Align JS/TS sample SSL configuration

Author: danielfrankcom

.github/workflows/typescript-type-orm-integ-tests.yml

@@ -53,7 +53,6 @@ jobs:
           REGION: ${{ secrets.TYPESCRIPT_TYPE_ORM_CLUSTER_REGION }}
         run: |
           npm install
-          wget https://www.amazontrust.com/repository/AmazonRootCA1.pem -O root.pem
           npm run build
           npm run migrations-drop-table
           npm run migrations-create-table

javascript/node-postgres/src/index.js

@@ -21,20 +21,15 @@ async function getConnection(clusterEndpoint, user, region) {
         signer.user = user;
         token = await signer.getDbConnectAuthToken()
       }
-      // <https://node-postgres.com/apis/client>
-      // By default `rejectUnauthorized` is true in TLS options
-      // <https://nodejs.org/api/tls.html#tls_tls_connect_options_callback>
-      // The config does not offer any specific parameter to set sslmode to verify-full
-      // Settings are controlled either via connection string or by setting
-      // rejectUnauthorized to false in ssl options
       let client = new Client({
         host: clusterEndpoint,
         user: user,
         password: token,
         database: "postgres",
         port: 5432,
-        // <https://node-postgres.com/announcements> for version 8.0
-        ssl: true
+        ssl: {
+          rejectUnauthorized: true,
+        }
       });
 
       // Connect

javascript/postgres-js/src/index.js

@@ -18,7 +18,9 @@ async function getConnection(clusterEndpoint, user, region) {
     database: "postgres",
     port: 5432,
     idle_timeout: 2,
-    ssl: true,
+    ssl: {
+      rejectUnauthorized: true,
+    }
     // max: 1, // Optionally set maximum connection pool size
   })
 

typescript/sequelize/README.md

@@ -52,15 +52,6 @@ It should output something similar to `Version 5.6.x` or higher.
   [Using database roles with IAM roles](https://docs.aws.amazon.com/aurora-dsql/latest/userguide/using-database-and-iam-roles.html)
   guide.
 
-### Download the Amazon root certificate from the official trust store
-
-Download the Amazon root certificate from the official trust store. This example shows one of the available certs that
-can be used by the client. Other certs such as AmazonRootCA2.pem, AmazonRootCA3.pem, etc. can also be used.
-
-```
-wget https://www.amazontrust.com/repository/AmazonRootCA1.pem -O root.pem
-```
-
 ### Run the code
 
 The example demonstrates the following operations:

typescript/sequelize/src/index.ts

@@ -32,8 +32,8 @@ async function getSequelizeConnection(): Promise<Sequelize> {
       clientMinMessages: 'ignore', // This is essential
       skipIndexes: true,
       ssl: {
-        mode: 'verify-full'
-      },
+        rejectUnauthorized: true,
+      }
     },
     pool: {
       max: 5,

typescript/type-orm/README.md

@@ -43,15 +43,6 @@ The code automatically detects the user type and adjusts its behavior accordingl
   [Using database roles with IAM roles](https://docs.aws.amazon.com/aurora-dsql/latest/userguide/using-database-and-iam-roles.html)
   guide.
 
-### Download the Amazon root certificate from the official trust store
-
-Download the Amazon root certificate from the official trust store. This example shows one of the available certs that
-can be used by the client. Other certs such as AmazonRootCA2.pem, AmazonRootCA3.pem, etc. can also be used.
-
-```
-wget https://www.amazontrust.com/repository/AmazonRootCA1.pem -O root.pem
-```
-
 ### Set up environment for examples
 
 ```

typescript/type-orm/package.json

@@ -9,8 +9,7 @@
     "migrations-run": "npm run typeorm migration:run -- -d ./dist/src/data-source --transaction none",
     "migrations-revert": "npm run typeorm migration:revert -- -d ./dist/src/data-source --transaction none",
     "build:compile": "tsc --build",
-    "build:copy": "mkdir -p dist/src && cp root.pem dist/src",
-    "build": "npm-run-all build:compile build:copy",
+    "build": "npm-run-all build:compile",
     "clean": "rm -rf build && rm -rf dist",
     "typeorm": "ts-node ./node_modules/typeorm/cli.js",
     "start": "node dist/index.js",

typescript/type-orm/src/create-migrations-table.ts

@@ -33,7 +33,6 @@ const createMigrationsTable = async () => {
       port: 5432,
       database: "postgres",
       ssl: {
-        ca: fs.readFileSync(path.join(__dirname, "root.pem")),
         rejectUnauthorized: true,
       },
     });

typescript/type-orm/src/data-source.ts

@@ -33,7 +33,6 @@ const getDataSource = async () => {
       password: token,
       database: "postgres",
       ssl: {
-        ca: fs.readFileSync(path.join(__dirname, "root.pem")),
         rejectUnauthorized: true,
       },
       synchronize: false,

typescript/type-orm/src/drop-migrations-table.ts

@@ -31,7 +31,6 @@ const dropMigrationsTable = async () => {
       port: 5432,
       database: "postgres",
       ssl: {
-        ca: fs.readFileSync(path.join(__dirname, "root.pem")),
         rejectUnauthorized: true,
       },
     });