Revert "chore(acme): standardize redis configuration (#12300)"

This reverts commit 34b453a.
Kong · Feb 7, 2024 · 9e39589 · 9e39589
1 parent 1ac8c2f
commit 9e39589
Show file tree

Hide file tree

Showing 16 changed files with 41 additions and 656 deletions.
diff --git a/changelog/3.6.0/kong/standardize-redis-conifguration-acme.yml b/changelog/3.6.0/kong/standardize-redis-conifguration-acme.yml
diff --git a/kong-3.6.0-0.rockspec b/kong-3.6.0-0.rockspec
@@ -181,7 +181,6 @@ build = {
     ["kong.tools.ip"] = "kong/tools/ip.lua",
     ["kong.tools.http"] = "kong/tools/http.lua",
     ["kong.tools.cjson"] = "kong/tools/cjson.lua",
-    ["kong.tools.redis.schema"] = "kong/tools/redis/schema.lua",
 
     ["kong.runloop.handler"] = "kong/runloop/handler.lua",
     ["kong.runloop.events"] = "kong/runloop/events.lua",
@@ -479,18 +478,14 @@ build = {
 
     ["kong.plugins.acme.api"] = "kong/plugins/acme/api.lua",
     ["kong.plugins.acme.client"] = "kong/plugins/acme/client.lua",
-    ["kong.plugins.acme.clustering.compat.redis_translation"] = "kong/plugins/acme/clustering/compat/redis_translation.lua",
     ["kong.plugins.acme.daos"] = "kong/plugins/acme/daos.lua",
     ["kong.plugins.acme.handler"] = "kong/plugins/acme/handler.lua",
     ["kong.plugins.acme.migrations.000_base_acme"] = "kong/plugins/acme/migrations/000_base_acme.lua",
     ["kong.plugins.acme.migrations.001_280_to_300"] = "kong/plugins/acme/migrations/001_280_to_300.lua",
     ["kong.plugins.acme.migrations.002_320_to_330"] = "kong/plugins/acme/migrations/002_320_to_330.lua",
-    ["kong.plugins.acme.migrations.003_350_to_360"] = "kong/plugins/acme/migrations/003_350_to_360.lua",
     ["kong.plugins.acme.migrations"] = "kong/plugins/acme/migrations/init.lua",
     ["kong.plugins.acme.schema"] = "kong/plugins/acme/schema.lua",
     ["kong.plugins.acme.storage.kong"] = "kong/plugins/acme/storage/kong.lua",
-    ["kong.plugins.acme.storage.config_adapters"] = "kong/plugins/acme/storage/config_adapters/init.lua",
-    ["kong.plugins.acme.storage.config_adapters.redis"] = "kong/plugins/acme/storage/config_adapters/redis.lua",
     ["kong.plugins.acme.reserved_words"] = "kong/plugins/acme/reserved_words.lua",
 
     ["kong.plugins.prometheus.api"] = "kong/plugins/prometheus/api.lua",

diff --git a/kong/clustering/compat/checkers.lua b/kong/clustering/compat/checkers.lua
@@ -23,28 +23,6 @@ end
 
 
 local compatible_checkers = {
-  { 3006000000, --[[ 3.6.0.0 ]]
-    function(config_table, dp_version, log_suffix)
-      local has_update
-      local redis_plugins_update = {
-        acme = require("kong.plugins.acme.clustering.compat.redis_translation").adapter
-      }
-
-      for _, plugin in ipairs(config_table.plugins or {}) do
-        local adapt_fn = redis_plugins_update[plugin.name]
-        if adapt_fn and type(adapt_fn) == "function" then
-          has_update = adapt_fn(plugin.config)
-          if has_update then
-            log_warn_message('adapts ' .. plugin.name .. ' plugin redis configuration to older version',
-            'revert to older schema',
-            dp_version, log_suffix)
-          end
-        end
-      end
-
-      return has_update
-    end,
-  },
   { 3005000000, --[[ 3.5.0.0 ]]
     function(config_table, dp_version, log_suffix)
       local has_update

diff --git a/kong/plugins/acme/client.lua b/kong/plugins/acme/client.lua
@@ -2,7 +2,6 @@ local acme = require "resty.acme.client"
 local util = require "resty.acme.util"
 local x509 = require "resty.openssl.x509"
 local reserved_words = require "kong.plugins.acme.reserved_words"
-local config_adapters = require "kong.plugins.acme.storage.config_adapters"
 
 local cjson = require "cjson"
 local ngx_ssl = require "ngx.ssl"
@@ -83,7 +82,7 @@ local function new_storage_adapter(conf)
   if not storage then
     return nil, nil, "storage is nil"
   end
-  local storage_config = config_adapters.adapt_config(conf.storage, conf.storage_config)
+  local storage_config = conf.storage_config[storage]
   if not storage_config then
     return nil, nil, storage .. " is not defined in plugin storage config"
   end
@@ -102,7 +101,6 @@ local function new(conf)
   if err then
     return nil, err
   end
-  local storage_config = config_adapters.adapt_config(conf.storage, conf.storage_config)
   local account_name = account_name(conf)
   local account, err = cached_get(st, account_name, deserialize_account)
   if err then
@@ -127,7 +125,7 @@ local function new(conf)
     account_key = account.key,
     api_uri = url,
     storage_adapter = storage_full_path,
-    storage_config = storage_config,
+    storage_config = conf.storage_config[conf.storage],
     eab_kid = conf.eab_kid,
     eab_hmac_key = conf.eab_hmac_key,
     challenge_start_callback = hybrid_mode and function()

