feat: Configure connectors with DNS Name.

wip: check for domain changed on connect.

Author: hessjcg

.github/workflows/tests.yml

@@ -154,13 +154,15 @@ jobs:
             MYSQL_DB:${{ vars.GOOGLE_CLOUD_PROJECT }}/MYSQL_DB
             POSTGRES_CONNECTION_NAME:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CONNECTION_NAME
             POSTGRES_USER:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_USER
-            POSTGRES_IAM_USER:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_USER_IAM_NODE
+            POSTGRES_USER_IAM_NODE:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_USER_IAM_NODE
             POSTGRES_PASS:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_PASS
             POSTGRES_DB:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_DB
             POSTGRES_CAS_CONNECTION_NAME:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CAS_CONNECTION_NAME
             POSTGRES_CAS_PASS:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CAS_PASS
             POSTGRES_CUSTOMER_CAS_CONNECTION_NAME:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CUSTOMER_CAS_CONNECTION_NAME
             POSTGRES_CUSTOMER_CAS_PASS:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CUSTOMER_CAS_PASS
+            POSTGRES_CUSTOMER_CAS_DOMAIN_NAME:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CUSTOMER_CAS_DOMAIN_NAME
+            POSTGRES_CUSTOMER_CAS_INVALID_DOMAIN_NAME:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CUSTOMER_CAS_INVALID_DOMAIN_NAME
             SQLSERVER_CONNECTION_NAME:${{ vars.GOOGLE_CLOUD_PROJECT }}/SQLSERVER_CONNECTION_NAME
             SQLSERVER_USER:${{ vars.GOOGLE_CLOUD_PROJECT }}/SQLSERVER_USER
             SQLSERVER_PASS:${{ vars.GOOGLE_CLOUD_PROJECT }}/SQLSERVER_PASS
@@ -181,13 +183,15 @@ jobs:
           MYSQL_DB: "${{ steps.secrets.outputs.MYSQL_DB }}"
           POSTGRES_CONNECTION_NAME: "${{ steps.secrets.outputs.POSTGRES_CONNECTION_NAME }}"
           POSTGRES_USER: "${{ steps.secrets.outputs.POSTGRES_USER }}"
-          POSTGRES_IAM_USER: "${{ steps.secrets.outputs.POSTGRES_IAM_USER }}"
+          POSTGRES_USER_IAM_NODE: "${{ steps.secrets.outputs.POSTGRES_USER_IAM_NODE }}"
           POSTGRES_PASS: "${{ steps.secrets.outputs.POSTGRES_PASS }}"
           POSTGRES_DB: "${{ steps.secrets.outputs.POSTGRES_DB }}"
           POSTGRES_CAS_CONNECTION_NAME: "${{ steps.secrets.outputs.POSTGRES_CAS_CONNECTION_NAME }}"
           POSTGRES_CAS_PASS: "${{ steps.secrets.outputs.POSTGRES_CAS_PASS }}"
           POSTGRES_CUSTOMER_CAS_CONNECTION_NAME: "${{ steps.secrets.outputs.POSTGRES_CUSTOMER_CAS_CONNECTION_NAME }}"
           POSTGRES_CUSTOMER_CAS_PASS: "${{ steps.secrets.outputs.POSTGRES_CUSTOMER_CAS_PASS }}"
+          POSTGRES_CUSTOMER_CAS_DOMAIN_NAME: "${{ steps.secrets.outputs.POSTGRES_CUSTOMER_CAS_DOMAIN_NAME }}"
+          POSTGRES_CUSTOMER_CAS_INVALID_DOMAIN_NAME: "${{ steps.secrets.outputs.POSTGRES_CUSTOMER_CAS_INVALID_DOMAIN_NAME }}"
           SQLSERVER_CONNECTION_NAME: "${{ steps.secrets.outputs.SQLSERVER_CONNECTION_NAME }}"
           SQLSERVER_USER: "${{ steps.secrets.outputs.SQLSERVER_USER }}"
