feat(mysql): SSL Configuration (#5673)

* feat(mysql): SSL Configuration * Go
ardatan · Jul 14, 2023 · ff1678e · ff1678e
1 parent ade8654
commit ff1678e
Show file tree

Hide file tree

Showing 6 changed files with 137 additions and 11 deletions.
diff --git a/.changeset/five-rabbits-grin.md b/.changeset/five-rabbits-grin.md
@@ -0,0 +1,6 @@
+---
+'@graphql-mesh/mysql': patch
+'@graphql-mesh/types': patch
+---
+
+SSL Configuration
diff --git a/packages/handlers/mysql/src/index.ts b/packages/handlers/mysql/src/index.ts
@@ -13,7 +13,7 @@ import {
 } from 'graphql-scalars';
 import { createPool, Pool, TableForeign } from 'mysql';
 import { introspection, upgrade } from 'mysql-utilities';
-import { process, util } from '@graphql-mesh/cross-helpers';
+import { fs, path, process, util } from '@graphql-mesh/cross-helpers';
 import { MeshStore, PredefinedProxyOptions } from '@graphql-mesh/store';
 import { stringInterpolator } from '@graphql-mesh/string-interpolation';
 import {
@@ -204,6 +204,9 @@ export default class MySQLHandler implements MeshHandler {
           bigNumberStrings: true,
           trace: !!process.env.DEBUG,
           debug: !!process.env.DEBUG,
+          localAddress:
+            this.config.localAddress &&
+            stringInterpolator.parse(this.config.localAddress, { env: process.env }),
           host:
             this.config.host && stringInterpolator.parse(this.config.host, { env: process.env }),
           port:
@@ -217,6 +220,19 @@ export default class MySQLHandler implements MeshHandler {
           database:
             this.config.database &&
             stringInterpolator.parse(this.config.database, { env: process.env }),
+          ssl: this.config.ssl && {
+            rejectUnauthorized:
+              typeof this.config.ssl.rejectUnauthorized === 'undefined'
+                ? true
+                : this.config.ssl.rejectUnauthorized,
+            ca:
+              this.config.ssl.ca &&
+              (await fs.promises.readFile(
+                path.isAbsolute(this.config.ssl.ca)
+                  ? path.join(this.baseDir, this.config.ssl.ca)
+                  : this.config.ssl.ca,
+              )),
+          },
           ...this.config,
         });
 

diff --git a/packages/handlers/mysql/yaml-config.graphql b/packages/handlers/mysql/yaml-config.graphql
@@ -3,20 +3,52 @@ extend type Handler {
 }
 
