sanity

Author: rodireich

airbyte-db/db-lib/src/main/java/io/airbyte/db/jdbc/JdbcUtils.java

@@ -34,6 +34,7 @@ public class JdbcUtils {
   public static final String USERNAME_KEY = "username";
   public static final String MODE_KEY = "mode";
   public static final String AMPERSAND = "&";
+  public static final String EQUALS = "=";
   private static final JdbcSourceOperations defaultSourceOperations = new JdbcSourceOperations();
 
   private static final JSONFormat defaultJSONFormat = new JSONFormat().recordFormat(JSONFormat.RecordFormat.OBJECT);

airbyte-integrations/connectors/source-jdbc/src/main/java/io/airbyte/integrations/source/jdbc/AbstractJdbcSource.java

@@ -17,6 +17,7 @@
 import static io.airbyte.db.jdbc.JdbcConstants.JDBC_COLUMN_SIZE;
 import static io.airbyte.db.jdbc.JdbcConstants.JDBC_COLUMN_TABLE_NAME;
 import static io.airbyte.db.jdbc.JdbcConstants.JDBC_COLUMN_TYPE_NAME;
+import static io.airbyte.db.jdbc.JdbcUtils.EQUALS;
 
 import com.fasterxml.jackson.databind.JsonNode;
 import com.google.common.collect.ImmutableList;
@@ -72,6 +73,42 @@
  * for a relational DB which has a JDBC driver, make an effort to use this class.
  */
 public abstract class AbstractJdbcSource<Datatype> extends AbstractRelationalDbSource<Datatype, JdbcDatabase> implements Source {
+  public static final String SSL_MODE = "sslMode";
+
+  public static final String TRUST_KEY_STORE_URL = "trustCertificateKeyStoreUrl";
+  public static final String TRUST_KEY_STORE_PASS = "trustCertificateKeyStorePassword";
+  public static final String CLIENT_KEY_STORE_URL = "clientCertificateKeyStoreUrl";
+  public static final String CLIENT_KEY_STORE_PASS = "clientCertificateKeyStorePassword";
+  public static final String CLIENT_KEY_STORE_TYPE = "clientCertificateKeyStoreType";
+  public static final String TRUST_KEY_STORE_TYPE = "trustCertificateKeyStoreType";
+  public static final String KEY_STORE_TYPE_PKCS12 = "PKCS12";
+  public static final String PARAM_MODE = "mode";
+  Pair<URI, String> caCertKeyStorePair;
+  Pair<URI, String> clientCertKeyStorePair;
+
+  public enum SslMode {
+
+    DISABLED("disable"),
+    ALLOWED("allow"),
+    PREFERRED("preferred", "prefer"),
+    REQUIRED("required", "require"),
+    VERIFY_CA("verify_ca", "verify-ca"),
+    VERIFY_IDENTITY("verify_identity", "verify-full");
+
+    public final List<String> spec;
+
+    SslMode(final String... spec) {
+      this.spec = Arrays.asList(spec);
+    }
+
+    public static Optional<SslMode> bySpec(final String spec) {
+      return Arrays.stream(SslMode.values())
+          .filter(sslMode -> sslMode.spec.contains(spec))
+          .findFirst();
+    }
+
+  }
+
 
   private static final Logger LOGGER = LoggerFactory.getLogger(AbstractJdbcSource.class);
 
