embulk-executor-remoteserver 0.3.1 → 0.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6e3e581f4610b6a718fba908cdac5a526bc78775
-  data.tar.gz: 8ed2e998e2715585c10530626b3d0770cad8cc1f
+  metadata.gz: f28395ebbd29d2028501114573e227c225fd8b6c
+  data.tar.gz: ab865e0e32d2c4d4b56057497278ab61ee1d64be
 SHA512:
-  metadata.gz: 7ccde0fe8ccb9f5189da433a8822cb9d3035d1f612474a3e1f5eb00ffe1bfc30f219c6e185299c058843cd4d97c20d7a1df78dfd4c9f89c6582c539474349315
-  data.tar.gz: ffac80497a0e036476db4c17e2ffe0f6a3b9322352c8a2000c2477598d9ec5ca33a27992947cdee8ea20c6e98588c33bc5531e5fe0a5795b3cd9a6d81aebc545
+  metadata.gz: 7de676f12a5aab6ff29d4b43c191b06637f40901037e21bf05a9c98432bff45766e67626d6d6d7cb097d7f065a92e3fe4924b2abaa22fc497d7b530f60a43112
+  data.tar.gz: 7dc8342789e19402d7a1d61f25bb7525aaed2525496eb93d482f42b078e25ba2ce387c78e35785788c0a89898c3ce99d074692fa99fd5f000f04372a3d10dc3f

data/README.md

@@ -14,11 +14,11 @@ Embulk executor plugin to run Embulk tasks on remote servers.
 
 - **hosts**: List of remote servers (`hostname` or `hostname:port`, default port is `30001`). If not specified, the executor runs as the local mode, which starts an Embulk server on its own process (array of string)
 - **timeout_seconds**: Timeout seconds of the whole execution (integer, default: `3600`)
-- **tls**: Enable to connect server over TLS (boolean, default: `false`)
-- **key_store_p12**: Information of a P12 file used as a [KeyManager](https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/KeyManager.html) to register your client certificate. It would be needed when client auth mode is enabled on Embulk server.
+- **use_tls**: Enable to connect server over TLS (boolean, default: `false`)
+- **cert_p12_file**: Information of a P12 file used as your client certificate. It would be needed when client authentication is enabled on Embulk server.
   - **path**: Path of the file (string, required)
   - **password**: Password of the file (string, required)
-- **trust_store_p12**: Information of a P12 file used as a [TrustManager](https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/TrustManager.html) to register a CA certificate. It would be needed when Embulk server uses unknown CA's certificate.
+- **ca_p12_file**: Information of a P12 file used as CA certificate. It would be needed when Embulk server uses a certificate in which unknown CA signed.
   - **path**: Path of the file (string, required)
   - **password**: Password of the file (string, required)
 
@@ -49,12 +49,10 @@ There are some environment variables to configure the server
 
 - `BIND_ADDRESS`: Bind address of the server (default: `0.0.0.0`)
 - `PORT`: Port number to listen (default: `30001`)
-- `ENABLE_TLS`: Try to connect to client via TLS if `true` (default: `false`)
-- `ENABLE_TLS_CLIENT_AUTH`: Require client authentication if `true` (default: `false`) 
-- `KEY_P12_PATH`: Path of the P12 file used as a KeyManager
-- `KEY_P12_PASSWORD`: Password of the Key P12 file
-- `TRUST_P12_PATH`: Path of the P12 file used as a TrustManager
-- `TRUST_P12_PASSWORD`: Password of the Trust P12 file
+- `USE_TLS`: Try to connect to client via TLS if `true` (default: `false`)
+- `REQUIRE_TLS_CLIENT_AUTH`: Require client authentication if `true` (default: `false`) 
+- `CERT_P12_PATH`, `CERT_P12_PASSWORD`: Path and password of the P12 file for server certificate. Ignored unless both is set.
+- `CA_P12_PATH`, `CA_P12_PASSWORD`: Path and password of the P12 file for CA certificate. Ignored unless both is set.
 
 ## Build
 

data/gradle.properties

@@ -1 +1 @@
-version=0.3.1
+version=0.3.2

data/src/main/java/org/embulk/executor/remoteserver/Launcher.java

@@ -20,24 +20,24 @@ public class Launcher {
     }
 
     private static TLSConfig createTLSConfig(Map<String, String> envVars) {
-        if (!"true".equals(envVars.get("ENABLE_TLS"))) {
+        if (!"true".equals(envVars.get("USE_TLS"))) {
             return null;
         }
 
         TLSConfig tlsConfig = new TLSConfig();
-        String keyP12Path = envVars.get("KEY_P12_PATH");
-        String keyP12Password = envVars.get("KEY_P12_PASSWORD");
+        String keyP12Path = envVars.get("CERT_P12_PATH");
+        String keyP12Password = envVars.get("CERT_P12_PASSWORD");
         if (keyP12Path != null && keyP12Password != null) {
             tlsConfig.keyStore(new P12File(keyP12Path, keyP12Password));
         }
 
-        String trustP12Path = envVars.get("TRUST_P12_PATH");
-        String trustP12Password = envVars.get("TRUST_P12_PASSWORD");
+        String trustP12Path = envVars.get("CA_P12_PATH");
+        String trustP12Password = envVars.get("CA_P12_PASSWORD");
         if (trustP12Path != null && trustP12Password != null) {
             tlsConfig.trustStore(new P12File(trustP12Path, trustP12Password));
         }
 
