-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrun.sh
67 lines (49 loc) · 3.03 KB
/
run.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#!/bin/bash
# Enable Prisma debugging
export DEBUG="prisma*"
# Set Prisma CLI cache directory to a writable location
export PRISMA_CLI_CACHE_DIR="/tmp/.cache"
# Create the cache directory if it doesn't exist
mkdir -p $PRISMA_CLI_CACHE_DIR
# Debug statement to print the password being used
echo "Using password: $NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_PASSWORD"
# Export the client identity file
openssl pkcs12 -password pass:$NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_PASSWORD -export -out /tmp/client-identity.p12 -inkey $NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_SSLKEY -in $NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_SSLCERT
# Convert the client identity file to PEM format
openssl pkcs12 -in /tmp/client-identity.p12 -out /tmp/client-identity.pem -nodes -password pass:$NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_PASSWORD
# Check the contents of the PEM file
openssl x509 -in /tmp/client-identity.pem -text -noout
# Debug statement to print the SSL root certificate path
echo "SSL Root Certificate Path: $NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_SSLROOTCERT"
# Check the SSL connection to the database
openssl s_client -connect $NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_HOST:$NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_PORT -CAfile $NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_SSLROOTCERT
# Verify the certificates
openssl verify -CAfile $NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_SSLROOTCERT /tmp/client-identity.pem
VERIFY_EXIT_CODE=$?
if [ $VERIFY_EXIT_CODE -eq 0 ]; then
echo "Certificate verification successful."
else
echo "Certificate verification failed."
if [ $VERIFY_EXIT_CODE -eq 20 ]; then
echo "Error: unable to get local issuer certificate."
fi
fi
# Check if the root certificate file exists
if [ ! -f "$NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_SSLROOTCERT" ]; then
echo "Root certificate file not found at $NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_SSLROOTCERT" >> /tmp/run_error.log
fi
# Check if the client identity file exists
if [ ! -f "/tmp/client-identity.p12" ]; then
echo "Client identity file not found at /tmp/client-identity.p12" >> /tmp/run_error.log
fi
# Set the DATABASE_URL environment variable
export DATABASE_URL="postgresql://$NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_USERNAME:$NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_PASSWORD@$NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_HOST:$NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_PORT/umami-one?sslidentity=/tmp/client-identity.p12&sslpassword=$NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_PASSWORD&sslcert=$NAIS_DATABASE_REOPS_UMAMI_BETA_REOPS_UMAMI_BETA_SSLROOTCERT" || echo "Failed to set DATABASE_URL" >> /tmp/run_error.log
# Debug statement to print the DATABASE_URL
echo "DATABASE_URL: $DATABASE_URL"
if [ $PRISMA_EXIT_CODE -ne 0 ]; then
echo "Failed to connect to the database. See /tmp/prisma_output.log for details." >> /tmp/run_error.log
else
echo "Successfully pushed Prisma schema to the database." >> /tmp/prisma_output.log
fi
# Start the application
yarn start-docker