@@ -385,50 +422,14 @@ public void close() {
     dataSources.clear();
   }
 
-  public static final String SSL_MODE = "sslMode";
-
-  public static final String TRUST_KEY_STORE_URL = "trustCertificateKeyStoreUrl";
-  public static final String TRUST_KEY_STORE_PASS = "trustCertificateKeyStorePassword";
-  public static final String CLIENT_KEY_STORE_URL = "clientCertificateKeyStoreUrl";
-  public static final String CLIENT_KEY_STORE_PASS = "clientCertificateKeyStorePassword";
-  public static final String CLIENT_KEY_STORE_TYPE = "clientCertificateKeyStoreType";
-  public static final String TRUST_KEY_STORE_TYPE = "trustCertificateKeyStoreType";
-  public static final String KEY_STORE_TYPE_PKCS12 = "PKCS12";
-  public static final String PARAM_MODE = "mode";
-  Pair<URI, String> caCertKeyStorePair;
-  Pair<URI, String> clientCertKeyStorePair;
-
-  public enum SslMode {
-
-    DISABLED("disable"),
-    ALLOWED("allow"),
-    PREFERRED("preferred", "prefer"),
-    REQUIRED("required", "require"),
-    VERIFY_CA("verify_ca", "verify-ca"),
-    VERIFY_IDENTITY("verify_identity", "verify-full");
-
-    public final List<String> spec;
-
-    SslMode(final String... spec) {
-      this.spec = Arrays.asList(spec);
-    }
-
-    public static Optional<SslMode> bySpec(final String spec) {
-      return Arrays.stream(SslMode.values())
-          .filter(sslMode -> sslMode.spec.contains(spec))
-          .findFirst();
-    }
-
-  }
-
   /**
    * Parses SSL related configuration and generates keystores to be used by connector
    *
    * @param config configuration
    * @return map containing relevant parsed values including location of keystore or an empty map
    */
   public Map<String, String> parseSSLConfig(final JsonNode config) {
-    LOGGER.info("*** config: {}", config);
+    LOGGER.debug("source config: {}", config);
     final Map<String, String> additionalParameters = new HashMap<>();
     // assume ssl if not explicitly mentioned.
     if (!config.has(JdbcUtils.SSL_KEY) || config.get(JdbcUtils.SSL_KEY).asBoolean()) {
@@ -442,7 +443,7 @@ public Map<String, String> parseSSLConfig(final JsonNode config) {
         }
 
         if (Objects.nonNull(caCertKeyStorePair)) {
-          LOGGER.info("*** uri for ca cert keystore: {}", caCertKeyStorePair.getLeft().toString());
+          LOGGER.debug("uri for ca cert keystore: {}", caCertKeyStorePair.getLeft().toString());
           try {
             additionalParameters.putAll(Map.of(
                 TRUST_KEY_STORE_URL, caCertKeyStorePair.getLeft().toURL().toString(),
@@ -459,7 +460,7 @@ public Map<String, String> parseSSLConfig(final JsonNode config) {
         }
 
         if (Objects.nonNull(clientCertKeyStorePair)) {
-          LOGGER.info("*** uri for client cert keystore: {} / {}", clientCertKeyStorePair.getLeft().toString(), clientCertKeyStorePair.getRight());
+          LOGGER.debug("uri for client cert keystore: {} / {}", clientCertKeyStorePair.getLeft().toString(), clientCertKeyStorePair.getRight());
           try {
             additionalParameters.putAll(Map.of(
                 CLIENT_KEY_STORE_URL, clientCertKeyStorePair.getLeft().toURL().toString(),
@@ -473,7 +474,7 @@ public Map<String, String> parseSSLConfig(final JsonNode config) {
         additionalParameters.put(SSL_MODE, SslMode.DISABLED.name());
       }
     }
-    LOGGER.info("*** additional params: {}", additionalParameters);
+    LOGGER.debug("additional params: {}", additionalParameters);
     return additionalParameters;
   }
 
@@ -490,9 +491,9 @@ public String toJDBCQueryParams(final Map<String, String> sslParams) {
             .stream()
             .map((entry) -> {
               if (entry.getKey().equals(SSL_MODE)) {
-                return entry.getKey() + "=" + toSslJdbcParam(SslMode.valueOf(entry.getValue()));
+                return entry.getKey() + EQUALS + toSslJdbcParam(SslMode.valueOf(entry.getValue()));
               } else {
-                return entry.getKey() + "=" + entry.getValue();
+                return entry.getKey() + EQUALS + entry.getValue();
               }
             })
             .collect(Collectors.joining(JdbcUtils.AMPERSAND));

airbyte-integrations/connectors/source-mysql/src/main/java/io/airbyte/integrations/source/mysql/MySqlCdcProperties.java