           SQLSERVER_PASS: "${{ steps.secrets.outputs.SQLSERVER_PASS }}"
@@ -275,9 +279,15 @@ jobs:
             MYSQL_DB:${{ vars.GOOGLE_CLOUD_PROJECT }}/MYSQL_DB
             POSTGRES_CONNECTION_NAME:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CONNECTION_NAME
             POSTGRES_USER:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_USER
-            POSTGRES_IAM_USER:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_USER_IAM_NODE
+            POSTGRES_USER_IAM_NODE:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_USER_IAM_NODE
             POSTGRES_PASS:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_PASS
             POSTGRES_DB:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_DB
+            POSTGRES_CAS_CONNECTION_NAME:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CAS_CONNECTION_NAME
+            POSTGRES_CAS_PASS:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CAS_PASS
+            POSTGRES_CUSTOMER_CAS_CONNECTION_NAME:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CUSTOMER_CAS_CONNECTION_NAME
+            POSTGRES_CUSTOMER_CAS_PASS:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CUSTOMER_CAS_PASS
+            POSTGRES_CUSTOMER_CAS_DOMAIN_NAME:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CUSTOMER_CAS_DOMAIN_NAME
+            POSTGRES_CUSTOMER_CAS_INVALID_DOMAIN_NAME:${{ vars.GOOGLE_CLOUD_PROJECT }}/POSTGRES_CUSTOMER_CAS_INVALID_DOMAIN_NAME
             SQLSERVER_CONNECTION_NAME:${{ vars.GOOGLE_CLOUD_PROJECT }}/SQLSERVER_CONNECTION_NAME
             SQLSERVER_USER:${{ vars.GOOGLE_CLOUD_PROJECT }}/SQLSERVER_USER
             SQLSERVER_PASS:${{ vars.GOOGLE_CLOUD_PROJECT }}/SQLSERVER_PASS
@@ -292,9 +302,15 @@ jobs:
           MYSQL_DB: "${{ steps.secrets.outputs.MYSQL_DB }}"
           POSTGRES_CONNECTION_NAME: "${{ steps.secrets.outputs.POSTGRES_CONNECTION_NAME }}"
           POSTGRES_USER: "${{ steps.secrets.outputs.POSTGRES_USER }}"
-          POSTGRES_IAM_USER: "${{ steps.secrets.outputs.POSTGRES_IAM_USER }}"
+          POSTGRES_IAM_USER: "${{ steps.secrets.outputs.POSTGRES_USER_IAM_NODE }}"
           POSTGRES_PASS: "${{ steps.secrets.outputs.POSTGRES_PASS }}"
           POSTGRES_DB: "${{ steps.secrets.outputs.POSTGRES_DB }}"
+          POSTGRES_CAS_CONNECTION_NAME: "${{ steps.secrets.outputs.POSTGRES_CAS_CONNECTION_NAME }}"
+          POSTGRES_CAS_PASS: "${{ steps.secrets.outputs.POSTGRES_CAS_PASS }}"
+          POSTGRES_CUSTOMER_CAS_CONNECTION_NAME: "${{ steps.secrets.outputs.POSTGRES_CUSTOMER_CAS_CONNECTION_NAME }}"
+          POSTGRES_CUSTOMER_CAS_PASS: "${{ steps.secrets.outputs.POSTGRES_CUSTOMER_CAS_PASS }}"
+          POSTGRES_CUSTOMER_CAS_DOMAIN_NAME: "${{ steps.secrets.outputs.POSTGRES_CUSTOMER_CAS_DOMAIN_NAME }}"
+          POSTGRES_CUSTOMER_CAS_INVALID_DOMAIN_NAME: "${{ steps.secrets.outputs.POSTGRES_CUSTOMER_CAS_INVALID_DOMAIN_NAME }}"
           SQLSERVER_CONNECTION_NAME: "${{ steps.secrets.outputs.SQLSERVER_CONNECTION_NAME }}"
           SQLSERVER_USER: "${{ steps.secrets.outputs.SQLSERVER_USER }}"
           SQLSERVER_PASS: "${{ steps.secrets.outputs.SQLSERVER_PASS }}"

