Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable SSL for connection to RabbitMQ by default and make RabbitMQ port configurable #1012

Merged
merged 7 commits into from
Jan 9, 2025
+51 −7
Merged

Enable SSL for connection to RabbitMQ by default and make RabbitMQ port configurable #1012

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
cdcd1ba
feat: make port configurable
tnotheis Jan 8, 2025
718900f
feat: enable SSL by default and add possibility to disable it
tnotheis Jan 8, 2025
e9a17fd
Merge branch 'main' into add-possibility-to-configure-a-port-for-rabb…
mergify[bot] Jan 9, 2025
f27e831
fix: remove `*` from ingress path
tnotheis Jan 9, 2025
ae137a8
Merge branch 'add-possibility-to-configure-a-port-for-rabbitmq' of gi…
tnotheis Jan 9, 2025
f92432c
chore: add values to helm chart
tnotheis Jan 9, 2025
649b4d5
chore: disable ssl in case of usage of builtin eventbus
tnotheis Jan 9, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .ci/appsettings.override.postgres.docker.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
"EventBus": {
"Vendor": "RabbitMQ",
"ConnectionInfo": "rabbitmq",
"RabbitMQEnableSsl": false,
"RabbitMQUsername": "guest",
"RabbitMQPassword": "guest"
},
Expand Down
1 change: 1 addition & 0 deletions .ci/appsettings.override.postgres.local.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
"EventBus": {
"Vendor": "RabbitMQ",
"ConnectionInfo": "localhost",
"RabbitMQEnableSsl": false,
"RabbitMQUsername": "guest",
"RabbitMQPassword": "guest"
},
Expand Down
1 change: 1 addition & 0 deletions .ci/appsettings.override.sqlserver.docker.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
"EventBus": {
"Vendor": "RabbitMQ",
"ConnectionInfo": "rabbitmq",
"RabbitMQEnableSsl": false,
"RabbitMQUsername": "guest",
"RabbitMQPassword": "guest"
},
Expand Down
1 change: 1 addition & 0 deletions .ci/appsettings.override.sqlserver.local.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
"EventBus": {
"Vendor": "RabbitMQ",
"ConnectionInfo": "localhost",
"RabbitMQEnableSsl": false,
"RabbitMQUsername": "guest",
"RabbitMQPassword": "guest"
},
Expand Down
20 changes: 17 additions & 3 deletions ...rc/BuildingBlocks.Infrastructure/EventBus/RabbitMQ/RabbitMQServiceCollectionExtensions.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,12 +21,24 @@ public static void AddRabbitMq(this IServiceCollection services, Action<RabbitMq

var factory = new ConnectionFactory
{
HostName = options.HostName
HostName = options.HostName,
Port = options.Port,
};

if (!string.IsNullOrEmpty(options.Username)) factory.UserName = options.Username;
if (options.EnableSsl)
{
factory.Ssl = new SslOption
{
Enabled = true,
ServerName = options.HostName
};
}

if (!string.IsNullOrEmpty(options.Username))
factory.UserName = options.Username;

if (!string.IsNullOrEmpty(options.Password)) factory.Password = options.Password;
if (!string.IsNullOrEmpty(options.Password))
factory.Password = options.Password;

return new DefaultRabbitMqPersistentConnection(factory, logger, options.ConnectionRetryCount);
});
Expand All @@ -48,9 +60,11 @@ public static void AddRabbitMq(this IServiceCollection services, Action<RabbitMq

public class RabbitMqOptions : BasicBusOptions
{
public bool EnableSsl { get; set; } = true;
public string ExchangeName { get; set; } = null!;
public string QueueName { get; set; } = null!;
public string HostName { get; set; } = null!;
public int Port { get; set; } = 5672;
public string Username { get; set; } = null!;
public string Password { get; set; } = null!;
public int ConnectionRetryCount { get; set; } = 5;
Expand Down
2 changes: 2 additions & 0 deletions Infrastructure/EventBus/EventBusConfiguration.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,8 @@ public class EventBusConfiguration
[Required]
public string SubscriptionClientName { get; set; } = null!;

