Skip to content
This repository has been archived by the owner on Jun 10, 2024. It is now read-only.

feat(nats): add an option for specifiying a path to a CA file #279

Merged
merged 1 commit into from
Feb 23, 2024
Merged

feat(nats): add an option for specifiying a path to a CA file #279

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion nats/Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 1 addition & 2 deletions nats/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "wasmcloud-provider-nats"
version = "0.18.0"
version = "0.18.1"
edition = "2021"

[dependencies]
Expand Down Expand Up @@ -43,4 +43,3 @@ path = "src/main.rs"
strip = true
opt-level = "z"
lto = true

14 changes: 14 additions & 0 deletions nats/src/main.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ const ENV_NATS_URI: &str = "URI";
const ENV_NATS_CLIENT_JWT: &str = "CLIENT_JWT";
const ENV_NATS_CLIENT_SEED: &str = "CLIENT_SEED";
const ENV_NATS_TLS_CA: &str = "TLS_CA";
const ENV_NATS_TLS_CA_FILE: &str = "TLS_CA_FILE";

fn main() -> Result<(), Box<dyn std::error::Error>> {
// handle lattice control messages and forward rpc to the provider dispatch
Expand Down Expand Up @@ -77,6 +78,8 @@ struct ConnectionConfig {
auth_seed: Option<String>,
#[serde(default)]
tls_ca: Option<String>,
#[serde(default)]
tls_ca_file: Option<String>,

/// ping interval in seconds
#[serde(default)]
Expand Down Expand Up @@ -107,6 +110,9 @@ impl ConnectionConfig {
if extra.tls_ca.is_some() {
out.tls_ca = extra.tls_ca.clone()
}
if extra.tls_ca_file.is_some() {
out.tls_ca_file = extra.tls_ca_file.clone()
}
out
}
}
Expand All @@ -120,6 +126,7 @@ impl Default for ConnectionConfig {
auth_seed: None,
ping_interval_sec: None,
tls_ca: None,
tls_ca_file: None,
}
}
}
Expand Down Expand Up @@ -164,6 +171,9 @@ impl ConnectionConfig {
if let Some(tls_ca) = values.get(ENV_NATS_TLS_CA) {
config.tls_ca = Some(tls_ca.clone());
}
if let Some(tls_ca_file) = values.get(ENV_NATS_TLS_CA_FILE) {
config.tls_ca_file = Some(tls_ca_file.clone());
}
Ok(config)
}
}
Expand Down Expand Up @@ -499,6 +509,10 @@ fn build_connect_options(cfg: &ConnectionConfig) -> Result<async_nats::ConnectOp

if let Some(tls_ca) = &cfg.tls_ca {
return add_tls_ca(tls_ca, opts);
} else if let Some(tls_ca_file) = &cfg.tls_ca_file {
let ca = std::fs::read_to_string(tls_ca_file)
.map_err(|e| RpcError::ProviderInit(format!("tls ca file: {}", e)))?;
return add_tls_ca(&ca, opts);
}

Ok(opts)
Expand Down