Elgato_dark/console
1
0
Fork 0
mirror of https://github.com/graphql-hive/console synced 2026-04-21 14:37:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

feat: redis tls support (#5884)

Browse source 
Co-authored-by: Laurin Quast <laurinquast@googlemail.com>
This commit is contained in:
Andrii Hrachov 2024-11-11 14:26:30 +01:00 committed by GitHub
parent 277769db56
commit 8aec41a36e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
21 changed files with 50 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
.changeset/early-otters-help.md Normal file
View file

@ -0,0 +1,5 @@
---
'hive': minor
---
Add `REDIS_TLS_ENABLED` environment variable for enabling and disabling Redis TLS for `emails`, `schema`, `tokens`, `webhooks` and `server` services.

17
docs/DEVELOPMENT.md
View file

@ -22,6 +22,23 @@ ENVIRONMENT=local
- Run `pnpm i` at the root to install all the dependencies and run the hooks
- Run `pnpm local:setup` to run Docker compose dependencies, create databases and migrate database
Solving permission problems on this step:
```bash
export UID=$(id -u)
export GID=$(id -g)
```
Add "user" field to docker-compose.dev.yml
```
clickhouse:
user: '${UID}:${GID}'
db:
user: '${UID}:${GID}'
```
- Run `pnpm generate` to generate the typings from the graphql files (use `pnpm graphql:generate` if
you only need to run GraphQL Codegen)
- Run `pnpm build` to build all services

2
packages/libraries/core/src/version.ts
View file

@ -1 +1 @@
export const version = '0.8.0';
export const version = '0.8.2';

5
packages/services/api/src/modules/shared/providers/redis.ts
View file

@ -5,7 +5,9 @@ import { Logger } from './logger';
export type { RedisInstance as Redis };
export type RedisConfig = Required<Pick<RedisOptions, 'host' | 'port' | 'password'>>;
export type RedisConfig = Required<Pick<RedisOptions, 'host' | 'port' | 'password'>> & {
tlsEnabled: boolean;
};
export const REDIS_INSTANCE = new InjectionToken<RedisInstance>('REDIS_INSTANCE');
@ -24,6 +26,7 @@ export function createRedisClient(label: string, config: RedisConfig, logger: Lo
db: 0,
maxRetriesPerRequest: null,
enableReadyCheck: false,
tls: config.tlsEnabled ? {} : undefined,
});
redis.on('error', err => {

1
packages/services/emails/README.md
View file

@ -12,6 +12,7 @@ Service for sending Hive Emails.
| `REDIS_HOST` | **Yes** | The host of your redis instance. | `"127.0.0.1"` |
| `REDIS_PORT` | **Yes** | The port of your redis instance. | `6379` |
| `REDIS_PASSWORD` | **Yes** | The password of your redis instance. | `"apollorocks"` |
| `REDIS_TLS_ENABLED` | **No** | Enable TLS for redis connection (rediss://). | `"0"` |
| `EMAIL_FROM` | **Yes** | The email address used for sending emails | `kamil@graphql-hive.com` |
| `EMAIL_PROVIDER` | **Yes** | The email provider that should be used for sending emails. | `smtp` or `postmark` or `mock` |
| `EMAIL_PROVIDER_SMTP_PROTOCOL` | No (**Yes** if `EMAIL_PROVIDER` is set to `smtp`) | The protocol used for the smtp server | `smtp` or `smtps` |

2
packages/services/emails/src/environment.ts
View file

@ -40,6 +40,7 @@ const RedisModel = zod.object({
REDIS_HOST: zod.string(),
REDIS_PORT: NumberFromString,
REDIS_PASSWORD: emptyString(zod.string().optional()),
REDIS_TLS_ENABLED: emptyString(zod.union([zod.literal('1'), zod.literal('0')]).optional()),
});
const PostmarkEmailModel = zod.object({
@ -193,6 +194,7 @@ export const env = {
host: redis.REDIS_HOST,
port: redis.REDIS_PORT,
password: redis.REDIS_PASSWORD ?? '',
tlsEnabled: redis.REDIS_TLS_ENABLED === '1',
},
email: {
provider: emailProviderConfig,

1
packages/services/emails/src/index.ts
View file

@ -66,6 +66,7 @@ async function main() {
host: env.redis.host,
port: env.redis.port,
password: env.redis.password,
tlsEnabled: env.redis.tlsEnabled,
},
queueName: 'emails',
emailProvider,

