diff --git a/.env b/.env index d53ac3ea7..8a24e197f 100644 --- a/.env +++ b/.env @@ -2,3 +2,4 @@ PORT = 3000 LOCAL_KEY=TCF25YM-39C4H6D-KA32EGF-V5XSHN3 RATE_LIMIT_WINDOW_SECONDS=60 RATE_LIMIT_MAX_CONNECTIONS=1000 +useAWSCert=false diff --git a/.github/workflows/test-integration.yml b/.github/workflows/test-integration.yml index 1f5efbd64..e33a545bf 100644 --- a/.github/workflows/test-integration.yml +++ b/.github/workflows/test-integration.yml @@ -17,7 +17,21 @@ jobs: docker compose --file docker/docker-compose.yml build docker compose --file docker/docker-compose.yml up -d - name: Sleep - run: bash -c "while ! docker compose --file docker/docker-compose.yml logs --tail=10 cveawg | grep -q 'Serving on port'; do sleep 1; done" + run: | + dockercompose="docker compose --file docker/docker-compose.yml" + attempts=60 + while ! $dockercompose logs cveawg | grep -q 'Serving on port'; do + attempts=$(expr $attempts - 1) + if [ $($dockercompose ps --status running -q | wc -l) -eq 2 ] && [ $attempts -gt 0 ]; then + sleep 1 + $dockercompose logs || true + continue + fi + $dockercompose ps || true + $dockercompose logs || true + echo "==== COULD NOT FIND 'Serving on port' in cveawg output OR one of the services died ====" 1>&2 + exit 1 + done - name: Run Tests run: docker compose -f docker/docker-compose.yml exec -T cveawg npm run test:integration continue-on-error: false \ No newline at end of file diff --git a/config/default.json b/config/default.json index 8fe381aa2..ec754f032 100644 --- a/config/default.json +++ b/config/default.json @@ -5,6 +5,7 @@ "port": 27017 }, "development": { + "useAWSCert": false, "database": "cve_dev", "host": "localhost", "port": 27017 diff --git a/docker/.docker-env.example b/docker/.docker-env.example index 277b5d01b..1a9ba36f4 100644 --- a/docker/.docker-env.example +++ b/docker/.docker-env.example @@ -3,3 +3,4 @@ MONGO_HOST=docdb MONGO_PORT=27017 NODE_ENV=development PORT=3000 +useAWSCert=false \ No newline at end of file diff --git a/docker/.docker-env.int-example b/docker/.docker-env.int-example index 924f472ab..51b85b36e 100644 --- a/docker/.docker-env.int-example +++ b/docker/.docker-env.int-example @@ -2,3 +2,4 @@ MONGO_HOST=docdb MONGO_PORT=27017 NODE_ENV=integration PORT=3000 +useAWSCert=false \ No newline at end of file diff --git a/docker/.docker-env.test-example b/docker/.docker-env.test-example index ba3c24057..ba61b1353 100644 --- a/docker/.docker-env.test-example +++ b/docker/.docker-env.test-example @@ -4,3 +4,4 @@ MONGO_PORT=27017 NODE_ENV=development PORT=3000 TEST_PORT=3001 +useAWSCert=false \ No newline at end of file diff --git a/docker/Dockerfile b/docker/Dockerfile index aa688c875..eb737f72f 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -28,6 +28,7 @@ WORKDIR /home/node/app RUN npm install --production COPY --chown=node:node docker/entrypoint.sh /home/node/app/entrypoint.sh +RUN wget https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem -P /home/node/app/config/ RUN echo '{}' > /home/node/app/config/dev.json RUN echo '{}' > /home/node/app/config/test.json RUN echo '{}' > /home/node/app/config/staging.json diff --git a/docker/default.json-docker b/docker/default.json-docker index 59a89ed94..e9a2e7b4c 100644 --- a/docker/default.json-docker +++ b/docker/default.json-docker @@ -5,6 +5,7 @@ "port": 27017 }, "development": { + "useAWSCert": true, "database": "cve_dev", "host": "docdb", "port": 27017 diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index c12669295..74adb214e 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -1,4 +1,3 @@ -version: '3' services: docdb: # use a mongo image that most closely matches the DocumentDB API diff --git a/src/index.js b/src/index.js index 48cea8f25..d08aaede3 100644 --- a/src/index.js +++ b/src/index.js @@ -6,6 +6,8 @@ const app = express() const helmet = require('helmet') const mongoose = require('mongoose') const morgan = require('morgan') +const path = require('path') +const fs = require('fs') const configureRoutes = require('./routes.config') const dbUtils = require('./utils/db') @@ -46,14 +48,45 @@ app.use((req, res, next) => { res.status(404).json(error.notFound()) }) +console.log('Checking for AWS cert file') +const appEnv = process.env.NODE_ENV +console.log(appEnv) +var awsCERTFile = false +console.log('check') +console.log(process.env.useAWSCert) +if (process.env.useAWSCert.toLocaleLowerCase() === 'true') { + console.log('detecting env') + console.log(process.env.useAWSCert) + awsCERTFile = process.env.useAWSCert +} else { + awsCERTFile = config.has(`${process.env}.useAWSCert`) ? config.get(`${process.env}.useAWSCert`) : false + console.log('HAS') + console.log(config.has(`${process.env}.useAWSCert`)) + console.log('in if checker') + console.log(awsCERTFile) +} + // Connect to MongoDB database const dbConnectionStr = dbUtils.getMongoConnectionString() -mongoose.connect(dbConnectionStr, { - useNewUrlParser: true, - useUnifiedTopology: true, - useFindAndModify: false, - useCreateIndex: true -}) +if (awsCERTFile && awsCERTFile.toLocaleLowerCase() === 'true' && appEnv.toLocaleLowerCase() !== 'test') { + const ca = [fs.readFileSync(path.join(__dirname, 'config/global-bundle.pem'))] + mongoose.connect(dbConnectionStr, { + useNewUrlParser: true, + useUnifiedTopology: true, + useFindAndModify: false, + useCreateIndex: true, + ssl: true, + sslCA: ca + }) +} else { + console.log('NOT USING AWS CERT FILE') + mongoose.connect(dbConnectionStr, { + useNewUrlParser: true, + useUnifiedTopology: true, + useFindAndModify: false, + useCreateIndex: true + }) +} // database connection const db = mongoose.connection diff --git a/test-http/docker/docker-compose.yml b/test-http/docker/docker-compose.yml index 82d9d932a..4585b63d1 100644 --- a/test-http/docker/docker-compose.yml +++ b/test-http/docker/docker-compose.yml @@ -1,4 +1,3 @@ -version: '3' services: demon: container_name: demon