Update github workflows now that examples have a feature gate

scylladb · Jan 12, 2024 · 6337af1 · 6337af1
1 parent 15b3c80
commit 6337af1
Show file tree

Hide file tree

Showing 5 changed files with 45 additions and 39 deletions.
diff --git a/.github/workflows/book.yml b/.github/workflows/book.yml
@@ -30,7 +30,7 @@ jobs:
     - name: Install mdbook
       run: cargo install mdbook --no-default-features
     - name: Build the project
-      run: cargo build --verbose --examples
+      run: cargo build --verbose --features ssl --features cloud --examples 
     - name: Build the book
       run: mdbook build docs
     - name: Build the book using the script

diff --git a/.github/workflows/serverless.yaml b/.github/workflows/serverless.yaml
@@ -3,12 +3,12 @@ name: Serverless
 on:
   push:
     branches:
-    - main
-    - 'branch-*'
+      - main
+      - "branch-*"
   pull_request:
     branches:
-    - main
-    - 'branch-*'
+      - main
+      - "branch-*"
 
 env:
   CARGO_TERM_COLOR: always
@@ -33,9 +33,9 @@ jobs:
       - name: Check
         run: cargo check --verbose
       - name: Run cloud example
-        run: cargo run --example cloud -- $HOME/.ccm/serverless/config_data.yaml
+        run: cargo run --features cloud --example cloud -- $HOME/.ccm/serverless/config_data.yaml
       - name: Run cloud tests
-        run: CLOUD_CONFIG_PATH=$HOME/.ccm/serverless/config_data.yaml RUSTFLAGS="--cfg scylla_cloud_tests" cargo test --verbose
+        run: CLOUD_CONFIG_PATH=$HOME/.ccm/serverless/config_data.yaml RUSTFLAGS="--cfg scylla_cloud_tests" cargo test --features cloud --verbose
 
       - name: Remove serverless cluster
-        run: ccm remove serverless
+        run: ccm remove serverless
diff --git a/docs/source/connecting/tls.md b/docs/source/connecting/tls.md
@@ -1,11 +1,12 @@
 # TLS
 
-Driver uses the [`openssl`](https://github.com/sfackler/rust-openssl) crate for TLS functionality.\
-It was chosen because [`rustls`](https://github.com/ctz/rustls) doesn't support certificates for ip addresses
-(see [issue](https://github.com/briansmith/webpki/issues/54)), which is a common use case for Scylla.
+Enabling TLS can be done with the [`openssl`](https://github.com/sfackler/rust-openssl) crate or
+the [`rustls`](https://github.com/rustls/rustls) crate.
 
+Using the `openssl` crate with the `ssl` feature easily supports most common use cases.
+
+### Enabling OpenSSL
 
-### Enabling feature
 `openssl` is not a pure Rust library so you need enable a feature and install the proper package.
 
 To enable the `tls` feature add in `Cargo.toml`:
@@ -37,7 +38,7 @@ Then install the package with `openssl`:
     pacman -S openssl pkg-config
     ```
 
