valitydev/salt
14
0
Fork 0
mirror of https://github.com/valitydev/salt.git synced 2024-11-08 09:23:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add TLS connection options for pgjsonb returner

Browse Source 
Previously, any TLS options in the configuration were silently ignored,
and would not have worked regardless
because they were copied from the MySQL returner.
This commit is contained in:
Aneesh Agrawal 2017-05-19 04:05:46 -04:00
parent 5406a7cdd4
commit acd2f52fc0
1 changed files with 39 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
salt/returners/pgjsonb.py
View File

@ -35,9 +35,13 @@ either exclude these options or set them to None.
.. code-block:: yaml .. code-block:: yaml
returner.pgjsonb.ssl_ca: None returner.pgjsonb.sslmode: None
returner.pgjsonb.ssl_cert: None returner.pgjsonb.sslcert: None
returner.pgjsonb.ssl_key: None returner.pgjsonb.sslkey: None
returner.pgjsonb.sslrootcert: None
returner.pgjsonb.sslcrl: None
.. versionadded:: 2017.5.0
Alternative configuration values can be used by prefacing the configuration Alternative configuration values can be used by prefacing the configuration
with `alternative.`. Any values not found in the alternative configuration will with `alternative.`. Any values not found in the alternative configuration will
@ -154,6 +158,7 @@ import logging
import salt.returners import salt.returners
import salt.utils.jid import salt.utils.jid
import salt.exceptions import salt.exceptions
from salt.ext import six
# Import third party libs # Import third party libs
try: try:
@ -179,17 +184,26 @@ def _get_options(ret=None):
''' '''
Returns options used for the MySQL connection. Returns options used for the MySQL connection.
''' '''
defaults = {'host': 'localhost', defaults = {
'host': 'localhost',
'user': 'salt', 'user': 'salt',
'pass': 'salt', 'pass': 'salt',
'db': 'salt', 'db': 'salt',
'port': 5432} 'port': 5432
}
attrs = {'host': 'host', attrs = {
'host': 'host',
'user': 'user', 'user': 'user',
'pass': 'pass', 'pass': 'pass',
'db': 'db', 'db': 'db',
'port': 'port'} 'port': 'port',
'sslmode': 'sslmode',
'sslcert': 'sslcert',
'sslkey': 'sslkey',
'sslrootcert': 'sslrootcert',
'sslcrl': 'sslcrl',
}
_options = salt.returners.get_returner_options('returner.{0}'.format(__virtualname__), _options = salt.returners.get_returner_options('returner.{0}'.format(__virtualname__),
ret, ret,
@ -212,19 +226,18 @@ def _get_serv(ret=None, commit=False):
try: try:
# An empty ssl_options dictionary passed to MySQLdb.connect will # An empty ssl_options dictionary passed to MySQLdb.connect will
# effectively connect w/o SSL. # effectively connect w/o SSL.
ssl_options = {} ssl_options = {
if _options.get('ssl_ca'): k: v for k, v in six.iteritems(_options)
ssl_options['ca'] = _options.get('ssl_ca') if k in ['sslmode', 'sslcert', 'sslkey', 'sslrootcert', 'sslcrl']
if _options.get('ssl_cert'): }
ssl_options['cert'] = _options.get('ssl_cert') conn = psycopg2.connect(
if _options.get('ssl_key'): host=_options.get('host'),
ssl_options['key'] = _options.get('ssl_key') port=_options.get('port'),
conn = psycopg2.connect(host=_options.get('host'), dbname=_options.get('db'),
user=_options.get('user'), user=_options.get('user'),
password=_options.get('pass'), password=_options.get('pass'),
database=_options.get('db'), **ssl_options
port=_options.get('port')) )
# ssl=ssl_options)
except psycopg2.OperationalError as exc: except psycopg2.OperationalError as exc:
raise salt.exceptions.SaltMasterError('pgjsonb returner could not connect to database: {exc}'.format(exc=exc)) raise salt.exceptions.SaltMasterError('pgjsonb returner could not connect to database: {exc}'.format(exc=exc))