@@ -6,12 +6,14 @@
 
 import static io.airbyte.integrations.source.jdbc.AbstractJdbcSource.CLIENT_KEY_STORE_PASS;
 import static io.airbyte.integrations.source.jdbc.AbstractJdbcSource.CLIENT_KEY_STORE_URL;
+import static io.airbyte.integrations.source.jdbc.AbstractJdbcSource.SSL_MODE;
 import static io.airbyte.integrations.source.jdbc.AbstractJdbcSource.TRUST_KEY_STORE_PASS;
 import static io.airbyte.integrations.source.jdbc.AbstractJdbcSource.TRUST_KEY_STORE_URL;
 
 import com.fasterxml.jackson.databind.JsonNode;
 import io.airbyte.db.jdbc.JdbcDatabase;
 import io.airbyte.db.jdbc.JdbcUtils;
+import io.airbyte.integrations.source.jdbc.AbstractJdbcSource.SslMode;
 import java.net.URI;
 import java.nio.file.Path;
 import java.util.Properties;
@@ -62,8 +64,9 @@ static Properties getDebeziumProperties(final JdbcDatabase database) {
     // Check params for SSL connection in config and add properties for CDC SSL connection
     // https://debezium.io/documentation/reference/stable/connectors/mysql.html#mysql-property-database-ssl-mode
     if (!sourceConfig.has(JdbcUtils.SSL_KEY) || sourceConfig.get(JdbcUtils.SSL_KEY).asBoolean()) {
-      if (sourceConfig.has(JdbcUtils.SSL_MODE_KEY) && sourceConfig.get(JdbcUtils.SSL_MODE_KEY).has(JdbcUtils.MODE_KEY)) {
-        props.setProperty("database.ssl.mode", sourceConfig.get(JdbcUtils.SSL_MODE_KEY).get(JdbcUtils.MODE_KEY).asText());
+//      if (sourceConfig.has(JdbcUtils.SSL_MODE_KEY) && sourceConfig.get(JdbcUtils.SSL_MODE_KEY).has(JdbcUtils.MODE_KEY)) {
+      if (dbConfig.has(SSL_MODE) && !dbConfig.get(SSL_MODE).asText().isEmpty()) {
+        props.setProperty("database.sslmode", MySqlSource.toSslJdbcParamInternal(SslMode.valueOf(dbConfig.get(SSL_MODE).asText())));
         props.setProperty("database.history.producer.security.protocol", "SSL");
         props.setProperty("database.history.consumer.security.protocol", "SSL");
 

airbyte-integrations/connectors/source-mysql/src/main/java/io/airbyte/integrations/source/mysql/MySqlSource.java

@@ -208,6 +208,10 @@ public Set<String> getExcludedInternalNameSpaces() {
 
   @Override
   protected String toSslJdbcParam(final SslMode sslMode) {
+    return toSslJdbcParamInternal(sslMode);
+  }
+
+  protected static String toSslJdbcParamInternal(final SslMode sslMode) {
     final var result = switch (sslMode) {
       case DISABLED, PREFERRED, REQUIRED, VERIFY_CA, VERIFY_IDENTITY -> sslMode.name();
       default -> throw new IllegalArgumentException("unexpected ssl mode");

airbyte-integrations/connectors/source-postgres/src/main/java/io/airbyte/integrations/source/postgres/PostgresCdcProperties.java

@@ -49,18 +49,18 @@ static Properties getDebeziumDefaultProperties(final JdbcDatabase database) {
         LOGGER.info("dbConfig: {}", dbConfig);
 
         if (dbConfig.has(SSL_MODE) && !dbConfig.get(SSL_MODE).asText().isEmpty()) {
-          LOGGER.info("sslMode: {}", dbConfig.get(SSL_MODE).asText());
+          LOGGER.debug("sslMode: {}", dbConfig.get(SSL_MODE).asText());
           props.setProperty("database.sslmode", PostgresSource.toSslJdbcParamInternal(SslMode.valueOf(dbConfig.get(SSL_MODE).asText())));
           props.setProperty("database.history.producer.security.protocol", "SSL");
           props.setProperty("database.history.consumer.security.protocol", "SSL");
         }
 