public bool RabbitMqEnableSsl { get; set; } = true;
public int RabbitMqPort { get; set; } = 5672;
tnotheis marked this conversation as resolved.
Show resolved Hide resolved
public string RabbitMqUsername { get; set; } = null!;
public string RabbitMqPassword { get; set; } = null!;
public string RabbitMqExchangeName { get; set; } = "enmeshed";
Expand Down
2 changes: 2 additions & 0 deletions Infrastructure/EventBus/EventBusServiceCollectionExtensions.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,9 @@ public static void AddEventBus(this IServiceCollection services, EventBusConfigu
services.AddRabbitMq(options =>
{
LoadBasicBusOptions(configuration, options);
options.EnableSsl = configuration.RabbitMqEnableSsl;
options.HostName = configuration.ConnectionInfo;
options.Port = configuration.RabbitMqPort;
options.Username = configuration.RabbitMqUsername;
options.Password = configuration.RabbitMqPassword;
options.ExchangeName = configuration.RabbitMqExchangeName;
Expand Down
4 changes: 3 additions & 1 deletion appsettings.override.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{
{
"RunMigrations": true,
"Authentication": {
"JwtSigningCertificate": "MIIJ7wIBAzCCCaUGCSqGSIb3DQEHAaCCCZYEggmSMIIJjjCCBAIGCSqGSIb3DQEHBqCCA/MwggPvAgEAMIID6AYJKoZIhvcNAQcBMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAiIVEGIEnzbyAICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEC1tOaulJJjkAl2W7xeF3G6AggOAm1VdXzAQ6MhHabp6+rzEuaAyBpuMi8zD8OEl8/xMv47UsFUor38aZjQd14qTTLz5MnksI/qgjQHLuMEmN1eWARsUBkeYvLuz0icl2q9A5Rn9CaKHIemQWq9mIobq3XnXhwDFEd+G/WgjNoK65Ndu20pnuc9LDlfq6fx2eXDbHAWLeUTnlQsEY4M/owNKIjlO/VsYJCshvEPlbtCnyzXwkrtQ5i2XufIJsfX0qoK/dXfoMVUjPxa/L8uR40bAWc1LVkvO0Ox4rY9VCtC1eHe3fcS48AaYCGRMpkZ7N+nDOb7lPs7BcxVoIrj/PkqiNI4rMOZVEgz21OWhueIjBv4gxfV+vW7IZ7xWvC1uUYIKEKEl6mk8KJ5zruO3tObX70+4saBiTNd/76+CVR4qCSwYcD7bZjpMOiaVFyxy0ay3dCwoivLK1jWNFJ25tngYpXKGCtOP0/Zi1fyseo4C54Ef5Yoo+BG3bkKR9VHChWzbB+b1p2lOwfBWIWlGjoZ+expyBjnk+FWrFDZeMknpW3PANCtcT/zqzqPKG3g4DAnSx9xDqvR7GBEgUlaUBAsCM3NvbahzevFFNE21aVajmTpSdejqvgNgvHPHA+BHfhMYx3mcMEkZ+phEHrWRSg925Iy64afL9/XvxoB/uFOYta/ir4ZqCbOy+yrc4+ppQlvLEIUnL4BGWcZ7d2NNRHWOHg0UqzxakezWhoGh1DDWfNdEj+eoa8DTvQr9hX0DQljym1I51qYdrv18rSf+MQj9jhBgQ77WBCX4sDkj4W9d7kKah8Fa0v+4bB1CqrETAsCESvBzSNyYEXKpyjdR/m8w/dti13Kz9ptvi8zd70tcqsqjaB3Qaz3gZRzRlPJORrg2cjWm+xLTOIQ+thk+O3U7l5R47h7QT44eSroKmX8Ptt/wkn9HRcI9bjylzrjTFw45/Re61RpHm3+NXUfvTPLaaXYSolldAgYN1gq+yYZJvBViWQB7gE05fpph6t6DYhEr2VtkLljxDclRPF14AKZaQCIndTiUX69eQfIpD4edHyBvFWSkf+fC1whOE/tqKY0vDflhBDrWFsvDwnEo0iYy671nu19RnBnZws0vseJeikQdCWBY6m0Wq7oViCyFCWyJPDukz3E9uCRrckki2i5+V2MM2IMtgImVFvRqaRbi7vF+Qjccs9Ri0+evcsc9dWjsnHkwggWEBgkqhkiG9w0BBwGgggV1BIIFcTCCBW0wggVpBgsqhkiG9w0BDAoBAqCCBTEwggUtMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAj06Hc+Gh2z5wICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEOwPSnf4F479I2AKr8i0TLYEggTQFtwGZHL6BF2++nDi2EAjc7XXIxp0u4qM17eZjafdltFpketf6pQCD/hDry+mVeIapTY9hOPE5XdjdFoJtOZPZHfvrrb0Jn+rgGAPYGBzqGK4NPVWHiDZ3uA4R4Tiwhgqd/ZQIdRshUEPVfu4EzTIAEhmHl+1g8JiD8EcYAXO1IRCLm17IsIYXT6d8cYe3Zy3AgULsF0/OwQIPVqaJCIwPR3qw68GXNA4iWWHuXJhdtrqHrGrkfBRuZZ5+7R838RM9Bk+ljWphidPmIFZmhjACt/c1qorGPhQTil0WT9VU9rN/gJ1rKcu3RQ1TRJDTjZYaPSMu9ycvFLpsP8XBJUpfHnczPS25bclKaJRUvou6aiwtyQsqWCDLGRuwN06Oins28R5/QQNYbcOr77WBlgh28K1TLcnQopE9xp12XBj8iOeUlVMiMVlph02TrGMXOqU0rlRpsYECMSfHw4xdH87GBUxmE4ndE7JI7wu73MsHQ+3kDTTvGG6xzY6rbNg+V6CfOZc102645sJskdCD6ygzUfgDwDcxjyky2u86qBFR/9d3M7Vh+PQpijYxQ/w4FzwgHUPII+JqqY8secPSA64L8qXj4daG74Wc3y+veajJzkFBUiaJnCER1WEJf0b4eBAEG1gaJ/B2hrp+lEd30qbE//iJWna5gYboIzMENfJ4RsqxlW4hZs6aqBuDr8QXL1chc11g0nMY9sI0kZVwF8+13eFh4ypt4H34usOiWHft2eeA/Z2h8agrT8UFkRfy3/1dGoNwqicXgqY3MgoxqlfDQ6hjPkO5JAbRc0cuZQMPu38dO66+qoI/Db4zdo+8G6sXOgZkzduQlARhx6VORq2QFoufsyqXvsUWFWSXEOjWLbLwKK5og8sV4OmWXGRPbTo+Hc3pmmuYcpEwtH6wFCb0vXVeOhSd7GX8Yv2V0yVt19IjgUGtukVWt9DUe6uImzsPm9ZdivWUB3RlKYRGpS16yhG0ZdRwBJweDoitK091ooN6Um74eO17dH0jAQw3XPBxgJ64qEdSzfJ/xybM45BSUPAft2wXXlckLOId9Us56oV7WeszTOkOPDKz9GnKT05xPXNDgAqstVZc0nXEq0eFzTORREBP0w2ijwPu9mfPvRACY8p7YMnNbZzMGBvpa3ILezRIgThMbnzf+YiBP2Ddt9bWoxDsIj7jaqDzxjG2WtI1qGEqFyLCeUkSx2UpkbGViCkx8CsMwXJwLrYdoxqjyOg2Oz09EFF5eI1wkLqEtez8dOTLEn7oFjTyFbRkNoynuwvNqHEG2qzbw02Rb82qyrurKmOnNHog7FXLDe0kGFgKuNXbCw+to2lAhWY0CmEe8qfQLeAiV3TsGHSrGSkoegmfPHsuboCdez/ETJZWoodryUPdY3PFNa0xZOJvbtkiG2Vo55Rjq9wbd+MWAGcxhaCVEmEJ0UWWsn3Oe+h4mn3wT9+P+hkAR9duXT6tq+5DmKB2RD3fR3vIc4H5eLaIzOOmjSdfGFvIaj+06jS7SGicuKqF5ND4HPtXJrQgQUdO/gIHCkE9nn4hXCoz/bGkU4FN2WPz5TTMVsYuxMVp1I2UayoQppltkp3oaDb/S36FeO644d5zb7ARayF68NL5MrM/MRK24jhtx2WV4ZN9HIxJTAjBgkqhkiG9w0BCRUxFgQU/S6zDu6S3P4i1WdDz+j3esGxT4UwQTAxMA0GCWCGSAFlAwQCAQUABCCiOwVWGDHil8dA7XvoQNTLTJDm7EwdfGC4KJUV9smgUgQI4ZRrDNXXl8cCAggA",
Expand All @@ -15,6 +15,8 @@
"Vendor": "RabbitMQ", // possible values: InMemory, RabbitMQ, GoogleCloud, Azure
"ConnectionInfo": "localhost",