-        if ("true".equals(envVars.get("ENABLE_TLS_CLIENT_AUTH"))) {
+        if ("true".equals(envVars.get("REQUIRE_TLS_CLIENT_AUTH"))) {
             tlsConfig.enableClientAuth(true);
         }
         return tlsConfig;

data/src/main/java/org/embulk/executor/remoteserver/RemoteServerExecutor.java

@@ -43,33 +43,33 @@ public class RemoteServerExecutor implements ExecutorPlugin {
         @ConfigDefault("3600")
         int getTimeoutSeconds();
 
-        @Config("tls")
+        @Config("use_tls")
         @ConfigDefault("false")
-        boolean getTLS();
+        boolean getUseTls();
 
-        @Config("key_store_p12")
+        @Config("cert_p12_file")
         @ConfigDefault("null")
-        Optional<P12File> getKeyStoreP12();
+        Optional<P12File> getCertP12File();
 
-        @Config("trust_store_p12")
+        @Config("ca_p12_file")
         @ConfigDefault("null")
-        Optional<P12File> getTrustStoreP12();
+        Optional<P12File> getCaP12File();
 
         @ConfigInject
         ModelManager getModelManager();
 
         // Used for the local mode (mainly for testing)
-        @Config("__server_key_store_p12")
+        @Config("__server_cert_p12_file")
         @ConfigDefault("null")
-        Optional<P12File> getServerKeyStoreP12();
+        Optional<P12File> getServerCertP12File();
 
-        @Config("__server_trust_store_p12")
+        @Config("__server_ca_p12_file")
         @ConfigDefault("null")
-        Optional<P12File> getServerTrustStoreP12();
+        Optional<P12File> getServerCaP12File();
 
-        @Config("__server_enable_client_auth")
+        @Config("__server_require_tls_client_auth")
         @ConfigDefault("false")
-        boolean getServerEnableClientAuth();
+        boolean getServerRequireTlsClientAuth();
     }
 
     @Inject
@@ -131,10 +131,10 @@ public class RemoteServerExecutor implements ExecutorPlugin {
                     systemConfigJson, pluginTaskJson, processTaskJson, gemSpecs, pluginArchiveBytes, state, inputTaskCount, modelManager);
 
             TLSConfig tlsConfig = null;
-            if (pluginTask.getTLS()) {
+            if (pluginTask.getUseTls()) {
                 tlsConfig = new TLSConfig();
-                pluginTask.getKeyStoreP12().ifPresent(tlsConfig::keyStore);
-                pluginTask.getTrustStoreP12().ifPresent(tlsConfig::trustStore);
+                pluginTask.getCertP12File().ifPresent(tlsConfig::keyStore);
+                pluginTask.getCaP12File().ifPresent(tlsConfig::trustStore);
             }
 
             try (EmbulkClient client = EmbulkClient.open(session, hosts, tlsConfig)) {
@@ -169,11 +169,11 @@ public class RemoteServerExecutor implements ExecutorPlugin {
 
     private EmbulkServer startEmbulkServer(PluginTask task) throws IOException {
         TLSConfig tlsConfig = null;
-        if (task.getTLS()) {
+        if (task.getUseTls()) {
             tlsConfig = new TLSConfig();
-            task.getServerKeyStoreP12().ifPresent(tlsConfig::keyStore);
-            task.getServerTrustStoreP12().ifPresent(tlsConfig::trustStore);
-            if (task.getServerEnableClientAuth()) {
+            task.getServerCertP12File().ifPresent(tlsConfig::keyStore);
+            task.getServerCaP12File().ifPresent(tlsConfig::trustStore);
+            if (task.getServerRequireTlsClientAuth()) {
                 tlsConfig.enableClientAuth(true);
             }
         }

data/src/test/resources/config/exec_tls.yml

@@ -3,11 +3,11 @@ timeout_seconds: 5
 hosts:
   - localhost:30003
   - localhost:30004
-tls: true
-key_store_p12:
+use_tls: true
+cert_p12_file:
   path: tmp/certs/client.p12
   password: fghij
-trust_store_p12:
+ca_p12_file:
   path: tmp/certs/ca-chain.p12
   password: p@ssw0rd
 

data/test/docker-compose.yml

@@ -20,12 +20,12 @@ services:
     <<: *server
     environment:
       LOG_LEVEL: debug
-      ENABLE_TLS: "true"
-      ENABLE_TLS_CLIENT_AUTH: "true"
-      KEY_P12_PATH: /certs/embulk-server.local.p12
-      KEY_P12_PASSWORD: abcde
-      TRUST_P12_PATH: /certs/ca-chain.p12
-      TRUST_P12_PASSWORD: p@ssw0rd
+      USE_TLS: "true"
+      REQUIRE_TLS_CLIENT_AUTH: "true"
+      CERT_P12_PATH: /certs/embulk-server.local.p12
+      CERT_P12_PASSWORD: abcde
+      CA_P12_PATH: /certs/ca-chain.p12
+      CA_P12_PASSWORD: p@ssw0rd
     ports:
         - "30003:30001"
     volumes:

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: embulk-executor-remoteserver
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.2
 platform: ruby
 authors:
 - Shinichi Ishimura
@@ -51,7 +51,7 @@ files:
 - LICENSE
 - README.md
 - build.gradle
-- classpath/embulk-executor-remoteserver-0.3.1.jar
+- classpath/embulk-executor-remoteserver-0.3.2.jar
 - classpath/msgpack-core-0.8.16.jar
 - classpath/nsocket-0.3.4.jar
 - classpath/slf4j-api-1.7.26.jar