-        if (dbConfig.has("ca_certificate_path") && !dbConfig.get("ca_certificate_path").asText().isEmpty()) {
-          props.setProperty("database.sslrootcert", dbConfig.get("ca_certificate_path").asText());
+        if (dbConfig.has(PostgresSource.CA_CERTIFICATE_PATH) && !dbConfig.get(PostgresSource.CA_CERTIFICATE_PATH).asText().isEmpty()) {
+          props.setProperty("database.sslrootcert", dbConfig.get(PostgresSource.CA_CERTIFICATE_PATH).asText());
           props.setProperty("database.history.producer.ssl.truststore.location",
-              dbConfig.get("ca_certificate_path").asText());
+              dbConfig.get(PostgresSource.CA_CERTIFICATE_PATH).asText());
           props.setProperty("database.history.consumer.ssl.truststore.location",
-              dbConfig.get("ca_certificate_path").asText());
+              dbConfig.get(PostgresSource.CA_CERTIFICATE_PATH).asText());
           props.setProperty("database.history.producer.ssl.truststore.type", "PKCS12");
           props.setProperty("database.history.consumer.ssl.truststore.type", "PKCS12");
 

airbyte-integrations/connectors/source-postgres/src/main/java/io/airbyte/integrations/source/postgres/PostgresSource.java

@@ -4,11 +4,12 @@
 
 package io.airbyte.integrations.source.postgres;
 
+import static io.airbyte.db.jdbc.JdbcUtils.AMPERSAND;
+import static io.airbyte.db.jdbc.JdbcUtils.EQUALS;
 import static io.airbyte.integrations.debezium.AirbyteDebeziumHandler.shouldUseCDC;
 import static io.airbyte.integrations.source.jdbc.JdbcSSLConnectionUtils.PARAM_CA_CERTIFICATE;
 import static io.airbyte.integrations.util.PostgresSslConnectionUtils.DISABLE;
 import static io.airbyte.integrations.util.PostgresSslConnectionUtils.PARAM_SSL_MODE;
-import static io.airbyte.integrations.util.PostgresSslConnectionUtils.obtainConnectionOptions;
 import static java.util.stream.Collectors.toList;
 import static java.util.stream.Collectors.toSet;
 
@@ -72,8 +73,7 @@
 import java.util.Set;
 import java.util.function.Supplier;
 import java.util.stream.Collectors;
-import org.postgresql.ssl.DefaultJavaSSLFactory;
-import org.postgresql.ssl.LibPQFactory;
+import org.postgresql.jdbc.SslMode;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -82,7 +82,16 @@ public class PostgresSource extends AbstractJdbcSource<JDBCType> implements Sour
   private static final Logger LOGGER = LoggerFactory.getLogger(PostgresSource.class);
   private static final int INTERMEDIATE_STATE_EMISSION_FREQUENCY = 10_000;
 
+  public static final String PARAM_SSLMODE = "sslmode";
+  public static final String PARAM_SSL = "ssl";
+  public static final String PARAM_SSL_TRUE = "true";
+  public static final String PARAM_SSL_FALSE = "false";
+  public static final String SSL_ROOT_CERT = "sslrootcert";
+
   static final String DRIVER_CLASS = DatabaseDriver.POSTGRESQL.getDriverClassName();
+  public static final String CA_CERTIFICATE_PATH = "ca_certificate_path";
+  public static final String SSL_KEY = "sslkey";
+  public static final String SSL_PASSWORD = "sslpassword";
   static final Map<String, String> SSL_JDBC_PARAMETERS = ImmutableMap.of(
       "ssl", "true",
       "sslmode", "require");
@@ -117,38 +126,15 @@ public JsonNode toDatabaseConfig(final JsonNode config) {
         config.get(JdbcUtils.DATABASE_KEY).asText()));
 
