Ecto.Repo.Supervisor do case repo_init(type, repo, config) do {:ok, config} -> {url, config} = Keyword.pop(config, :url) - {:ok, Keyword.merge(config, parse_url(url || ""))} + url_config = parse_url(url || "") + + url_config = + if is_list(config[:ssl]) and url_config[:ssl] == true do + Logger.warning( + "ignoring `ssl=true` parameter in URL because `ssl` is already set in the configuration: #{inspect(config[:ssl])}" + ) + + Keyword.delete(url_config, :ssl) + else + url_config + end + + {:ok, Keyword.merge(config, url_config)} :ignore -> :ignore diff --git a/test/ecto/repo/supervisor_test.exs b/test/ecto/repo/supervisor_test.exs index 141bbe0d3c..73f2f827a7 100644 --- a/test/ecto/repo/supervisor_test.exs +++ b/test/ecto/repo/supervisor_test.exs @@ -83,6 +83,20 @@ defmodule Ecto.Repo.SupervisorTest do assert normalize(config) == [database: "mydb", extra: "extra", otp_app: :ecto, scheme: "ecto"] end + @tag :capture_log + test "URL options do not overwrite SSL cacertfile from config" do + put_env(database: "hello", url: "ecto:///mydb?ssl=true", ssl: [cacertfile: "/path/to/file"]) + {:ok, config} = init_config(:runtime, __MODULE__, :ecto, extra: "extra") + + assert normalize(config) == [ + database: "mydb", + extra: "extra", + otp_app: :ecto, + scheme: "ecto", + ssl: [cacertfile: "/path/to/file"] + ] + end + test "is no-op for nil or empty URL" do put_env(database: "hello", url: nil) {:ok, config} = init_config(:runtime, __MODULE__, :ecto, [])