src/cloud-sql-instance.ts

@@ -14,7 +14,7 @@
 
 import {IpAddressTypes, selectIpAddress} from './ip-addresses';
 import {InstanceConnectionInfo} from './instance-connection-info';
-import {parseInstanceConnectionName} from './parse-instance-connection-name';
+import {resolveInstanceName} from './parse-instance-connection-name';
 import {InstanceMetadata} from './sqladmin-fetcher';
 import {generateKeys} from './crypto';
 import {RSAKeys} from './rsa-keys';
@@ -38,6 +38,7 @@ interface Fetcher {
 interface CloudSQLInstanceOptions {
   authType: AuthTypes;
   instanceConnectionName: string;
+  domainName?: string;
   ipType: IpAddressTypes;
   limitRateInterval?: number;
   sqlAdminFetcher: Fetcher;
@@ -54,7 +55,10 @@ export class CloudSQLInstance {
   static async getCloudSQLInstance(
     options: CloudSQLInstanceOptions
   ): Promise<CloudSQLInstance> {
-    const instance = new CloudSQLInstance(options);
+    const instance = new CloudSQLInstance({
+      options: options,
+      instanceInfo: await resolveInstanceName(options.instanceConnectionName, options.domainName),
+    });
     await instance.refresh();
     return instance;
   }
@@ -80,17 +84,17 @@ export class CloudSQLInstance {
   public dnsName = '';
 
   constructor({
-    ipType,
-    authType,
-    instanceConnectionName,
-    sqlAdminFetcher,
-    limitRateInterval = 30 * 1000, // 30s default
-  }: CloudSQLInstanceOptions) {
-    this.authType = authType;
-    this.instanceInfo = parseInstanceConnectionName(instanceConnectionName);
-    this.ipType = ipType;
-    this.limitRateInterval = limitRateInterval;
-    this.sqlAdminFetcher = sqlAdminFetcher;
+    options,
+    instanceInfo,
+  }: {
+    options: CloudSQLInstanceOptions;
+    instanceInfo: InstanceConnectionInfo;
+  }) {
+    this.instanceInfo = instanceInfo;
+    this.authType = options.authType || AuthTypes.PASSWORD;
+    this.ipType = options.ipType || IpAddressTypes.PUBLIC;
+    this.limitRateInterval = options.limitRateInterval || 30 * 1000; // 30 seconds
+    this.sqlAdminFetcher = options.sqlAdminFetcher;
   }
 
   // p-throttle library has to be initialized in an async scope in order to
@@ -286,6 +290,7 @@ export class CloudSQLInstance {
   }
 
   cancelRefresh(): void {
+    // If refresh has not yet started, then cancel the setTimeout
     if (this.scheduledRefreshID) {
       clearTimeout(this.scheduledRefreshID);
     }
@@ -305,4 +310,8 @@ export class CloudSQLInstance {
     this.closed = true;
     this.cancelRefresh();
   }
+
+  isClosed(): boolean {
+    return this.closed;
+  }
 }

src/connector.ts

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import {Server, Socket, createServer} from 'node:net';
+import {createServer, Server, Socket} from 'node:net';
 import tls from 'node:tls';
 import {promisify} from 'node:util';
 import {AuthClient, GoogleAuth} from 'google-auth-library';
@@ -22,6 +22,7 @@ import {IpAddressTypes} from './ip-addresses';
 import {AuthTypes} from './auth-types';
 import {SQLAdminFetcher} from './sqladmin-fetcher';
 import {CloudSQLConnectorError} from './errors';
+import {isSameInstance, resolveInstanceName} from './parse-instance-connection-name';
 
 // These Socket types are subsets from nodejs definitely typed repo, ref:
 // https://github.com/DefinitelyTyped/DefinitelyTyped/blob/ae0fe42ff0e6e820e8ae324acf4f8e944aa1b2b7/types/node/v18/net.d.ts#L437
@@ -43,6 +44,7 @@ export declare interface ConnectionOptions {
   authType?: AuthTypes;
   ipType?: IpAddressTypes;
   instanceConnectionName: string;
+  domainName?: string;
 }
 
 export declare interface SocketConnectionOptions extends ConnectionOptions {
@@ -75,66 +77,65 @@ export declare interface TediousDriverOptions {
 