-### Using TLS
+### Using TLS with OpenSSL
 To use tls you will have to create an openssl 
 [`SslContext`](https://docs.rs/openssl/0.10.33/openssl/ssl/struct.SslContext.html)
 and pass it to `SessionBuilder`
@@ -67,3 +68,11 @@ let session: Session = SessionBuilder::new()
 ```
 
 See the full [example](https://github.com/scylladb/scylla-rust-driver/blob/main/examples/tls.rs) for more details
+
+### Using TLS with rustls
+
+Rustls is a pure Rust crate and does not require installing and C packages. However,
+Rustls is a more strict and requires more boilerplate for less secure setups, such as
+certifcates with empty common names.
+
+See the full [example](https://github.com/scylladb/scylla-rust-driver/blob/main/examples/rustls.rs) for more details
diff --git a/scylla/src/transport/connection.rs b/scylla/src/transport/connection.rs
@@ -292,9 +292,7 @@ mod ssl_config {
     #[cfg(feature = "rustls")]
     use std::{net::IpAddr, sync::Arc};
     #[cfg(feature = "rustls")]
-    use tokio_rustls::rustls::pki_types::ServerName;
-    #[cfg(feature = "rustls")]
-    use tokio_rustls::rustls::ClientConfig;
+    use tokio_rustls::rustls::{pki_types::ServerName, ClientConfig};
     #[cfg(feature = "cloud")]
     use uuid::Uuid;
 

diff --git a/test/tls/ca.crt b/test/tls/ca.crt
@@ -1,24 +1,23 @@
 -----BEGIN CERTIFICATE-----
-MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzEl
-MCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMp
-U3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQw
-NjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBoMQswCQYDVQQGEwJVUzElMCMGA1UE
-ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZp
-ZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqGSIb3
-DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf
-8MOh2tTYbitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN
-+lq2cwQlZut3f+dZxkqZJRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0
-X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVmepsZGD3/cVE8MC5fvj13c7JdBmzDI1aa
-K4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSNF4Azbl5KXZnJHoe0nRrA
-1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HFMIHCMB0G
-A1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fR
-zt0fhvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0
-YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBD
-bGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8w
-DQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGsafPzWdqbAYcaT1epoXkJKtv3
-L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLMPUxA2IGvd56D
-eruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl
-xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynp
-VSJYACPq4xJDKVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEY
-WQPJIrSPnNVeKtelttQKbfi3QBFGmh95DmK/D5fs4C8fF5Q=
------END CERTIFICATE-----
+MIID5TCCAs2gAwIBAgIUIz5sdjquoebzlA6s3gQNRsYV5jUwDQYJKoZIhvcNAQEL
+BQAwgYExCzAJBgNVBAYTAlBMMQowCAYDVQQIDAFNMQ8wDQYDVQQHDAZXYXJzYXcx
+DzANBgNVBAoMBlNjeWxsYTEVMBMGA1UECwwMdGVzdGluZ19yb290MRUwEwYDVQQD
+DAx0ZXN0aW5nX3Jvb3QxFjAUBgkqhkiG9w0BCQEWB2Zvb0BiYXIwHhcNMjEwMzMw
+MTI1ODUwWhcNNDEwMzI1MTI1ODUwWjCBgTELMAkGA1UEBhMCUEwxCjAIBgNVBAgM
+AU0xDzANBgNVBAcMBldhcnNhdzEPMA0GA1UECgwGU2N5bGxhMRUwEwYDVQQLDAx0
+ZXN0aW5nX3Jvb3QxFTATBgNVBAMMDHRlc3Rpbmdfcm9vdDEWMBQGCSqGSIb3DQEJ
+ARYHZm9vQGJhcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANlzsXih
+nryaSUSf/sXD6oDeU2m0/Fn/HvKL97BwdDKBz3kbs7fyztDCJyvRa24f679cQ1Av
+5RqmemTU7m0KaTmJy9cXewjD7P1gDF8K4GumiekBgIsPNyBwVk5TQJBkvPPwjreP
+JSj2wlXA7FXc9uUuNVx1ku6ElpK0pWt18uU8+nVRAeZTVZ7ppgmh/aRmMOFNPs6z
+Lb9liNJAKPCR7iIALLnpiQOXHMnj+6+o8wMOMD4ehFY8XHYd0TYj5w+OD4tNOjfb
+6m21gBaqoMjVVvBq+pmuHDT+oiLyBXpIQ9LNFBXnd/LyqTFiFjoT4yEPgWtpgScQ
+CVqi+EJBryRXmUMCAwEAAaNTMFEwHQYDVR0OBBYEFL5PBn2IWZvz5Ce259Z7vym1
+tNKDMB8GA1UdIwQYMBaAFL5PBn2IWZvz5Ce259Z7vym1tNKDMA8GA1UdEwEB/wQF
+MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAojwm/3pqAYSBKdq2dqRYvMrVF2a1yE
+d5R8AnR/r0vfJEvw9pa+Y8kC/XRezODSiA2HSTTRDI3HxEyixMwLewyS+VcDHYvp
+pLZQuCD5zzuq6hWj22o0XklX441TZbkfimzAVhCxlSoufj0l9AG8Ae/xHrOy/Dcd
+uzPmnrw9XDb9PkoJHjji3Apb2HjSjO3b17+Pb9TA1YZNiil+jOjwJ8L5UdLw/dYQ
+gu5MSxQOerq3wMTY8CUIDMrJMdKenQSGoCEcgLpF27utuUbZGJhFnRe9j1H4der1
+RSFMXoVZLI/69iQHmNC3+3keHK1W+CgMliWQ5cF2cly2otAxATriOxM=
+-----END CERTIFICATE-----