From cadafc294933ba9eb67d0b36f30f6cc160487b3c Mon Sep 17 00:00:00 2001 From: Pekka Enberg Date: Wed, 6 Mar 2024 13:23:38 +0200 Subject: [PATCH 1/4] github: Install cmake We need it to build libsql with encryption enabled. --- .github/workflows/CI.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 9820c0d..d53b621 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -65,6 +65,10 @@ jobs: target: [aarch64] steps: - uses: actions/checkout@v3 + - name: Setup cmake + uses: jwlawson/actions-setup-cmake@v1.14 + with: + cmake-version: '3.18.x' - uses: actions/setup-python@v4 with: python-version: '3.10' From 7579dffc3a62afd9ff2aa411c7babef6aecc34c8 Mon Sep 17 00:00:00 2001 From: Pekka Enberg Date: Fri, 15 Mar 2024 12:16:42 +0200 Subject: [PATCH 2/4] github: Tweak macOS runners We're hitting a compilation error, which likely happens because we're cross compiling x86 on mac... --- .github/workflows/CI.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index d53b621..d683c70 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -37,7 +37,7 @@ jobs: path: dist macos-x86_64: - runs-on: macos-latest + runs-on: macos-13 strategy: matrix: target: [x86_64] @@ -59,7 +59,7 @@ jobs: path: dist macos-arm64: - runs-on: macos-arm64 + runs-on: macos-13-xlarge strategy: matrix: target: [aarch64] From 9abc0613cfd2b6fc79712c1218e262e756691e4a Mon Sep 17 00:00:00 2001 From: Pekka Enberg Date: Mon, 4 Mar 2024 16:25:31 +0200 Subject: [PATCH 3/4] Encryption at rest support --- Cargo.toml | 2 +- src/lib.rs | 24 +++++++++++++++++++++--- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index db56c21..4c6a7eb 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -9,6 +9,6 @@ crate-type = ["cdylib"] [dependencies] pyo3 = "0.19.0" -libsql = { version = "0.3.0" } +libsql = { version = "0.3.0", features = ["encryption"] } tokio = { version = "1.29.1", features = [ "rt-multi-thread" ] } tracing-subscriber = "0.3" diff --git a/src/lib.rs b/src/lib.rs index b68dbf6..0a96222 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -19,7 +19,7 @@ fn is_remote_path(path: &str) -> bool { } #[pyfunction] -#[pyo3(signature = (database, isolation_level="DEFERRED".to_string(), check_same_thread=true, uri=false, sync_url=None, auth_token=""))] +#[pyo3(signature = (database, isolation_level="DEFERRED".to_string(), check_same_thread=true, uri=false, sync_url=None, auth_token="", encryption_key=None))] fn connect( py: Python<'_>, database: String, @@ -28,10 +28,19 @@ fn connect( uri: bool, sync_url: Option, auth_token: &str, + encryption_key: Option, ) -> PyResult { let ver = env!("CARGO_PKG_VERSION"); let ver = format!("libsql-python-rpc-{ver}"); let rt = tokio::runtime::Runtime::new().unwrap(); + let encryption_config = match encryption_key { + Some(key) => { + let cipher = libsql::Cipher::default(); + let encryption_config = libsql::EncryptionConfig::new(cipher, key.into()); + Some(encryption_config) + } + None => None, + }; let db = if is_remote_path(&database) { let result = libsql::Database::open_remote_internal(database.clone(), auth_token, ver); result.map_err(to_py_err)? @@ -44,14 +53,23 @@ fn connect( auth_token, Some(ver), true, - None, + encryption_config, None, ); tokio::pin!(fut); let result = rt.block_on(check_signals(py, fut)); result.map_err(to_py_err)? } - None => libsql_core::Database::open(database).map_err(to_py_err)?, + None => { + let mut builder = libsql::Builder::new_local(database); + if let Some(config) = encryption_config { + builder = builder.encryption_config(config); + } + let fut = builder.build(); + tokio::pin!(fut); + let result = rt.block_on(check_signals(py, fut)); + result.map_err(to_py_err)? + } } }; let autocommit = isolation_level.is_none(); From d748b900fb1c399aad4f9eb3ad01ae18441ce6d4 Mon Sep 17 00:00:00 2001 From: Pekka Enberg Date: Mon, 4 Mar 2024 16:33:16 +0200 Subject: [PATCH 4/4] Periodic sync support --- src/lib.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/lib.rs b/src/lib.rs index 0a96222..fc060e8 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -19,7 +19,7 @@ fn is_remote_path(path: &str) -> bool { } #[pyfunction] -#[pyo3(signature = (database, isolation_level="DEFERRED".to_string(), check_same_thread=true, uri=false, sync_url=None, auth_token="", encryption_key=None))] +#[pyo3(signature = (database, isolation_level="DEFERRED".to_string(), check_same_thread=true, uri=false, sync_url=None, sync_interval=None, auth_token="", encryption_key=None))] fn connect( py: Python<'_>, database: String, @@ -27,6 +27,7 @@ fn connect( check_same_thread: bool, uri: bool, sync_url: Option, + sync_interval: Option, auth_token: &str, encryption_key: Option, ) -> PyResult { @@ -47,6 +48,7 @@ fn connect( } else { match sync_url { Some(sync_url) => { + let sync_interval = sync_interval.map(|i| std::time::Duration::from_secs_f64(i)); let fut = libsql::Database::open_with_remote_sync_internal( database, sync_url, @@ -54,7 +56,7 @@ fn connect( Some(ver), true, encryption_config, - None, + sync_interval, ); tokio::pin!(fut); let result = rt.block_on(check_signals(py, fut));