 // Internal mapping of the CloudSQLInstances that
 // adds extra logic to async initialize items.
-class CloudSQLInstanceMap extends Map {
-  async loadInstance({
-    ipType,
-    authType,
-    instanceConnectionName,
-    sqlAdminFetcher,
-  }: {
-    ipType: IpAddressTypes;
-    authType: AuthTypes;
-    instanceConnectionName: string;
-    sqlAdminFetcher: SQLAdminFetcher;
-  }): Promise<void> {
+class CloudSQLInstanceMap extends Map<string,CloudSQLInstance> {
+  private readonly sqlAdminFetcher: SQLAdminFetcher
+
+  constructor(sqlAdminFetcher: SQLAdminFetcher) {
+    super();
+    this.sqlAdminFetcher = sqlAdminFetcher;
+  }
+
+  private cacheKey(opts: ConnectionOptions): string {
+    //TODO: for now, the cache key function must be synchronous.
+    //  When we implement the async connection info from
+    //  https://github.com/GoogleCloudPlatform/cloud-sql-nodejs-connector/pull/426
+    //  then the cache key should contain both the domain name
+    //  and the resolved instance name.
+    return (opts.instanceConnectionName || opts.domainName)+"-"+
+      opts.authType+"-"+opts.ipType;
+  }
+
+  async loadInstance(opts: ConnectionOptions): Promise<void> {
     // in case an instance to that connection name has already
     // been setup there's no need to set it up again
-    if (this.has(instanceConnectionName)) {
-      const instance = this.get(instanceConnectionName);
-      if (instance.authType && instance.authType !== authType) {
-        throw new CloudSQLConnectorError({
-          message:
-            `getOptions called for instance ${instanceConnectionName} with authType ${authType}, ` +
-            `but was previously called with authType ${instance.authType}. ` +
-            'If you require both for your use case, please use a new connector object.',
-          code: 'EMISMATCHAUTHTYPE',
-        });
+    if (this.has(this.cacheKey(opts))) {
+      const instance = this.get(this.cacheKey(opts));
+      let oldInfo = instance?.instanceInfo
+      if(oldInfo && oldInfo.domainName){
+        // configured with domain name
+        let newInfo = await resolveInstanceName(undefined, oldInfo.domainName);
+        if(!isSameInstance(oldInfo, newInfo) ) {
+          // Domain name changed. Close and remove, then create a new map entry.
+          instance?.close();
+          this.delete(this.cacheKey(opts))
+        } else {
+          // Domain name resolves to the same instance, do nothing.
+          return
+        }
+      } else{
+        // Configured with instance name. Existing map entry is OK.
+        return;
       }
-      return;
     }
+
     const connectionInstance = await CloudSQLInstance.getCloudSQLInstance({
-      ipType,
-      authType,
-      instanceConnectionName,
-      sqlAdminFetcher: sqlAdminFetcher,
+      instanceConnectionName: opts.instanceConnectionName,
+      domainName: opts.domainName,
+      authType: opts.authType || AuthTypes.PASSWORD,
+      ipType: opts.ipType || IpAddressTypes.PUBLIC,
+      limitRateInterval: 30 * 1000, // 30 sec
+      sqlAdminFetcher: this.sqlAdminFetcher,
     });
-    this.set(instanceConnectionName, connectionInstance);
+    this.set(this.cacheKey(opts), connectionInstance);
   }
 
