From 789e1e7ed41838bdadb5e8cb429aa76610fa5749 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E0=A4=95=E0=A4=BE=E0=A4=B0=E0=A4=A4=E0=A5=8B=E0=A4=AB?= =?UTF-8?q?=E0=A5=8D=E0=A4=AB=E0=A5=87=E0=A4=B2=E0=A4=B8=E0=A5=8D=E0=A4=95?= =?UTF-8?q?=E0=A5=8D=E0=A4=B0=E0=A4=BF=E0=A4=AA=E0=A5=8D=E0=A4=9F=E2=84=A2?= Date: Mon, 9 Oct 2023 13:55:03 +0200 Subject: [PATCH] fix(core): Add an option to enable postgres ssl with default certs (#6889) CP-809 --- packages/cli/src/Db.ts | 2 +- packages/cli/src/config/schema.ts | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/packages/cli/src/Db.ts b/packages/cli/src/Db.ts index 596052667e..daebfa031d 100644 --- a/packages/cli/src/Db.ts +++ b/packages/cli/src/Db.ts @@ -90,7 +90,7 @@ export function getConnectionOptions(dbType: DatabaseType): ConnectionOptions { const sslKey = config.getEnv('database.postgresdb.ssl.key'); const sslRejectUnauthorized = config.getEnv('database.postgresdb.ssl.rejectUnauthorized'); - let ssl: TlsOptions | undefined; + let ssl: TlsOptions | boolean = config.getEnv('database.postgresdb.ssl.enabled'); if (sslCa !== '' || sslCert !== '' || sslKey !== '' || !sslRejectUnauthorized) { ssl = { ca: sslCa || undefined, diff --git a/packages/cli/src/config/schema.ts b/packages/cli/src/config/schema.ts index 65590d27a1..ae92095441 100644 --- a/packages/cli/src/config/schema.ts +++ b/packages/cli/src/config/schema.ts @@ -92,6 +92,12 @@ export const schema = { }, ssl: { + enabled: { + doc: 'If SSL should be enabled. If `ca`, `cert`, or `key` are defined, this will automatically default to true', + format: 'Boolean', + default: false, + env: 'DB_POSTGRESDB_SSL_ENABLED', + }, ca: { doc: 'SSL certificate authority', format: String,