Skip to content

fix(db): added SSL config to migrations container #1535

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
waleedlatif1 merged 1 commit into from
Oct 3, 2025
Merged

fix(db): added SSL config to migrations container #1535

waleedlatif1 merged 1 commit into from
Oct 3, 2025

Conversation

@waleedlatif1
Copy link
Collaborator

@waleedlatif1 waleedlatif1 commented Oct 3, 2025

Summary

added SSL config to migrations container, to have parity with the primary app

Type of Change

  • Bug fix

Testing

Manually.

Checklist

  • Code follows project style guidelines
  • Self-reviewed my changes
  • Tests added/updated and passing
  • No new warnings introduced
  • I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

@vercel
Copy link

vercel bot commented Oct 3, 2025

The latest updates on your projects. Learn more about Vercel for GitHub.

2 Skipped Deployments
Project Deployment Preview Comments Updated (UTC)
docs Skipped Skipped Oct 3, 2025 1:04am
sim Skipped Skipped Oct 3, 2025 1:04am

@waleedlatif1 waleedlatif1 merged commit 5f1518f into staging Oct 3, 2025
5 checks passed
greptile-apps[bot]
greptile-apps bot reviewed Oct 3, 2025
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Greptile Overview

Summary

This PR adds SSL configuration support to the Drizzle ORM migration configuration file (`packages/db/drizzle.config.ts`). The change introduces a comprehensive `getSSLConfig()` function that handles various SSL modes including `disable`, `prefer`, `require`, `verify-ca`, and `verify-full`. The function properly parses base64-encoded SSL certificates from environment variables and conditionally applies the SSL configuration to the database credentials.

The implementation addresses a parity issue where the migrations container lacked the SSL configuration that was present in the primary application. This ensures that database migrations can run successfully in environments requiring SSL connections, particularly in production deployments where SSL is mandatory for security compliance. The SSL config is conditionally spread into the dbCredentials object only when SSL is configured, maintaining backwards compatibility with non-SSL environments.

Important Files Changed

Changed Files
Filename Score Overview
packages/db/drizzle.config.ts 4/5 Added comprehensive SSL configuration support with multi-mode handling and certificate parsing

Confidence score: 4/5

  • This PR is safe to merge with minimal risk as it adds defensive SSL configuration handling
  • Score reflects well-structured error handling and backwards compatibility preservation
  • No files require special attention beyond standard code review practices

1 file reviewed, 1 comment

Edit Code Review Agent Settings | Greptile

packages/db/drizzle.config.ts
return 'prefer' as const
}

const sslConfig: any = {}
Copy link
Contributor

@greptile-apps greptile-apps bot Oct 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

style: Using any type bypasses TypeScript's type safety. Consider defining a proper interface for SSL configuration or using Record<string, unknown>.

Suggested change
const sslConfig: any = {}
const sslConfig: Record<string, unknown> = {}

Context Used: Context from dashboard - Avoid using type assertions to 'any' in TypeScript. Instead, ensure proper type definitions are used... (source)

Prompt To Fix With AI 
This is a comment left during a code review.
Path: packages/db/drizzle.config.ts
Line: 14:14

Comment:
**style:** Using `any` type bypasses TypeScript's type safety. Consider defining a proper interface for SSL configuration or using `Record<string, unknown>`.

```suggestion
  const sslConfig: Record<string, unknown> = {}
```

**Context Used:** Context from `dashboard` - Avoid using type assertions to 'any' in TypeScript. Instead, ensure proper type definitions are used... ([source](https://app.greptile.com/review/custom-context?memory=c63aedff-69e6-48d8-81cf-9763416ee01c))

How can I resolve this? If you propose a fix, please make it concise.

waleedlatif1 added a commit that referenced this pull request Oct 3, 2025
@waleedlatif1
fix(db): added SSL config to migrations container (#1535)
6b0e0c0
@waleedlatif1 waleedlatif1 deleted the fix/database branch October 7, 2025 23:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@waleedlatif1