     if (config.get(JdbcUtils.JDBC_URL_PARAMS_KEY) != null && !config.get(JdbcUtils.JDBC_URL_PARAMS_KEY).asText().isEmpty()) {
-      jdbcUrl.append(config.get(JdbcUtils.JDBC_URL_PARAMS_KEY).asText()).append("&");
+      jdbcUrl.append(config.get(JdbcUtils.JDBC_URL_PARAMS_KEY).asText()).append(AMPERSAND);
     }
 
     final Map<String, String> sslParameters = parseSSLConfig(config);
     if (config.has(PARAM_SSL_MODE) && config.get(PARAM_SSL_MODE).has(PARAM_CA_CERTIFICATE)) {
-      LOGGER.info("*** saving CA cert to file");
-      sslParameters.put("ca_certificate_path", JdbcSSLConnectionUtils.fileFromCertPem(config.get(PARAM_SSL_MODE).get(PARAM_CA_CERTIFICATE).asText()).toString());
-      LOGGER.info("*** crt file: {}", sslParameters.get("ca_certificate_path"));
+      sslParameters.put(CA_CERTIFICATE_PATH, JdbcSSLConnectionUtils.fileFromCertPem(config.get(PARAM_SSL_MODE).get(PARAM_CA_CERTIFICATE).asText()).toString());
+      LOGGER.debug("root ssl ca crt file: {}", sslParameters.get(CA_CERTIFICATE_PATH));
     }
 
-//    System.setProperty("javax.net.ssl.trustStore", sslParameters.get(TRUST_KEY_STORE_URL));
-//    System.setProperty("javax.net.ssl.trustStorePassword", sslParameters.get(TRUST_KEY_STORE_PASS));
-
-//     // assume ssl if not explicitly mentioned.
-//     if (!config.has(PARAM_SSL) || config.get(PARAM_SSL).asBoolean()) {
-//     if (config.has(PARAM_SSL_MODE)) {
-//     if (DISABLE.equals(config.get(PARAM_SSL_MODE).get(PARAM_MODE).asText())) {
-//     additionalParameters.add("sslmode=disable");
-//     } else {
-//     final var parametersList = obtainConnectionOptions(config.get(PARAM_SSL_MODE))
-//     .entrySet()
-//     .stream()
-//     .map(e -> e.getKey() + "=" + e.getValue())
-//     .toList();
-//     additionalParameters.addAll(parametersList);
-//     }
-//     } else {
-//     additionalParameters.add("ssl=true");
-//     additionalParameters.add("sslmode=require");
-//     }
-//     }
-
     if (config.has(JdbcUtils.SCHEMAS_KEY) && config.get(JdbcUtils.SCHEMAS_KEY).isArray()) {
       schemas = new ArrayList<>();
       for (final JsonNode schema : config.get(JdbcUtils.SCHEMAS_KEY)) {
@@ -163,8 +149,7 @@ public JsonNode toDatabaseConfig(final JsonNode config) {
     additionalParameters.forEach(x -> jdbcUrl.append(x).append("&"));
 
     jdbcUrl.append(toJDBCQueryParams(sslParameters));
-//    jdbcUrl.append("&sslfactory=" + DefaultJavaSSLFactory.class.getCanonicalName());
-    LOGGER.info("jdbc url: {}", jdbcUrl.toString());
+    LOGGER.debug("jdbc url: {}", jdbcUrl.toString());
     final Builder<Object, Object> configBuilder = ImmutableMap.builder()
         .put(JdbcUtils.USERNAME_KEY, config.get(JdbcUtils.USERNAME_KEY).asText())
         .put(JdbcUtils.JDBC_URL_KEY, jdbcUrl.toString());
@@ -178,11 +163,6 @@ public JsonNode toDatabaseConfig(final JsonNode config) {
     return Jsons.jsonNode(configBuilder.build());
   }
 
