From 4785f520b1b1d3973dff30cf4ec3e9e000661e24 Mon Sep 17 00:00:00 2001
From: Kristoff Kiefer <31993948+kristoff-kiefer@users.noreply.github.com>
Date: Wed, 11 Oct 2023 15:28:14 +0200
Subject: [PATCH] Added ssl-param for db connection (#39)

* Added ssl-param for db connection

* Adjusted config-tests
---
 config/config.dev.json                  | 6 ++++--
 config/config.prod.json                 | 3 ++-
 config/config.test.json                 | 3 ++-
 src/console/console.module.ts           | 3 ++-
 src/server/server.module.ts             | 2 +-
 src/shared/config/config.loader.spec.ts | 3 ++-
 src/shared/config/db.config.ts          | 6 +++++-
 7 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/config/config.dev.json b/config/config.dev.json
index 88b9a3ff1..d60c9c6f7 100644
--- a/config/config.dev.json
+++ b/config/config.dev.json
@@ -7,11 +7,13 @@
     },
     "DB": {
         "CLIENT_URL": "postgres://admin:password@127.0.0.1:5432",
-        "DB_NAME": "dbildungs-iam"
+        "DB_NAME": "dbildungs-iam",
+        "USE_SSL": false
     },
     "KEYCLOAK": {
         "BASE_URL": "http://127.0.0.1:8080",
         "REALM_NAME": "master",
-        "CLIENT_ID": "admin-cli"
+        "CLIENT_ID": "admin-cli",
+        "SECRET": "topsecret"
     }
 }
diff --git a/config/config.prod.json b/config/config.prod.json
index 675033708..d8b108cd3 100644
--- a/config/config.prod.json
+++ b/config/config.prod.json
@@ -4,7 +4,8 @@
     },
     "DB": {
         "CLIENT_URL": "<here goes your connection string>",
-        "DB_NAME": "<here goes your db name>"
+        "DB_NAME": "<here goes your db name>",
+        "USE_SSL": true
     },
     "KEYCLOAK": {
         "BASE_URL": "<URL to keycloak>",
diff --git a/config/config.test.json b/config/config.test.json
index 27b978f67..98666166a 100644
--- a/config/config.test.json
+++ b/config/config.test.json
@@ -7,7 +7,8 @@
     },
     "DB": {
         "CLIENT_URL": "postgres://127.0.0.1:5432",
-        "DB_NAME": "dbildungs-iam"
+        "DB_NAME": "dbildungs-iam",
+        "USE_SSL": true
     },
     "KEYCLOAK": {
         "BASE_URL": "http://127.0.0.1:8080",
diff --git a/src/console/console.module.ts b/src/console/console.module.ts
index 443503b5f..cf96868b4 100644
--- a/src/console/console.module.ts
+++ b/src/console/console.module.ts
@@ -14,6 +14,7 @@ import { DbInitConsole } from './db-init.console.js';
 @Module({
     imports: [
         LoggingModule,
+
         ConfigModule.forRoot({
             isGlobal: true,
             validate: loadEnvConfig,
@@ -33,7 +34,7 @@ import { DbInitConsole } from './db-init.console.js';
                     entitiesTs: ['./src/**/*.entity.ts'],
                     driverOptions: {
                         connection: {
-                            ssl: true,
+                            ssl: config.getOrThrow<DbConfig>('DB').USE_SSL,
                         },
                     },
                 });
diff --git a/src/server/server.module.ts b/src/server/server.module.ts
index cfd2deacb..877863ec6 100644
--- a/src/server/server.module.ts
+++ b/src/server/server.module.ts
@@ -36,7 +36,7 @@ import { OrganisationApiModule } from '../modules/organisation/organisation-api.
                     type: 'postgresql',
                     driverOptions: {
                         connection: {
-                            ssl: true,
+                            ssl: dbConfig.USE_SSL,
                         },
                     },
                 });
diff --git a/src/shared/config/config.loader.spec.ts b/src/shared/config/config.loader.spec.ts
index c4f72f8cd..470d9f3f0 100644
--- a/src/shared/config/config.loader.spec.ts
+++ b/src/shared/config/config.loader.spec.ts
@@ -1,6 +1,6 @@
 import 'reflect-metadata'; // some decorators use reflect-metadata in the background
 import fs from 'fs';
-import { EnvConfig, JsonConfig, DeployStage, loadConfigFiles, loadEnvConfig } from './index.js';
+import { DeployStage, EnvConfig, JsonConfig, loadConfigFiles, loadEnvConfig } from './index.js';
 import { DeepPartial } from '../../../test/utils/index.js';
 
 describe('configloader', () => {
@@ -35,6 +35,7 @@ describe('configloader', () => {
                 DB: {
                     CLIENT_URL: 'postgres://localhost:5432',
                     DB_NAME: 'test-db',
+                    USE_SSL: false,
                 },
                 KEYCLOAK: {
                     BASE_URL: 'localhost:8080',
diff --git a/src/shared/config/db.config.ts b/src/shared/config/db.config.ts
index d461e8850..9225c40cc 100644
--- a/src/shared/config/db.config.ts
+++ b/src/shared/config/db.config.ts
@@ -1,4 +1,4 @@
-import { IsNotEmpty, IsString } from 'class-validator';
+import { IsBoolean, IsNotEmpty, IsString } from 'class-validator';
 
 export class DbConfig {
     @IsString()
@@ -12,4 +12,8 @@ export class DbConfig {
     @IsString()
     @IsNotEmpty()
     public readonly SECRET!: string;
+
+    @IsBoolean()
+    @IsNotEmpty()
+    public readonly USE_SSL!: boolean;
 }