"RabbitMQEnableSsl": false,

"RabbitMQUsername": "guest", // only available for RabbitMQ
"RabbitMQPassword": "guest", // only available for RabbitMQ
"ConnectionRetryCount": 5, // only available for RabbitMQ
Expand Down
1 change: 1 addition & 0 deletions docker-compose/adminui.appsettings.override.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
"Vendor": "RabbitMQ", // possible values: InMemory, RabbitMQ, GoogleCloud, Azure
"ConnectionInfo": "rabbitmq",

"RabbitMQEnableSsl": false,
"RabbitMQUsername": "guest", // only available for RabbitMQ
"RabbitMQPassword": "guest", // only available for RabbitMQ
"ConnectionRetryCount": 5, // only available for RabbitMQ
Expand Down
1 change: 1 addition & 0 deletions docker-compose/appsettings.override.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
"Vendor": "RabbitMQ", // possible values: InMemory, RabbitMQ, GoogleCloud, Azure
"ConnectionInfo": "rabbitmq",

"RabbitMQEnableSsl": false,
"RabbitMQUsername": "guest", // only available for RabbitMQ
"RabbitMQPassword": "guest", // only available for RabbitMQ
"ConnectionRetryCount": 5, // only available for RabbitMQ
Expand Down
2 changes: 2 additions & 0 deletions helm/templates/actualidentitydeletion/cronjob.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,8 @@ spec:
{{- if .Values.global.useBuiltInEventbus }}
- name: infrastructure__eventBus__vendor
value: RabbitMQ
- name: infrastructure__eventBus__rabbitMqEnableSsl
value: "false"
- name: infrastructure__eventBus__connectionInfo
value: "rabbitmq"
- name: infrastructure__eventBus__rabbitMQUsername
Expand Down
2 changes: 2 additions & 0 deletions helm/templates/adminui/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,8 @@ spec:
{{- if .Values.global.useBuiltInEventbus }}
- name: infrastructure__eventBus__vendor
value: RabbitMQ
- name: infrastructure__eventBus__rabbitMqEnableSsl
value: "false"
- name: infrastructure__eventBus__connectionInfo
value: "rabbitmq"
- name: infrastructure__eventBus__rabbitMQUsername
Expand Down
2 changes: 2 additions & 0 deletions helm/templates/cancelstaledeletionprocesses/cronjob.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,8 @@ spec:
{{- if .Values.global.useBuiltInEventbus }}
- name: infrastructure__eventBus__vendor
value: RabbitMQ
- name: infrastructure__eventBus__rabbitMqEnableSsl
value: "false"
- name: infrastructure__eventBus__connectionInfo
value: "rabbitmq"
- name: infrastructure__eventBus__rabbitMQUsername
Expand Down
2 changes: 2 additions & 0 deletions helm/templates/consumerapi/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,8 @@ spec:
{{- if .Values.global.useBuiltInEventbus }}
- name: infrastructure__eventBus__vendor
value: RabbitMQ
- name: infrastructure__eventBus__rabbitMqEnableSsl
value: "false"
- name: infrastructure__eventBus__connectionInfo
value: "rabbitmq"
- name: infrastructure__eventBus__rabbitMQUsername
Expand Down
2 changes: 1 addition & 1 deletion helm/templates/consumerapi/ingress.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ spec:
- host: {{ .Values.consumerapi.ingress.hostnameOverride | default .Values.global.defaultHostname }}
http:
paths:
- path: "/*"
- path: "/"
pathType: Prefix
backend:
service:
Expand Down
2 changes: 2 additions & 0 deletions helm/templates/eventhandler/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,8 @@ spec:
{{- if .Values.global.useBuiltInEventbus }}
- name: infrastructure__eventBus__vendor
value: RabbitMQ
- name: infrastructure__eventBus__rabbitMqEnableSsl
value: "false"
- name: infrastructure__eventBus__connectionInfo
value: "rabbitmq"
- name: infrastructure__eventBus__rabbitMQUsername
Expand Down
2 changes: 2 additions & 0 deletions helm/templates/sendidentitydeletionreminders/cronjob.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,8 @@ spec:
{{- if .Values.global.useBuiltInEventbus }}
- name: infrastructure__eventBus__vendor
value: RabbitMQ
- name: infrastructure__eventBus__rabbitMqEnableSsl
value: "false"
- name: infrastructure__eventBus__connectionInfo
value: "rabbitmq"
- name: infrastructure__eventBus__rabbitMQUsername
Expand Down
2 changes: 2 additions & 0 deletions helm/templates/sseserver/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,8 @@ spec:
{{- if .Values.global.useBuiltInEventbus }}
- name: infrastructure__eventBus__vendor
value: RabbitMQ
- name: infrastructure__eventBus__rabbitMqEnableSsl
value: "false"
- name: infrastructure__eventBus__connectionInfo
value: "rabbitmq"
- name: infrastructure__eventBus__rabbitMQUsername
Expand Down
8 changes: 6 additions & 2 deletions helm/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -579,10 +579,14 @@ global:
connectionInfo: ""
# subscriptionClientName - the name of the subscription that should be used to receive events
subscriptionClientName: "consumerapi"
# enableSsl - only applicable if Vendor is "RabbitMQ"; whether to use SSL to connect to the RabbitMQ service
rabbitMqEnableSsl: true
# rabbitMQPort - only applicable if Vendor is "RabbitMQ"; the port under which the RabbitMQ service is reachable
rabbitMqPort: 5672
# rabbitMQUsername - only applicable if Vendor is "RabbitMQ"; should be set via environment variable
rabbitMQUsername: ""
rabbitMqUsername: ""
# rabbitMQPassword - only applicable if Vendor is "RabbitMQ"; should be set via environment variable
rabbitMQPassword: ""
rabbitMqPassword: ""
# rabbitMqExchangeName - only applicable if Vendor is "RabbitMQ"; the name of the exchange that should be used
rabbitMqExchangeName: ""
# rabbitMqQueueName - only applicable if Vendor is "RabbitMQ"; the name of the queue the Consumer API should listen to
Expand Down
Loading