 type MySQLHandler @md {
+  """
+  The hostname of the database you are connecting to. (Default: localhost)
+  """
   host: String
+
+  """
+  The port number to connect to. (Default: 3306)
+  """
   port: Int
+
+  """
+  The source IP address to use for TCP connection
+  """
+  localAddress: String
+
+  """
+  The MySQL user to authenticate as
+  """
   user: String
+
+  """
+  The password of that MySQL user
+  """
   password: String
+
+  """
+  Name of the database to use for this connection
+  """
   database: String
+
+  """
+  SSL Options for your MySQL connection
+  """
+  ssl: MySQLSSLOptions
+
   """
   Use existing `Pool` instance
   Format: modulePath#exportName
   """
   pool: Any
+
   """
   Use specific tables for your schema
   """
   tables: [String!]
+
   """
   Use specific fields of specific tables
   """
@@ -27,3 +59,14 @@ type TableField {
   table: String!
   fields: [String!]!
 }
+
+type MySQLSSLOptions {
+  """
+  Default: true
+  """
+  rejectUnauthorized: Boolean
+  """
+  Path to your CA
+  """
+  ca: String
+}
diff --git a/packages/types/src/config-schema.json b/packages/types/src/config-schema.json
@@ -1741,19 +1741,31 @@
       "title": "MySQLHandler",
       "properties": {
         "host": {
-          "type": "string"
+          "type": "string",
+          "description": "The hostname of the database you are connecting to. (Default: localhost)"
         },
         "port": {
-          "type": "integer"
+          "type": "integer",
+          "description": "The port number to connect to. (Default: 3306)"
+        },
+        "localAddress": {
+          "type": "string",
+          "description": "The source IP address to use for TCP connection"
         },
         "user": {
-          "type": "string"
+          "type": "string",
+          "description": "The MySQL user to authenticate as"
         },
         "password": {
-          "type": "string"
+          "type": "string",
+          "description": "The password of that MySQL user"
         },
         "database": {
-          "type": "string"
+          "type": "string",
+          "description": "Name of the database to use for this connection"
+        },
+        "ssl": {
+          "$ref": "#/definitions/MySQLSSLOptions"
         },
         "pool": {
           "anyOf": [
@@ -1807,6 +1819,21 @@
       },
       "required": ["table", "fields"]
     },
+    "MySQLSSLOptions": {
+      "additionalProperties": false,
+      "type": "object",
+      "title": "MySQLSSLOptions",
+      "properties": {
+        "rejectUnauthorized": {
+          "type": "boolean",
+          "description": "Default: true"
+        },
+        "ca": {
+          "type": "string",
+          "description": "Path to your CA"
+        }
+      }
+    },
     "Neo4jHandler": {
       "additionalProperties": false,
       "type": "object",

diff --git a/packages/types/src/config.ts b/packages/types/src/config.ts
@@ -737,11 +737,31 @@ export interface TypeConverterResolversOpts1 {
   pagination?: boolean | PaginationResolverOpts;
 }
 export interface MySQLHandler {
+  /**
+   * The hostname of the database you are connecting to. (Default: localhost)
+   */
   host?: string;
+  /**
+   * The port number to connect to. (Default: 3306)
+   */
   port?: number;
+  /**
+   * The source IP address to use for TCP connection
+   */
+  localAddress?: string;
+  /**
+   * The MySQL user to authenticate as
+   */
   user?: string;
+  /**
+   * The password of that MySQL user
+   */
   password?: string;
+  /**
+   * Name of the database to use for this connection
+   */
   database?: string;
+  ssl?: MySQLSSLOptions;
   /**
    * Use existing `Pool` instance
    * Format: modulePath#exportName
@@ -756,6 +776,16 @@ export interface MySQLHandler {
    */
   tableFields?: TableField[];
 }
+export interface MySQLSSLOptions {
+  /**
+   * Default: true
+   */
+  rejectUnauthorized?: boolean;
+  /**
+   * Path to your CA
+   */
+  ca?: string;
+}
 export interface TableField {
   table: string;
   fields: string[];

diff --git a/website/src/generated-markdown/MySQLHandler.generated.md b/website/src/generated-markdown/MySQLHandler.generated.md
@@ -1,9 +1,13 @@
 
-* `host` (type: `String`)
-* `port` (type: `Int`)
-* `user` (type: `String`)
-* `password` (type: `String`)
-* `database` (type: `String`)
+* `host` (type: `String`) - The hostname of the database you are connecting to. (Default: localhost)
+* `port` (type: `Int`) - The port number to connect to. (Default: 3306)
+* `localAddress` (type: `String`) - The source IP address to use for TCP connection
+* `user` (type: `String`) - The MySQL user to authenticate as
+* `password` (type: `String`) - The password of that MySQL user
+* `database` (type: `String`) - Name of the database to use for this connection
+* `ssl` (type: `Object`): 
+  * `rejectUnauthorized` (type: `Boolean`) - Default: true
+  * `ca` (type: `String`) - Path to your CA
 * `pool` (type: `Any`) - Use existing `Pool` instance
 Format: modulePath#exportName
 * `tables` (type: `Array of String`, required) - Use specific tables for your schema