Skip to content

Commit

Permalink
Adds TLS support to Cassandra State Store (#3230)
Browse files Browse the repository at this point in the history
Adds TLS support to Cassandra State Store
  • Loading branch information
berndverst authored Nov 20, 2023
1 parent 1f12557 commit ba5831b
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 9 deletions.
24 changes: 15 additions & 9 deletions state/cassandra/cassandra.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,15 +62,16 @@ type Cassandra struct {
}

type cassandraMetadata struct {
Hosts []string
Port int
ProtoVersion int
ReplicationFactor int
Username string
Password string
Consistency string
Table string
Keyspace string
Hosts []string
Port int
ProtoVersion int
ReplicationFactor int
Username string
Password string
Consistency string
Table string
Keyspace string
EnableHostVerification bool
}

// NewCassandraStateStore returns a new cassandra state store.
Expand Down Expand Up @@ -136,6 +137,11 @@ func (c *Cassandra) createClusterConfig(metadata *cassandraMetadata) (*gocql.Clu
if metadata.Username != "" && metadata.Password != "" {
clusterConfig.Authenticator = gocql.PasswordAuthenticator{Username: metadata.Username, Password: metadata.Password}
}
if metadata.EnableHostVerification {
clusterConfig.SslOpts = &gocql.SslOptions{
EnableHostVerification: true,
}
}
clusterConfig.Port = metadata.Port
clusterConfig.ProtoVersion = metadata.ProtoVersion
cons, err := c.getConsistency(metadata.Consistency)
Expand Down
5 changes: 5 additions & 0 deletions state/cassandra/metadata.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,11 @@ metadata:
description: "Port for communication."
default: "9042"
example: "8080"
- name: enableHostVerification
type: bool
description: "Enables host verification. Secures the traffic between client server with TLS."
default: "false"
example: "true"
- name: table
type: string
description: "The name of the table to use."
Expand Down

0 comments on commit ba5831b

Please sign in to comment.