Implement Address Whitelist Functionality #813
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds address whitelist functionality to pgcat. This is mostly useful with trust auth where no password is required but you can still allow only specific IP's/IP ranges/addresses to access a user/database but can also be used with password authentication to provide an extra layer of security.
This PR is unit tested, does not require any changes to the dockerfile/CI. It does require a slight change in dependencies of the rust cargo dependencies but I don't think this should break anything.
One potential issue with this implementation is that I had to make the set element of the AddrSet struct public. I am open to any alternative implementations that do this in a more clean way.