Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

添加对AWS Secrets Manager支持及支持Redis SSL连接 #2212

Open
wants to merge 7 commits into
base: master
Choose a base branch
from
+34 −2
Open

添加对AWS Secrets Manager支持及支持Redis SSL连接 #2212

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
30053f2
add aws secretmanager support
bobfantansy Jul 13, 2023
296726e
fix NoneType error
bobfantansy Jul 13, 2023
d01a5c1
print log
bobfantansy Jul 14, 2023
3fe19bf
fix goinception remote username and password using secret
bobfantansy Jul 14, 2023
ae5ba58
add ssl conn support to redis
bobfantansy Jul 14, 2023
94b485c
correct lint format
bobfantansy Jul 17, 2023
2829fb1
correct lint format
bobfantansy Jul 17, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
*.pyc
.venv/
*.swp
*.lock
*.log
Expand All @@ -8,9 +9,12 @@ archery/settings.py.github
archery/settings.py.dev
archery/settings_dev.py
sql/migrations/
static/
nohup.out
supervisord.pid
venv
env
sonar-project.properties
.scannerwork
.env
local_settings.py
local_settings.py
3 changes: 2 additions & 1 deletion requirements.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,4 +38,5 @@ django-environ==0.8.1
alibabacloud_dysmsapi20170525==2.0.9
tencentcloud-sdk-python==3.0.656
mozilla-django-oidc==3.0.0
django-auth-dingding==0.0.2
django-auth-dingding==0.0.2
boto3==1.26.103
19 changes: 19 additions & 0 deletions sql/engines/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
"""engine base库, 包含一个``EngineBase`` class和一个get_engine函数"""
from sql.engines.models import ResultSet, ReviewSet
from sql.utils.ssh_tunnel import SSHConnection
import boto3
import simplejson as json


class EngineBase:
Expand All @@ -20,6 +22,15 @@ def __init__(self, instance=None):
self.password = instance.password
self.db_name = instance.db_name
self.mode = instance.mode
self.awsSecretId = instance.awsSecretId
self.is_ssl = instance.is_ssl

if not self.awsSecretId == None and self.awsSecretId.strip():
client = boto3.client("secretsmanager")
response = client.get_secret_value(SecretId=instance.awsSecretId)
secret = json.loads(response["SecretString"])
self.user = secret["username"]
self.password = secret["password"]

# 判断如果配置了隧道则连接隧道,只测试了MySQL
if self.instance.tunnel:
Expand Down Expand Up @@ -62,6 +73,14 @@ def remote_instance_conn(self, instance=None):
self.remote_port = instance.port
self.remote_user = instance.user
self.remote_password = instance.password

if not instance.awsSecretId == None and instance.awsSecretId.strip():
client = boto3.client("secretsmanager")
response = client.get_secret_value(SecretId=instance.awsSecretId)
secret = json.loads(response["SecretString"])
self.remote_user = secret["username"]
self.remote_password = secret["password"]

return (
self.remote_host,
self.remote_port,
Expand Down
2 changes: 2 additions & 0 deletions sql/engines/redis.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ def get_connection(self, db_name=None):
encoding_errors="ignore",
decode_responses=True,
socket_connect_timeout=10,
ssl=self.is_ssl,
)
else:
return redis.Redis(
Expand All @@ -43,6 +44,7 @@ def get_connection(self, db_name=None):
encoding_errors="ignore",
decode_responses=True,
socket_connect_timeout=10,
ssl=self.is_ssl,
)

@property
Expand Down
4 changes: 4 additions & 0 deletions sql/models.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -195,12 +195,16 @@ class Instance(models.Model):
password = fields.EncryptedCharField(
verbose_name="密码", max_length=300, default="", blank=True
)
is_ssl = models.BooleanField("是否启用SSL", default=False)
db_name = models.CharField("数据库", max_length=64, default="", blank=True)
charset = models.CharField("字符集", max_length=20, default="", blank=True)
service_name = models.CharField(
"Oracle service name", max_length=50, null=True, blank=True
)
sid = models.CharField("Oracle sid", max_length=50, null=True, blank=True)
awsSecretId = models.CharField(
"AWS Secret Id", max_length=50, null=True, blank=True
)
resource_group = models.ManyToManyField(
ResourceGroup, verbose_name="资源组", blank=True
)
Expand Down
2 changes: 2 additions & 0 deletions src/init_sql/v1.9.3.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
ALTER TABLE sql_instance ADD awsSecretId varchar(100) DEFAULT '' COMMENT 'AWS SecretId';
ALTER TABLE sql_instance ADD is_ssl tinyint(1) DEFAULT 0 COMMENT '是否启用SSL';