diff --git a/kong/plugins/acme/clustering/compat/redis_translation.lua b/kong/plugins/acme/clustering/compat/redis_translation.lua
diff --git a/kong/plugins/acme/migrations/003_350_to_360.lua b/kong/plugins/acme/migrations/003_350_to_360.lua
diff --git a/kong/plugins/acme/migrations/init.lua b/kong/plugins/acme/migrations/init.lua
@@ -2,5 +2,4 @@ return {
   "000_base_acme",
   "001_280_to_300",
   "002_320_to_330",
-  "003_350_to_360",
 }
diff --git a/kong/plugins/acme/schema.lua b/kong/plugins/acme/schema.lua
@@ -1,9 +1,5 @@
 local typedefs = require "kong.db.schema.typedefs"
 local reserved_words = require "kong.plugins.acme.reserved_words"
-local redis_schema = require "kong.tools.redis.schema"
-local deprecation = require("kong.deprecation")
-
-local tablex = require "pl.tablex"
 
 local CERT_TYPES = { "rsa", "ecc" }
 
@@ -38,9 +34,13 @@ local SHM_STORAGE_SCHEMA = {
 local KONG_STORAGE_SCHEMA = {
 }
 
--- deprecated old schema
-local REDIS_LEGACY_SCHEMA_FIELDS = {
+local REDIS_STORAGE_SCHEMA = {
+  { host = typedefs.host, },
+  { port = typedefs.port, },
+  { database = { type = "number", description = "The index of the Redis database to use.", } },
   { auth = { type = "string", referenceable = true, description = "The Redis password to use for authentication. " } },
+  { ssl = { type = "boolean", required = true, default = false, description = "Whether to use SSL/TLS encryption when connecting to the Redis server."} },
+  { ssl_verify = { type = "boolean", required = true, default = false, description = "Whether to verify the SSL/TLS certificate presented by the Redis server. This should be a boolean value." } },
   { ssl_server_name = typedefs.sni { required = false, description = "The expected server name for the SSL/TLS certificate presented by the Redis server." }},
   {
     namespace = {
@@ -55,29 +55,6 @@ local REDIS_LEGACY_SCHEMA_FIELDS = {
   { scan_count = { type = "number", required = false, default = 10, description = "The number of keys to return in Redis SCAN calls." } },
 }
 
-local REDIS_STORAGE_SCHEMA = tablex.copy(redis_schema.config_schema.fields)
-for _,v in ipairs(REDIS_LEGACY_SCHEMA_FIELDS) do
-  table.insert(REDIS_STORAGE_SCHEMA, v)
-end
-
-table.insert(REDIS_STORAGE_SCHEMA, { extra_options = {
-  description = "Custom ACME Redis options",
-  type = "record",
-  fields = {
-    {
-      namespace = {
-        type = "string",
-        description = "A namespace to prepend to all keys stored in Redis.",
-        required = true,
-        default = "",
-        len_min = 0,
-        custom_validator = validate_namespace
-      }
-    },
-    { scan_count = { type = "number", required = false, default = 10, description = "The number of keys to return in Redis SCAN calls." } },
-  }
-} })
-
 local CONSUL_STORAGE_SCHEMA = {
   { https = { type = "boolean", default = false, description = "Boolean representation of https."}, },
   { host = typedefs.host},
@@ -271,28 +248,6 @@ local schema = {
         end
       }
     },
-    { custom_entity_check = {
-      field_sources = { "config.storage_config.redis.namespace", "config.storage_config.redis.scan_count", "config.storage_config.redis.auth", "config.storage_config.redis.ssl_server_name" },
-      fn = function(entity)
-        if (entity.config.storage_config.redis.namespace or ngx.null) ~= ngx.null and entity.config.storage_config.redis.namespace ~= "" then
-          deprecation("acme: config.storage_config.redis.namespace is deprecated, please use config.storage_config.redis.extra_options.namespace instead",
-            { after = "4.0", })
-        end
-        if (entity.config.storage_config.redis.scan_count or ngx.null) ~= ngx.null and entity.config.storage_config.redis.scan_count ~= 10 then
-          deprecation("acme: config.storage_config.redis.scan_count is deprecated, please use config.storage_config.redis.extra_options.scan_count instead",
-            { after = "4.0", })
-        end
-        if (entity.config.storage_config.redis.auth or ngx.null) ~= ngx.null  then
-          deprecation("acme: config.storage_config.redis.auth is deprecated, please use config.storage_config.redis.password instead",
-            { after = "4.0", })
-        end
-        if (entity.config.storage_config.redis.ssl_server_name or ngx.null) ~= ngx.null  then
-          deprecation("acme: config.storage_config.redis.ssl_server_name is deprecated, please use config.storage_config.redis.server_name instead",
-            { after = "4.0", })
-        end
-        return true
-      end
-    } }
   },
 }
 

diff --git a/kong/plugins/acme/storage/config_adapters/init.lua b/kong/plugins/acme/storage/config_adapters/init.lua
diff --git a/kong/plugins/acme/storage/config_adapters/redis.lua b/kong/plugins/acme/storage/config_adapters/redis.lua
diff --git a/kong/tools/redis/schema.lua b/kong/tools/redis/schema.lua