-  getInstance({
-    instanceConnectionName,
-    authType,
-  }: {
-    instanceConnectionName: string;
-    authType: AuthTypes;
-  }): CloudSQLInstance {
-    const connectionInstance = this.get(instanceConnectionName);
+  getInstance(opts: ConnectionOptions): CloudSQLInstance {
+    const connectionInstance = this.get(this.cacheKey(opts));
     if (!connectionInstance) {
       throw new CloudSQLConnectorError({
-        message: `Cannot find info for instance: ${instanceConnectionName}`,
+        message: `Cannot find info for instance: ${opts.instanceConnectionName}`,
         code: 'ENOINSTANCEINFO',
       });
-    } else if (
-      connectionInstance.authType &&
-      connectionInstance.authType !== authType
-    ) {
-      throw new CloudSQLConnectorError({
-        message:
-          `getOptions called for instance ${instanceConnectionName} with authType ${authType}, ` +
-          `but was previously called with authType ${connectionInstance.authType}. ` +
-          'If you require both for your use case, please use a new connector object.',
-        code: 'EMISMATCHAUTHTYPE',
-      });
     }
     return connectionInstance;
   }
@@ -160,13 +161,13 @@ export class Connector {
   private readonly sockets: Set<Socket>;
 
   constructor(opts: ConnectorOptions = {}) {
-    this.instances = new CloudSQLInstanceMap();
     this.sqlAdminFetcher = new SQLAdminFetcher({
       loginAuth: opts.auth,
       sqlAdminAPIEndpoint: opts.sqlAdminAPIEndpoint,
       universeDomain: opts.universeDomain,
       userAgent: opts.userAgent,
     });
+    this.instances = new CloudSQLInstanceMap(this.sqlAdminFetcher);
     this.localProxies = new Set();
     this.sockets = new Set();
   }
@@ -183,22 +184,25 @@ export class Connector {
   // const pool = new Pool(opts)
   // const res = await pool.query('SELECT * FROM pg_catalog.pg_tables;')
   async getOptions({
-    authType = AuthTypes.PASSWORD,
-    ipType = IpAddressTypes.PUBLIC,
-    instanceConnectionName,
-  }: ConnectionOptions): Promise<DriverOptions> {
+                     authType = AuthTypes.PASSWORD,
+                     ipType = IpAddressTypes.PUBLIC,
+                     instanceConnectionName,
+                     domainName,
+                   }: ConnectionOptions): Promise<DriverOptions> {
     const {instances} = this;
     await instances.loadInstance({
       ipType,
       authType,
       instanceConnectionName,
-      sqlAdminFetcher: this.sqlAdminFetcher,
+      domainName
     });
 
     return {
       stream() {
         const cloudSqlInstance = instances.getInstance({
+          ipType,
           instanceConnectionName,
+          domainName,
           authType,
         });
         const {
@@ -228,7 +232,7 @@ export class Connector {
             privateKey,
             serverCaCert,
             serverCaMode,
-            dnsName,
+            dnsName: instanceInfo.domainName || dnsName, // use the configured domain name, or the instance dnsName.
           });
           tlsSocket.once('error', () => {
             cloudSqlInstance.forceRefresh();
@@ -248,10 +252,10 @@ export class Connector {
   }
 
   async getTediousOptions({
-    authType,
-    ipType,
-    instanceConnectionName,
-  }: ConnectionOptions): Promise<TediousDriverOptions> {
+                            authType,
+                            ipType,
+                            instanceConnectionName,
+                          }: ConnectionOptions): Promise<TediousDriverOptions> {
     if (authType === AuthTypes.IAM) {
       throw new CloudSQLConnectorError({
         message: 'Tedious does not support Auto IAM DB Authentication',
@@ -288,11 +292,11 @@ export class Connector {
   //  `postgresql://${user}@localhost/${database}?host=${process.cwd()}`;
   // const prisma = new PrismaClient({ datasourceUrl });
   async startLocalProxy({
-    authType,
-    ipType,
-    instanceConnectionName,
-    listenOptions,
-  }: SocketConnectionOptions): Promise<void> {
+                          authType,
+                          ipType,
+                          instanceConnectionName,
+                          listenOptions,
+                        }: SocketConnectionOptions): Promise<void> {
     const {stream} = await this.getOptions({
       authType,
       ipType,

src/instance-connection-info.ts

@@ -17,4 +17,6 @@ export interface InstanceConnectionInfo {
   regionId: string;
   instanceId: string;
   domainName: string | undefined;
+
+
 }