fix(mongobi-driver): fix ssl configuration (#78)

* fix(mongobi-driver): fix ssl configuration * fix(mongobi-driver): revert renaming CUBEJS_DB_SSL for backward compat
cube-js · Apr 16, 2019 · ddc4dff · ddc4dff
1 parent c4f12ee
commit ddc4dff
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 6 deletions.
diff --git a/docs/Cube.js-Backend/Connecting-to-the-Database.md b/docs/Cube.js-Backend/Connecting-to-the-Database.md
@@ -37,9 +37,10 @@ The table below shows which environment variables are used for different databas
 
 | Database             | Credentials    |
 | -------------------- |--------------- |
-| PostgreSQL, MySQL, MongoDB, AWS Redshift    | `CUBEJS_DB_TYPE`, `CUBEJS_DB_HOST`, `CUBEJS_DB_NAME`, `CUBEJS_DB_USER`, `CUBEJS_DB_PASS` |
-| AWS Athena           | `CUBEJS_DB_TYPE`, `CUBEJS_AWS_KEY`, `CUBEJS_AWS_SECRET`, `CUBEJS_AWS_REGION`, `CUBEJS_AWS_S3_OUTPUT_LOCATION` |
-| Google Bigquery           | `CUBEJS_DB_BQ_PROJECT_ID`, `CUBEJS_DB_BQ_KEY_FILE or CUBEJS_DB_BQ_CREDENTIALS` |
+| PostgreSQL, MySQL, AWS Redshift | `CUBEJS_DB_HOST`, `CUBEJS_DB_NAME`, `CUBEJS_DB_USER`, `CUBEJS_DB_PASS` |
+| AWS Athena | `CUBEJS_AWS_KEY`, `CUBEJS_AWS_SECRET`, `CUBEJS_AWS_REGION`, `CUBEJS_AWS_S3_OUTPUT_LOCATION` |
+| Google Bigquery | `CUBEJS_DB_BQ_PROJECT_ID`, `CUBEJS_DB_BQ_KEY_FILE or CUBEJS_DB_BQ_CREDENTIALS` |
+| MongoDB | `CUBEJS_DB_HOST`, `CUBEJS_DB_NAME`, `CUBEJS_DB_PORT`, `CUBEJS_DB_USER`, `CUBEJS_DB_PASS`, `CUBEJS_DB_SSL`, `CUBEJS_DB_SSL_CA`, `CUBEJS_DB_SSL_CERT`, `CUBEJS_DB_SSL_CIPHERS`, `CUBEJS_DB_SSL_PASSPHRASE` |
 
 ## Notes
 

diff --git a/packages/cubejs-mongobi-driver/driver/MongoBIDriver.js b/packages/cubejs-mongobi-driver/driver/MongoBIDriver.js
@@ -6,15 +6,40 @@ const BaseDriver = require('@cubejs-backend/query-orchestrator/driver/BaseDriver
 class MongoBIDriver extends BaseDriver {
   constructor(config) {
     super();
+
+    let ssl = {};
+
+    if (process.env.CUBEJS_DB_SSL) {
+      ssl = process.env.CUBEJS_DB_SSL;
+    } else {
+      const sslOptions = [
+        { name: 'ca', value: 'CUBEJS_DB_SSL_CA' },
+        { name: 'cert', value: 'CUBEJS_DB_SSL_CERT' },
+        { name: 'ciphers', value: 'CUBEJS_DB_SSL_CIPHERS' },
+        { name: 'passphrase', value: 'CUBEJS_DB_SSL_PASSPHRASE' },
+      ];
+
+      ssl = sslOptions.reduce(
+        (agg, { name, value }) => ({
+          ...agg,
+          ...(process.env[value] ? { [name]: process.env[value] } : {}),
+        }),
+        {}
+      );
+
+      if (process.env.CUBEJS_DB_SSL_REJECT_UNAUTHORIZED) {
+        ssl.rejectUnauthorized =
+          process.env.CUBEJS_DB_SSL_REJECT_UNAUTHORIZED.toLowerCase() === 'true';
+      }
+    }
+
     this.config = {
       host: process.env.CUBEJS_DB_HOST,
       database: process.env.CUBEJS_DB_NAME,
       port: process.env.CUBEJS_DB_PORT,
       user: process.env.CUBEJS_DB_USER,
       password: process.env.CUBEJS_DB_PASS,
-      ssl: process.env.CUBEJS_DB_SSL && {
-        ssl: process.env.CUBEJS_DB_SSL
-      },
+      ssl,
       authSwitchHandler: (data, cb) => {
         const buffer = Buffer.from((process.env.CUBEJS_DB_PASS || '').concat('\0'));
         cb(null, buffer);