feat(rds): add updated ca bundle for rds connections

briancaffey · Feb 28, 2024 · d25b261 · d25b261
1 parent 85bac3c
commit d25b261
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 2 deletions.
diff --git a/.gitignore b/.gitignore
@@ -4,6 +4,7 @@ htmlcov
 node_modules
 notes
 .env
+.venv
 cdk.out
 .raspberrypi.env
 cdk.context.json

diff --git a/backend/Dockerfile b/backend/Dockerfile
@@ -14,7 +14,7 @@ RUN pip install "poetry==$POETRY_VERSION"
 COPY poetry.lock pyproject.toml /code/
 
 FROM base AS prod
-RUN curl https://s3.amazonaws.com/rds-downloads/rds-ca-2019-root.pem -o /usr/local/share/rds-ca-2019-root.pem
+RUN curl https://s3.amazonaws.com/rds-downloads/rds-combined-ca-bundle.pem -o /usr/local/share/rds-combined-ca-bundle.pem
 RUN POETRY_VIRTUALENVS_CREATE=false poetry install --only main
 COPY . /code
 RUN chown -R app:app /code

diff --git a/backend/backend/settings/production.py b/backend/backend/settings/production.py
@@ -6,7 +6,7 @@
 
 DATABASES["default"]["OPTIONS"] = {
     "sslmode": "verify-full",
-    "sslrootcert": "/usr/local/share/rds-ca-2019-root.pem",
+    "sslrootcert": "/usr/local/share/rds-combined-ca-bundle.pem",
 }
 
 # add django-storages to INSTALLED_APPS

diff --git a/cli/main.py b/cli/main.py
@@ -0,0 +1,22 @@
+import boto3
+import subprocess
+
+
+def main():
+
+    aws_command = [
+        'aws', 'ecs', 'execute-command',
+        '--cluster', 'alpha-cluster',
+        '--task', '',
+        '--command', 'bash',
+        '--interactive'
+    ]
+
+    try:
+        subprocess.run(aws_command, capture_output=False, text=True)
+    except subprocess.CalledProcessError as e:
+        print(f"Error executing command: {e}")
+
+
+if __name__ == "__main__":
+    main()
-Original file line number
+Diff line change
@@ Expand Up / @@ -4,6 +4,7 @@ htmlcov @@
     node_modules
     notes
     .env
+    .venv
     cdk.out
     .raspberrypi.env
     cdk.context.json
@@ Expand Down @@