From 5d404e648bc6d7e8638dd15d9dae4c1432a70265 Mon Sep 17 00:00:00 2001
From: david-rocca <davidtrocca@gmail.com>
Date: Mon, 23 Sep 2024 13:28:24 -0400
Subject: [PATCH] Boilerplate for getting AWS certs

---
 .env                |  1 +
 config/default.json |  1 +
 docker/Dockerfile   |  1 +
 src/index.js        | 33 +++++++++++++++++++++++++++------
 4 files changed, 30 insertions(+), 6 deletions(-)

diff --git a/.env b/.env
index d53ac3ea7..547228b99 100644
--- a/.env
+++ b/.env
@@ -2,3 +2,4 @@ PORT = 3000
 LOCAL_KEY=TCF25YM-39C4H6D-KA32EGF-V5XSHN3
 RATE_LIMIT_WINDOW_SECONDS=60
 RATE_LIMIT_MAX_CONNECTIONS=1000
+USE_AWS_CERT_FILE=true
diff --git a/config/default.json b/config/default.json
index 8fe381aa2..ec754f032 100644
--- a/config/default.json
+++ b/config/default.json
@@ -5,6 +5,7 @@
     "port": 27017
   },
   "development": {
+    "useAWSCert": false,
     "database": "cve_dev",
     "host": "localhost",
     "port": 27017
diff --git a/docker/Dockerfile b/docker/Dockerfile
index aa688c875..644ffded1 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -28,6 +28,7 @@ WORKDIR /home/node/app
 
 RUN npm install --production
 COPY --chown=node:node docker/entrypoint.sh /home/node/app/entrypoint.sh
+RUN wget https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem /home/node/app/config/global-bundle.pem
 RUN echo '{}' > /home/node/app/config/dev.json
 RUN echo '{}' > /home/node/app/config/test.json
 RUN echo '{}' > /home/node/app/config/staging.json
diff --git a/src/index.js b/src/index.js
index 48cea8f25..67761fbd0 100644
--- a/src/index.js
+++ b/src/index.js
@@ -46,14 +46,35 @@ app.use((req, res, next) => {
   res.status(404).json(error.notFound())
 })
 
+console.log('Checking for AWS cert file')
+const appEnv = process.env.NODE_ENV
+var awsCERTFile = false
+if (process.env.USE_AWS_CERT) {
+  awsCERTFile = process.env.USE_AWS_CERT
+} else {
+  awsCERTFile = config.has(`${appEnv}.useAWSCert`) ? config.get(`${appEnv}.useAWSCert`) : false
+}
+
 // Connect to MongoDB database
 const dbConnectionStr = dbUtils.getMongoConnectionString()
-mongoose.connect(dbConnectionStr, {
-  useNewUrlParser: true,
-  useUnifiedTopology: true,
-  useFindAndModify: false,
-  useCreateIndex: true
-})
+if (awsCERTFile) {
+  mongoose.connect(dbConnectionStr, {
+    useNewUrlParser: true,
+    useUnifiedTopology: true,
+    useFindAndModify: false,
+    useCreateIndex: true,
+    ssl: true,
+    ca: ''
+  })
+} else {
+  console.log('NOT USING AWS CERT FILE')
+  mongoose.connect(dbConnectionStr, {
+    useNewUrlParser: true,
+    useUnifiedTopology: true,
+    useFindAndModify: false,
+    useCreateIndex: true
+  })
+}
 
 // database connection
 const db = mongoose.connection