Skip to content

Make MySQL SSL mode configurable via env var #2036

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jeremy merged 1 commit into from
Dec 10, 2025
Merged

Make MySQL SSL mode configurable via env var #2036

jeremy merged 1 commit into from
Dec 10, 2025

Conversation

@hosmelq
Copy link
Contributor

@hosmelq hosmelq commented Dec 9, 2025

I encounter the following error when using MySQL, with ssl_mode set to REQUIRED, the error disappears. I'm unsure if REQUIRED is the best default setting.

bin/rails aborted!
ActiveRecord::ConnectionNotEstablished: trilogy_auth_recv: caching_sha2_password requires either TCP with TLS or a unix socket: TRILOGY_UNSUPPORTED (ActiveRecord::ConnectionNotEstablished)

@jeremy
Copy link
Member

jeremy commented Dec 9, 2025

Fixed by trilogy-libraries/trilogy#248. Good idea to use TLS internally though.

jeremy
jeremy reviewed Dec 9, 2025
View reviewed changes
@hosmelq hosmelq force-pushed the configurable-mysql-ssl-mode branch 2 times, most recently from a80b4d2 to f6a7ffc Compare December 10, 2025 18:52
@hosmelq hosmelq force-pushed the configurable-mysql-ssl-mode branch from f6a7ffc to 9e0724d Compare December 10, 2025 18:53
@hosmelq hosmelq requested a review from jeremy December 10, 2025 20:02
@jeremy jeremy merged commit df9a4b2 into basecamp:main Dec 10, 2025
4 checks passed
@hosmelq hosmelq deleted the configurable-mysql-ssl-mode branch December 10, 2025 21:29
jacobhrussell pushed a commit to jacobhrussell/fizzy that referenced this pull request Dec 11, 2025
@hosmelq @jacobhrussell
make MySQL SSL mode configurable via env var (basecamp#2036)
0be979c
@jacobhrussell jacobhrussell mentioned this pull request Dec 11, 2025
Closed
adjogima added a commit that referenced this pull request Dec 11, 2025
@adjogima
Merge branch 'main' into mobile-app/scoped-stylesheets
865fbdc 
* main: (117 commits)
  Explain that the upload URL is account-scope
  Allow direct uploads via API
  Storage: ignore jobs for now-deleted targets
  API: Support `created_at` for API card and comment creation (#2056)
  Enforce CSP (#2070)
  CSP: full config with env vars per source (#2069)
  Speedy, auditable, deadlock-resistant storage tracking (#2026)
  Gitleaks: ignore legit non-sensitive API keys and tokens in docs/ and test/ (#2068)
  Get gitleaks-audit green again
  Bump actions/checkout from 4 to 6 (#2047)
  Bump docker/login-action from 3.5.0 to 3.6.0 (#2046)
  Bump docker/metadata-action from 5.8.0 to 5.10.0 (#2045)
  Bump sigstore/cosign-installer from 3.9.2 to 4.0.0 (#2044)
  make MySQL SSL mode configurable via env var (#2036)
  Update tip text for turning a card into a Golden Ticket
  Revert "Fix Lexxy prompt list padding by lowering rich-text specificity"
  Fix Lexxy prompt list padding by lowering rich-text specificity
  Improve phrasing
  Fix crash due to missing partial
  Fix status and filter mistakes
  ...
adjogima added a commit that referenced this pull request Dec 11, 2025
@adjogima
Merge branch 'mobile-app/scoped-stylesheets' into mobile-app/scoped-s…
3dbf878 
…tylesheets+edits

* mobile-app/scoped-stylesheets: (117 commits)
  Explain that the upload URL is account-scope
  Allow direct uploads via API
  Storage: ignore jobs for now-deleted targets
  API: Support `created_at` for API card and comment creation (#2056)
  Enforce CSP (#2070)
  CSP: full config with env vars per source (#2069)
  Speedy, auditable, deadlock-resistant storage tracking (#2026)
  Gitleaks: ignore legit non-sensitive API keys and tokens in docs/ and test/ (#2068)
  Get gitleaks-audit green again
  Bump actions/checkout from 4 to 6 (#2047)
  Bump docker/login-action from 3.5.0 to 3.6.0 (#2046)
  Bump docker/metadata-action from 5.8.0 to 5.10.0 (#2045)
  Bump sigstore/cosign-installer from 3.9.2 to 4.0.0 (#2044)
  make MySQL SSL mode configurable via env var (#2036)
  Update tip text for turning a card into a Golden Ticket
  Revert "Fix Lexxy prompt list padding by lowering rich-text specificity"
  Fix Lexxy prompt list padding by lowering rich-text specificity
  Improve phrasing
  Fix crash due to missing partial
  Fix status and filter mistakes
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jeremy jeremy jeremy approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hosmelq @jeremy