2
packages/services/emails/src/scheduler.ts
View file

@ -18,6 +18,7 @@ export function createScheduler(config: {
host: string;
port: number;
password: string;
tlsEnabled: boolean;
};
queueName: string;
emailProvider: EmailProvider;
@ -126,6 +127,7 @@ export function createScheduler(config: {
db: 0,
maxRetriesPerRequest: null,
enableReadyCheck: false,
tls: config.redis.tlsEnabled ? {} : undefined,
});
redisConnection.on('error', err => {

1
packages/services/schema/README.md
View file

@ -11,6 +11,7 @@ of subschemas.
| `REDIS_HOST` | **Yes** | The host of your redis instance. | `"127.0.0.1"` |
| `REDIS_PORT` | **Yes** | The port of your redis instance. | `6379` |
| `REDIS_PASSWORD` | **Yes** | The password of your redis instance. | `"apollorocks"` |
| `REDIS_TLS_ENABLED` | **No** | Enable TLS for redis connection (rediss://). | `"0"` |
| `ENCRYPTION_SECRET` | **Yes** | Secret for encrypting stuff. | `8ebe95cg21c1fee355e9fa32c8c33141` |
| `ENVIRONMENT` | No | The environment of your Hive app. (**Note:** This will be used for Sentry reporting.) | `staging` |
| `BODY_LIMIT` | No | Maximum payload size in bytes. Defaults to 11 MB. | `11000000` |

2
packages/services/schema/src/environment.ts
View file

@ -59,6 +59,7 @@ const RedisModel = zod.object({
REDIS_HOST: zod.string(),
REDIS_PORT: NumberFromString(),
REDIS_PASSWORD: emptyString(zod.string().optional()),
REDIS_TLS_ENABLED: emptyString(zod.union([zod.literal('1'), zod.literal('0')]).optional()),
});
const PrometheusModel = zod.object({
@ -151,6 +152,7 @@ export const env = {
host: redis.REDIS_HOST,
port: redis.REDIS_PORT,
password: redis.REDIS_PASSWORD ?? '',
tlsEnabled: redis.REDIS_TLS_ENABLED === '1',
},
sentry: sentry.SENTRY === '1' ? { dsn: sentry.SENTRY_DSN } : null,
log: {

1
packages/services/schema/src/index.ts
View file

@ -98,6 +98,7 @@ async function main() {
db: 0,
maxRetriesPerRequest: null,
enableReadyCheck: false,
tls: env.redis.tlsEnabled ? {} : undefined,
});
try {

1
packages/services/server/README.md
View file

@ -31,6 +31,7 @@ The GraphQL API for GraphQL Hive.
| `REDIS_HOST` | **Yes** | The host of your redis instance. | `"127.0.0.1"` |
| `REDIS_PORT` | **Yes** | The port of your redis instance. | `6379` |
| `REDIS_PASSWORD` | **Yes** | The password of your redis instance. | `"apollorocks"` |
| `REDIS_TLS_ENABLED` | **No** | Enable TLS for redis connection (rediss://). | `"0"` |
| `S3_ENDPOINT` | **Yes** | The S3 endpoint. | `http://localhost:9000` |
| `S3_ACCESS_KEY_ID` | **Yes** | The S3 access key id. | `minioadmin` |
| `S3_SECRET_ACCESS_KEY` | **Yes** | The S3 secret access key. | `minioadmin` |

2
packages/services/server/src/environment.ts
View file

@ -92,6 +92,7 @@ const RedisModel = zod.object({
REDIS_HOST: zod.string(),
REDIS_PORT: NumberFromString,
REDIS_PASSWORD: emptyString(zod.string().optional()),
REDIS_TLS_ENABLED: emptyString(zod.union([zod.literal('1'), zod.literal('0')]).optional()),
});
const SuperTokensModel = zod.object({
@ -397,6 +398,7 @@ export const env = {
host: redis.REDIS_HOST,
port: redis.REDIS_PORT,
password: redis.REDIS_PASSWORD ?? '',
tlsEnabled: redis.REDIS_TLS_ENABLED === '1',
},
supertokens: {
connectionURI: supertokens.SUPERTOKENS_CONNECTION_URI,

