Skip to content

Commit

Permalink
Registry can be configured with erlang :ssl options
Browse files Browse the repository at this point in the history 
Co-authored-by: Andrew Bruce <[email protected]>
  • Loading branch information
@sstoltze @camelpunch
sstoltze and camelpunch committed Dec 17, 2024
1 parent a2df4d8 commit 3e48ba0
Show file tree
Hide file tree
Showing 5 changed files with 20 additions and 0 deletions.
1 change: 1 addition & 0 deletions lib/avrora/client.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,7 @@ defmodule Avrora.Client do
def registry_auth, do: get(@opts, :registry_auth, nil)
def registry_user_agent, do: get(@opts, :registry_user_agent, "Avrora/#{version()} Elixir")
def registry_ssl_cacerts, do: get(@opts, :registry_ssl_cacerts, nil)
def registry_ssl_opts, do: get(@opts, :registry_ssl_opts, nil)
def registry_schemas_autoreg, do: get(@opts, :registry_schemas_autoreg, true)
def convert_null_values, do: get(@opts, :convert_null_values, true)
def convert_map_to_proplist, do: get(@opts, :convert_map_to_proplist, false)
Expand Down
1 change: 1 addition & 0 deletions lib/avrora/config.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ defmodule Avrora.Config do
@callback registry_user_agent :: String.t() | nil
@callback registry_ssl_cacerts :: binary() | nil
@callback registry_ssl_cacert_path :: String.t() | nil
@callback registry_ssl_opts :: [:ssl.tls_option()] | nil
@callback registry_schemas_autoreg :: boolean()
@callback convert_null_values :: boolean()
@callback convert_map_to_proplist :: boolean()
Expand Down
2 changes: 2 additions & 0 deletions lib/avrora/storage/registry.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,7 @@ defmodule Avrora.Storage.Registry do
defp options do
ssl_options =
cond do
!is_nil(registry_ssl_opts()) -> registry_ssl_opts()
!is_nil(registry_ssl_cacerts()) -> [verify: :verify_peer, cacerts: [registry_ssl_cacerts()]]
!is_nil(registry_ssl_cacert_path()) -> [verify: :verify_peer, cacertfile: registry_ssl_cacert_path()]
true -> [verify: :verify_none]
Expand Down Expand Up @@ -185,4 +186,5 @@ defmodule Avrora.Storage.Registry do
defp registry_user_agent, do: Config.self().registry_user_agent()
defp registry_ssl_cacerts, do: Config.self().registry_ssl_cacerts()
defp registry_ssl_cacert_path, do: Config.self().registry_ssl_cacert_path()
defp registry_ssl_opts, do: Config.self().registry_ssl_opts()
end
14 changes: 14 additions & 0 deletions test/avrora/storage/registry_test.exs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -273,6 +273,20 @@ defmodule Avrora.Storage.RegistryTest do
assert :ok == Registry.get(1) |> elem(0)
end

test "when request should perform SSL verification based on given cert file using :ssl options" do
stub(Avrora.ConfigMock, :registry_ssl_opts, fn -> [verify: :verify_peer, cacertfile: "path/to/file"] end)

Avrora.HTTPClientMock
|> expect(:get, fn url, options ->
assert url == "http://reg.loc/schemas/ids/1"
assert Keyword.fetch!(options, :ssl_options) == [verify: :verify_peer, cacertfile: "path/to/file"]

{:ok, %{"schema" => json_schema()}}
end)

assert :ok == Registry.get(1) |> elem(0)
end

test "when registry url is unconfigured" do
stub(Avrora.ConfigMock, :registry_url, fn -> nil end)

Expand Down
2 changes: 2 additions & 0 deletions test/support/config.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,8 @@ defmodule Support.Config do
@impl true
def registry_ssl_cacert_path, do: nil
@impl true
def registry_ssl_opts, do: nil
@impl true
def registry_schemas_autoreg, do: true
@impl true
def convert_null_values, do: true
Expand Down

0 comments on commit 3e48ba0

Please sign in to comment.