Depreciate the PostgreSQL provider's `ssl_mode` option in favor of `sslmode`.
Both libpq(3) and github.com/lib/pq both use `sslmode`. Prefer this vs the non-standard `ssl_mode`. `ssl_mode` is supported for compatibility but should be removed in the future. Changelog: yes
This commit is contained in:
parent
a200899d93
commit
3750bf7af2
|
@ -15,7 +15,7 @@ type Config struct {
|
|||
Database string
|
||||
Username string
|
||||
Password string
|
||||
SslMode string
|
||||
SSLMode string
|
||||
Timeout int
|
||||
ApplicationName string
|
||||
}
|
||||
|
|
|
@ -59,6 +59,11 @@ func Provider() terraform.ResourceProvider {
|
|||
DefaultFunc: schema.EnvDefaultFunc("PGCONNECT_TIMEOUT", nil),
|
||||
Description: "Maximum wait for connection, in seconds. Zero or not specified means wait indefinitely.",
|
||||
},
|
||||
"ssl_mode": {
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
Deprecated: "Rename PostgreSQL provider `ssl_mode` attribute to `sslmode`",
|
||||
},
|
||||
},
|
||||
|
||||
ResourcesMap: map[string]*schema.Resource{
|
||||
|
@ -72,14 +77,19 @@ func Provider() terraform.ResourceProvider {
|
|||
}
|
||||
|
||||
func providerConfigure(d *schema.ResourceData) (interface{}, error) {
|
||||
var sslMode string
|
||||
var ok bool
|
||||
if sslMode, ok = d.GetOk("sslmode").(string); !ok {
|
||||
sslMode = d.Get("ssl_mode").(string)
|
||||
}
|
||||
config := Config{
|
||||
Host: d.Get("host").(string),
|
||||
Port: d.Get("port").(int),
|
||||
Database: d.Get("database").(string),
|
||||
Username: d.Get("username").(string),
|
||||
Password: d.Get("password").(string),
|
||||
SSLMode: sslMode,
|
||||
Timeout: d.Get("connect_timeout").(int),
|
||||
SslMode: d.Get("sslmode").(string),
|
||||
ApplicationName: tfAppName(),
|
||||
}
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ provider "postgresql" {
|
|||
database = "postgres"
|
||||
username = "postgres_user"
|
||||
password = "postgres_password"
|
||||
ssl_mode = "require"
|
||||
sslmode = "require"
|
||||
connect_timeout = 15
|
||||
}
|
||||
|
||||
|
@ -66,6 +66,14 @@ The following arguments are supported:
|
|||
* `username` - (Required) Username for the server connection.
|
||||
* `password` - (Optional) Password for the server connection.
|
||||
* `sslmode` - (Optional) Set the priority for an SSL connection to the server.
|
||||
Valid values for `sslmode` are (note: `prefer` is not supported by Go's
|
||||
[`lib/pq`](https://godoc.org/github.com/lib/pq)):
|
||||
* disable - No SSL
|
||||
* require - Always SSL (the default, also skip verification)
|
||||
* verify-ca - Always SSL (verify that the certificate presented by the server was signed by a trusted CA)
|
||||
* verify-full - Always SSL (verify that the certification presented by the server was signed by a trusted CA and the server host name matches the one in the certificate)
|
||||
Additional information on the options and their implications can be seen
|
||||
[in the `libpq(3)` SSL guide](http://www.postgresql.org/docs/current/static/libpq-ssl.html#LIBPQ-SSL-PROTECTION).
|
||||
* `connect_timeout` - (Optional) Maximum wait for connection, in seconds. Zero means wait indefinitely, the default is `15`.
|
||||
The default is `prefer`; the full set of options and their implications
|
||||
can be seen [in the libpq SSL guide](http://www.postgresql.org/docs/9.4/static/libpq-ssl.html#LIBPQ-SSL-PROTECTION).
|
||||
|
|
Loading…
Reference in New Issue