1
packages/services/tokens/README.md
View file

@ -17,6 +17,7 @@ APIs (usage service and GraphQL API).
| `REDIS_HOST` | **Yes** | The host of your redis instance. | `"127.0.0.1"` |
| `REDIS_PORT` | **Yes** | The port of your redis instance. | `6379` |
| `REDIS_PASSWORD` | **Yes** | The password of your redis instance. | `"apollorocks"` |
| `REDIS_TLS_ENABLED` | **No** | Enable TLS for redis connection (rediss://). | `"0"` |
| `RATE_LIMIT_ENDPOINT` | **Yes** | The endpoint of the rate limiting service. | `http://127.0.0.1:4012` |
| `ENVIRONMENT` | No | The environment of your Hive app. (**Note:** This will be used for Sentry reporting.) | `staging` |
| `SENTRY` | No | Whether Sentry error reporting should be enabled. | `1` (enabled) or `0` (disabled) |

2
packages/services/tokens/src/environment.ts
View file

@ -48,6 +48,7 @@ const RedisModel = zod.object({
REDIS_HOST: zod.string(),
REDIS_PORT: NumberFromString,
REDIS_PASSWORD: emptyString(zod.string().optional()),
REDIS_TLS_ENABLED: emptyString(zod.union([zod.literal('1'), zod.literal('0')]).optional()),
});
const PrometheusModel = zod.object({
@ -143,6 +144,7 @@ export const env = {
host: redis.REDIS_HOST,
port: redis.REDIS_PORT,
password: redis.REDIS_PASSWORD,
tlsEnabled: redis.REDIS_TLS_ENABLED === '1',
},
heartbeat: base.HEARTBEAT_ENDPOINT ? { endpoint: base.HEARTBEAT_ENDPOINT } : null,
sentry: sentry.SENTRY === '1' ? { dsn: sentry.SENTRY_DSN } : null,

1
packages/services/tokens/src/index.ts
View file

@ -80,6 +80,7 @@ export async function main() {
maxRetriesPerRequest: 20,
db: 0,
enableReadyCheck: false,
tls: env.redis.tlsEnabled ? {} : undefined,
});
const { start, stop, readiness, getStorage } = useCache(

1
packages/services/webhooks/README.md
View file

@ -10,6 +10,7 @@ This service takes care of delivering WebHooks.
| `REDIS_HOST` | **Yes** | The host of your redis instance. | `"127.0.0.1"` |
| `REDIS_PORT` | **Yes** | The port of your redis instance. | `6379` |
| `REDIS_PASSWORD` | **Yes** | The password of your redis instance. | `"apollorocks"` |
| `REDIS_TLS_ENABLED` | **No** | Enable TLS for redis connection (rediss://). | `"0"` |
| `ENVIRONMENT` | No | The environment of your Hive app. (**Note:** This will be used for Sentry reporting.) | `staging` |
| `HEARTBEAT_ENDPOINT` | No | The endpoint for a heartbeat. | `http://127.0.0.1:6969/heartbeat` |
| `SENTRY` | No | Whether Sentry error reporting should be enabled. | `1` (enabled) or `0` (disabled) |

2
packages/services/webhooks/src/environment.ts
View file

@ -29,6 +29,7 @@ const RedisModel = zod.object({
REDIS_HOST: zod.string(),
REDIS_PORT: NumberFromString,
REDIS_PASSWORD: emptyString(zod.string().optional()),
REDIS_TLS_ENABLED: emptyString(zod.union([zod.literal('1'), zod.literal('0')]).optional()),
});
const RequestBrokerModel = zod.union([
@ -137,6 +138,7 @@ export const env = {
host: redis.REDIS_HOST,
port: redis.REDIS_PORT,
password: redis.REDIS_PASSWORD ?? '',
tlsEnabled: redis.REDIS_TLS_ENABLED === '1',
},
heartbeat: base.HEARTBEAT_ENDPOINT ? { endpoint: base.HEARTBEAT_ENDPOINT } : null,
sentry: sentry.SENTRY === '1' ? { dsn: sentry.SENTRY_DSN } : null,

1
packages/services/webhooks/src/index.ts
View file

@ -64,6 +64,7 @@ async function main() {
host: env.redis.host,
port: env.redis.port,
password: env.redis.password,
tlsEnabled: env.redis.tlsEnabled,
},
webhookQueueName: 'webhook',
maxAttempts: 10,

1
packages/services/webhooks/src/scheduler.ts
View file

@ -128,6 +128,7 @@ export function createScheduler(config: Config) {
db: 0,
maxRetriesPerRequest: null,
enableReadyCheck: false,
tls: config.redis.tlsEnabled ? {} : undefined,
});
redisConnection.on('error', err => {

1
packages/services/webhooks/src/types.ts
View file

@ -8,6 +8,7 @@ export interface Config {
host: string;
port: number;
password: string;
tlsEnabled: boolean;
};
webhookQueueName: string;
maxAttempts: number;