Lumber not allowing pass-through of dialectOptions for Sequelize

Question

Lumber not allowing pass-through of dialectOptions for Sequelize

antoniojtorres opened this issue 4 years ago · 13 comments

This may be more of a feature request / limitation than a bug. Thanks in advance.

Expected behavior

Setting up ForestAdmin using lumber for the first time. Have a backend service in heroku using Heroku Postgres. When generating the lumber command and adding my database connection. Once that runs I expect lumber to run successfully.

Actual behavior

When running the command I received the error "SequelizeConnectionError: self signed certificate". This is because heroku postgres uses self-signed certificates for this database.

When specifying ssl as true, lumber-generate.js generates these options for Sequelize
{ logging: false, dialectOptions: { ssl: true } }

This isn't enough for my scenario.

The installation can be pushed through with
{ logging: false, dialectOptions: { ssl: true, rejectUnauthorized: false } }

This issue is not about what is right or wrong in terms on how to connect. What I am suggesting is providing the ability to have a pass-through for database specific flags so users can tackle their edge cases. The current implementation in lumber-generate has a very narrow set of options.

Failure Logs

? Does your database require a SSL connection? Yes
✖ Connecting to your database

Cannot connect to the database due to the following error:
SequelizeConnectionError: self signed certificate

Context

Node 12.16.3
NPM 6.14.4

Lumber Package Version: 3.6.4
Database Dialect: PostgreSQL
Database Version: 12.3

Thank you all for the wonderful code and product. Big fan.

PS: As you may have figured, when I launched the admin the cert validation error is also present there. I am stuck :(

Answer 1 · 2020-08-17T14:22:21.000Z

Hi @antoniojtorres! Thank you for your feedback and this detailed explanation 👍 . I guess we should improve this, I opened an issue on our product board about this need.

Answer 2 · 2020-08-25T11:22:09.000Z

Hi, I need this too !

Answer 3 · 2020-09-04T12:58:50.000Z

Same, I can't use DigitalOcean managed DB because of this.

Answer 4 · 2020-09-07T08:23:44.000Z

I cannot use Heroku managed DB myself because of this.

Answer 5 · 2020-09-07T16:00:28.000Z

@snwfdhmp & @djpate Thank you for your feedback. This concern has been reported to the product team which is aware of the issue. This is currently in our roadmap. You will be notified as soon as it has been released!

Answer 6 · 2020-09-07T16:02:10.000Z

Thanks a lot ! You can test if this works with Heroku simply via their free Postgres add-ons

Answer 7 · 2020-09-14T14:02:11.000Z

Related issue here: https://community.forestadmin.com/t/ssl-issues-with-forestadmin/837

(Side note: I'm working on a patch, I hope to release it this week).

Answer 8 · 2020-09-21T08:18:04.000Z

Hi @antoniojtorres @djpate @snwfdhmp

We just released a new version of Lumber that adds a DATABASE_REJECT_UNAUTHORIZED parameter in Lumber generated projects (it is set to false by default to ease users onboarding). If you update Lumber to the latest version then start a new project, you should not be annoyed anymore with the SequelizeConnectionError: self-signed certificate message.

If you want to fix your actual project without re-running the install command, add this line to your .env file:

DATABASE_REJECT_UNAUTHORIZED=false

Then edit models/index.js (here):

-  databaseOptions.dialectOptions.ssl = true;
+  if (process.env.DATABASE_REJECT_UNAUTHORIZED === false) {
+    databaseOptions.dialectOptions.ssl = { rejectUnauthorized: false };
+  } else {
+    databaseOptions.dialectOptions.ssl = true;
+  }

A quick note about the chosen implementation: I first created an implementation with a dialectOptions for Lumber, but after some discussion with other members of the team, we finally decided to implement a fix for this need only (the main argument is that we do not need to develop something heavy for problems that are not identified yet).

TL;DR: Issue fixed, update to latest Lumber version.

Thank you for your patience 🙏 Let me know if you have any issue, I would be glad to help you!

Answer 9 · 2020-09-21T09:55:12.000Z

@rap2hpoutre thanks a lot !

Answer 10 · 2020-09-23T08:23:17.000Z

Hey, the fix doesn't work.

The environment variable DATABASE_REJECT_UNAUTHORIZED doesn't automatically get parsed and converted to a boolean, so === false doesn't work.

Answer 11 · 2020-09-24T14:40:34.000Z

@bartjoyce Whoops. Thank you for spotting this, and sorry for the mess. A new PR is on its way!

Answer 12 · 2020-09-24T15:37:21.000Z

@bartjoyce It has just been fixed thanks to your comment!

Could you try again with the latest version of lumber? (v3.7.2)

If you want to fix your actual project without re-running the install command, add this line to your .env file:

DATABASE_REJECT_UNAUTHORIZED=false

Then edit models/index.js (here):

-  databaseOptions.dialectOptions.ssl = true;
+ const rejectUnauthorized = process.env.DATABASE_REJECT_UNAUTHORIZED;
+ if (rejectUnauthorized && (JSON.parse(rejectUnauthorized.toLowerCase()) === false)) {
+   databaseOptions.dialectOptions.ssl = { rejectUnauthorized: false };
+ } else {
+   databaseOptions.dialectOptions.ssl = true;
+ }

Let me know if it fixed your issue 🙏

Answer 13 · 2020-10-15T13:15:59.000Z

Feel free to re-open if you still have any issues.