rust/hyperswitch
1
0
Fork 0
mirror of https://github.com/juspay/hyperswitch.git synced 2025-10-31 01:57:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

refactor(drainer, router): KMS decrypt database password when kms feature is enabled (#733)

Browse Source
This commit is contained in:
Sanchith Hegde
2023-03-30 04:26:19 +05:30
committed by GitHub
parent a733eafbbe
commit 9d6e4ee37d
11 changed files with 149 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
crates/router/src/connection.rs
View File

@ -2,6 +2,8 @@ use async_bb8_diesel::{AsyncConnection, ConnectionError};
use bb8::{CustomizeConnection, PooledConnection};
use diesel::PgConnection;
use error_stack::{IntoReport, ResultExt};
#[cfg(feature = "kms")]
use external_services::kms;
use crate::{configs::settings::Database, errors};
@ -37,10 +39,24 @@ pub async fn redis_connection(
}
#[allow(clippy::expect_used)]
pub async fn diesel_make_pg_pool(database: &Database, test_transaction: bool) -> PgPool {
pub async fn diesel_make_pg_pool(
database: &Database,
test_transaction: bool,
#[cfg(feature = "kms")] kms_config: &kms::KmsConfig,
) -> PgPool {
#[cfg(feature = "kms")]
let password = kms::get_kms_client(kms_config)
.await
.decrypt(&database.kms_encrypted_password)
.await
.expect("Failed to KMS decrypt database password");
#[cfg(not(feature = "kms"))]
let password = &database.password;
let database_url = format!(
"postgres://{}:{}@{}:{}/{}",
database.username, database.password, database.host, database.port, database.dbname
database.username, password, database.host, database.port, database.dbname
);
let manager = async_bb8_diesel::ConnectionManager::<PgConnection>::new(database_url);
let mut pool = bb8::Pool::builder()