Skip to content

API-WAF-SYNC use ssl in database connection if prod #2342

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jdettmannnava merged 7 commits into from
Dec 3, 2024
Merged

API-WAF-SYNC use ssl in database connection if prod #2342

jdettmannnava merged 7 commits into from
Dec 3, 2024

Conversation

@jdettmannnava
Copy link
Contributor

@jdettmannnava jdettmannnava commented Dec 2, 2024
edited
Loading

🎫 Ticket

https://jira.cms.gov/browse/DPC-4415

🛠 Changes

  • Configured to use ssl if not running locally.
  • CGO_ENABLED set to 0 because it was failing to run
  • Format of ip address updated to match aws requirements
  • Database query optimized as drive-by-refactor

ℹ️ Context

  • Upgrade to postgres 16 meant we have to use a secure connection
  • Bugs fixed to allow testing

🧪 Validation

Manually placed in AWS and it works!

@jdettmannnava jdettmannnava changed the title use ssl if prod API-WAF-SYNC use ssl in database connection if prod Dec 3, 2024
@jdettmannnava jdettmannnava requested review from a team and ashley-weaver December 3, 2024 21:07
@jdettmannnava jdettmannnava marked this pull request as ready for review December 3, 2024 21:07
ashley-weaver
ashley-weaver approved these changes Dec 3, 2024
View reviewed changes
Copy link
Contributor

@ashley-weaver ashley-weaver left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

lambda/api-waf-sync/db.go
defer db.Close()

rows, queryErr := db.Query(`SELECT ip_address FROM ip_addresses`)
rows, queryErr := db.Query(`SELECT DISTINCT ip_address FROM ip_addresses`)
Copy link
Contributor

@ashley-weaver ashley-weaver Dec 3, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good catch

@jdettmannnava jdettmannnava merged commit 7258a86 into main Dec 3, 2024
10 checks passed
@jdettmannnava jdettmannnava deleted the jd/dpc-4415-waf-ssl branch December 3, 2024 21:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ashley-weaver ashley-weaver ashley-weaver approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jdettmannnava @ashley-weaver