-  public static final String PARAM_SSLMODE = "sslmode";
-  public static final String PARAM_SSL = "ssl";
-  public static final String PARAM_SSL_TRUE = "true";
-  public static final String PARAM_SSL_FALSE = "false";
-
   @Override
   public String toJDBCQueryParams(final Map<String, String> sslParams) {
     return Objects.isNull(sslParams) ? ""
@@ -191,11 +171,11 @@ public String toJDBCQueryParams(final Map<String, String> sslParams) {
             .map((entry) -> {
               try {
                 final String result = switch (entry.getKey()) {
-                  case SSL_MODE -> PARAM_SSLMODE + "=" + toSslJdbcParam(SslMode.valueOf(entry.getValue()))
-                      + JdbcUtils.AMPERSAND + PARAM_SSL + "=" + (entry.getValue() == DISABLE ? PARAM_SSL_FALSE : PARAM_SSL_TRUE);
-                  case "ca_certificate_path" -> "sslrootcert" + "=" + entry.getValue();
-                  case CLIENT_KEY_STORE_URL -> "sslkey" + "=" + Path.of(new URI(entry.getValue()));
-                  case CLIENT_KEY_STORE_PASS -> "sslpassword" + "=" + entry.getValue();
+                  case SSL_MODE -> PARAM_SSLMODE + EQUALS + toSslJdbcParam(SslMode.valueOf(entry.getValue()))
+                      + JdbcUtils.AMPERSAND + PARAM_SSL + EQUALS + (entry.getValue() == DISABLE ? PARAM_SSL_FALSE : PARAM_SSL_TRUE);
+                  case CA_CERTIFICATE_PATH -> SSL_ROOT_CERT + EQUALS + entry.getValue();
+                  case CLIENT_KEY_STORE_URL -> SSL_KEY + EQUALS + Path.of(new URI(entry.getValue()));
+                  case CLIENT_KEY_STORE_PASS -> SSL_PASSWORD + EQUALS + entry.getValue();
                   default -> "";
                 };
                 return result;
@@ -344,7 +324,6 @@ public List<AutoCloseableIterator<AirbyteMessage>> getIncrementalIterators(final
                                                                              final Map<String, TableInfo<CommonField<JDBCType>>> tableNameToTable,
                                                                              final StateManager stateManager,
                                                                              final Instant emittedAt) {
-    LOGGER.info("*** getIncrementalIterators");
     final JsonNode sourceConfig = database.getSourceConfig();
     if (PostgresUtils.isCdc(sourceConfig) && shouldUseCDC(catalog)) {
       final Duration firstRecordWaitTime = PostgresUtils.getFirstRecordWaitTime(sourceConfig);
@@ -511,12 +490,12 @@ protected String toSslJdbcParam(final SslMode sslMode) {
 
   protected static String toSslJdbcParamInternal(final SslMode sslMode) {
     final var result = switch (sslMode) {
-      case DISABLED -> "disable";
-      case ALLOWED -> "allow";
-      case PREFERRED -> "prefer";
-      case REQUIRED -> "require";
-      case VERIFY_CA -> "verify-ca";
-      case VERIFY_IDENTITY -> "verify-full";
+      case DISABLED -> org.postgresql.jdbc.SslMode.DISABLE.value;
+      case ALLOWED -> org.postgresql.jdbc.SslMode.ALLOW.value;
+      case PREFERRED -> org.postgresql.jdbc.SslMode.PREFER.value;
+      case REQUIRED -> org.postgresql.jdbc.SslMode.REQUIRE.value;
+      case VERIFY_CA -> org.postgresql.jdbc.SslMode.VERIFY_CA.value;
+      case VERIFY_IDENTITY -> org.postgresql.jdbc.SslMode.VERIFY_FULL.value;
       default -> throw new IllegalArgumentException("unexpected ssl mode");
     };
     LOGGER.info("{} toSslJdbcParam {}", sslMode.name(), result);