Factor out DBConfig

2015-11-20 22:17:17 -08:00 · 2015-11-20 22:17:17 -08:00 · 0a276a2c53
parent 5dd212dd47
commit 0a276a2c53
3 changed files with 39 additions and 17 deletions
--- a/cmd/config.go
+++ b/cmd/config.go
@ -66,8 +66,7 @@ type Config struct {

 	SA struct {
 		ServiceConfig
-
-		DBConnect ConfigSecret
+		DBConfig

 		MaxConcurrentRPCServerRequests int64
 	}
@ -93,7 +92,7 @@ type Config struct {
 	Syslog SyslogConfig

 	Revoker struct {
-		DBConnect string
+		DBConfig
 		// The revoker isn't a long running service, so doesn't get a full
 		// ServiceConfig, just an AMQPConfig.
 		AMQP *AMQPConfig
@ -101,14 +100,13 @@ type Config struct {

 	Mailer struct {
 		ServiceConfig
+		DBConfig

 		Server   string
 		Port     string
 		Username string
 		Password string

-		DBConnect string
-
 		CertLimit int
 		NagTimes  []string
 		// How much earlier (than configured nag intervals) to
@ -121,10 +119,12 @@ type Config struct {

 	OCSPResponder struct {
 		ServiceConfig
+		DBConfig

 		// Source indicates the source of pre-signed OCSP responses to be used. It
 		// can be a DBConnect string or a file URL. The file URL style is used
 		// when responding from a static file for intermediates and roots.
+		// If DBConfig has non-empty fields, it takes precedence over this.
 		Source string

 		Path          string
@ -166,9 +166,10 @@ type Config struct {
 	}

 	CertChecker struct {
+		DBConfig
+
 		Workers             int
 		ReportDirectoryPath string
-		DBConnect           string
 	}

 	SubscriberAgreementURL string
@ -182,10 +183,19 @@ type ServiceConfig struct {
 	AMQP      *AMQPConfig
 }

+type DBConfig struct {
+	DBConnect string
+	// A file containing a connect URL for the DB.
+	DBConnectFile string
+}
+
 // AMQPConfig describes how to connect to AMQP, and how to speak to each of the
 // RPC services we offer via AMQP.
 type AMQPConfig struct {
-	Server    ConfigSecret
+	// A file containing a connect URL for the server.
+	ServerURLFile string
+
+	Server    string
 	Insecure  bool
 	RA        *RPCServerConfig
 	VA        *RPCServerConfig
@ -207,10 +217,10 @@ type AMQPConfig struct {
 // issued certificates.
 type CAConfig struct {
 	ServiceConfig
+	DBConfig

 	Profile      string
 	TestMode     bool
-	DBConnect    string
 	SerialPrefix int
 	Key          KeyConfig
 	// LifespanOCSP is how long OCSP responses are valid for; It should be longer
@ -232,7 +242,7 @@ type CAConfig struct {
 // database, what policies it should enforce, and what challenges
 // it should offer.
 type PAConfig struct {
-	DBConnect              string
+	DBConfig
 	EnforcePolicyWhitelist bool
 	Challenges             map[string]bool
 }
@ -295,7 +305,7 @@ type RPCServerConfig struct {
 // for the OCSP (and SCT) updater
 type OCSPUpdaterConfig struct {
 	ServiceConfig
-	DBConnect string
+	DBConfig

 	NewCertificateWindow     ConfigDuration
 	OldOCSPWindow            ConfigDuration
--- a/sa/database.go
+++ b/sa/database.go
@ -14,10 +14,22 @@ import (
 	// Provide access to the MySQL driver
 	_ "github.com/letsencrypt/boulder/Godeps/_workspace/src/github.com/go-sql-driver/mysql"
 	gorp "github.com/letsencrypt/boulder/Godeps/_workspace/src/gopkg.in/gorp.v1"
+	"github.com/letsencrypt/boulder/cmd"
 	"github.com/letsencrypt/boulder/core"
 	blog "github.com/letsencrypt/boulder/log"
 )

+func NewDbMapFromConfig(c cmd.DBConfig) (*gorp.DbMap, error) {
+	if c.DBConnectFile != "" {
+		url, err := ioutil.ReadFile(c.DBConnectFile)
+		if err != nil {
+			return nil, err
+		}
+		return NewDbMap(url)
+	}
+	return NewDbMap(c.DBConnect)
+}
+
 // NewDbMap creates the root gorp mapping object. Create one of these for each
 // database schema you wish to map. Each DbMap contains a list of mapped tables.
 // It automatically maps the tables for the primary parts of Boulder around the
--- a/test/boulder-config.json
+++ b/test/boulder-config.json
@ -21,7 +21,7 @@
    "shutdownKillTimeout": "1m",
    "debugAddr": "localhost:8000",
    "amqp": {
-      "server": "secret:test/secrets/amqp",
+      "serverURLFile": "test/secrets/amqp",
      "insecure": true,
      "RA": {
        "server": "RA.server",
@ -111,7 +111,7 @@
  },

  "pa": {
-    "dbConnect": "secret:test/secrets/pa_dburl",
+    "dbConnectFile": "test/secrets/pa_dburl",
    "challenges": {
      "simpleHttp": true,
      "dvsni": true,
@ -147,7 +147,7 @@
  },

  "sa": {
-    "dbConnect": "secret:test/secrets/sa_dburl",
+    "dbConnectFile": "test/secrets/sa_dburl",
    "maxConcurrentRPCServerRequests": 16,
    "debugAddr": "localhost:8003",
    "amqp": {
@ -182,7 +182,7 @@
  },

  "revoker": {
-    "dbConnect": "secret:test/secrets/revoker_dburl",
+    "dbConnectFile": "test/secrets/revoker_dburl",
    "amqp": {
      "server": "secret:test/secrets/amqp",
      "insecure": true,
@ -208,7 +208,7 @@
  },

  "ocspUpdater": {
-    "dbConnect": "secret:test/secrets/ocsp_updater_dburl",
+    "dbConnectFile": "test/secrets/ocsp_updater_dburl",
    "newCertificateWindow": "1s",
    "oldOCSPWindow": "2s",
    "missingSCTWindow": "1m",
@ -253,7 +253,7 @@
    "port": "25",
    "username": "cert-master@example.com",
    "password": "password",
-    "dbConnect": "secret:test/secrets/mailer_dburl",
+    "dbConnectFile": "test/secrets/mailer_dburl",
    "messageLimit": 0,
    "nagTimes": ["24h", "72h", "168h", "336h"],
    "nagCheckInterval": "24h",
@ -295,7 +295,7 @@
  },

  "certChecker": {
-    "dbConnect": "secret:test/secrets/cert_checker_dburl"
+    "dbConnectFile": "test/secrets/cert_checker_dburl"
  },

  "subscriberAgreementURL": "http://127.0.0.1:4001/terms/v1"