Skip to content

feat: use ssl config for mysql connections, update build process DMD-1605 #293

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
abest-tz merged 3 commits into from
Feb 6, 2026
Merged

feat: use ssl config for mysql connections, update build process DMD-1605 #293

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
832e5fb
feat: use ssl config for mysql connections, update build process
abest-tz Feb 6, 2026
33aec3d
fix: tests, missing coverage
abest-tz Feb 6, 2026
5376532
style: format code with Prettier
deepsource-autofix[bot] Feb 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 22 additions & 17 deletions .github/workflows/publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,30 +9,35 @@ jobs:
build-and-test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 16
cache: 'yarn'
- run: yarn install --frozen-lockfile
node-version: 22
- name: Enable corepack
run: corepack enable
- run: yarn install --immutable
- run: yarn test

npm-publish:
needs: build-and-test
needs: build-and-publish
runs-on: ubuntu-latest
Comment on lines 21 to 23

@coderabbitai coderabbitai Bot Feb 6, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Fix job dependency: build-and-publish doesn’t exist.

This will fail the workflow; npm-publish should depend on build-and-test.

✅ Suggested fix 
-    npm-publish:
-        needs: build-and-publish
+    npm-publish:
+        needs: build-and-test
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
npm-publish:
needs: build-and-test
needs: build-and-publish
runs-on: ubuntu-latest
npm-publish:
needs: build-and-test
runs-on: ubuntu-latest
🧰 Tools
🪛 actionlint (1.7.10)

[error] 21-21: job "npm-publish" needs job "build-and-publish" which does not exist in this workflow

(job-needs)

🤖 Prompt for AI Agents 
In @.github/workflows/publish.yml around lines 21 - 23, The workflow's
npm-publish job declares a non-existent dependency "build-and-publish"; update
the npm-publish job's needs field so it depends on the actual job name
"build-and-test" (i.e., change needs: build-and-publish to needs:
build-and-test) to ensure the correct job ordering for the npm-publish job.

permissions:
contents: write
issues: write
pull-requests: write
id-token: write # to enable use of OIDC for trusted publishing and npm provenance
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
- uses: actions/checkout@v4
with:
node-version: 16
cache: 'yarn'
- run: yarn install --frozen-lockfile
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version: 22
- name: Enable corepack
run: corepack enable
- run: yarn install --immutable
- run: yarn build
- name: 'Semantic Release'
run: npx semantic-release
- name: Semantic Release
run: npx semantic-release --branches master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NODE_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}
HUSKY: 0
CI: true
7 changes: 4 additions & 3 deletions .github/workflows/pull_request.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,8 @@ jobs:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 16
cache: 'yarn'
- run: yarn install --frozen-lockfile
node-version: 22
- name: Enable corepack
run: corepack enable
- run: yarn install --immutable
- run: yarn test
3 changes: 2 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
lib
node_modules
coverage
.idea
.idea
.yarn
1 change: 1 addition & 0 deletions .yarnrc.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
nodeLinker: node-modules
22 changes: 18 additions & 4 deletions __tests__/execute-query.spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,9 +26,23 @@ describe('serverless mysql utility', () => {
// when
await executeQuery('', dbConfig);

// then
// then - implementation adds ssl: {} when undefined so mysql uses secure connection (required for caching_sha2_password)
expect(getPool).toHaveBeenCalledTimes(1);
expect(getPool).toHaveBeenCalledWith(dbConfig);
expect(getPool).toHaveBeenCalledWith(expect.objectContaining({ ...dbConfig, ssl: {} }));
});

it('should pass through ssl config when provided', async () => {
const dbConfig = {
database: chance.word(),
host: chance.word(),
password: chance.word(),
user: chance.word(),
ssl: { ca: chance.string() },
};
Comment on lines +35 to +41

@coderabbitai coderabbitai Bot Feb 6, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Fix key order to satisfy sort-keys lint.

The linter expects ssl before user in this object.

🔧 Suggested reorder 
-            user: chance.word(),
-            ssl: { ca: chance.string() },
+            ssl: { ca: chance.string() },
+            user: chance.word(),
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
const dbConfig = {
database: chance.word(),
host: chance.word(),
password: chance.word(),
user: chance.word(),
ssl: { ca: chance.string() },
};
const dbConfig = {
database: chance.word(),
host: chance.word(),
password: chance.word(),
ssl: { ca: chance.string() },
user: chance.word(),
};
🧰 Tools
🪛 ESLint

[error] 40-40: Expected object keys to be in ascending order. 'ssl' should be before 'user'.

(sort-keys)

🤖 Prompt for AI Agents 
In `@__tests__/execute-query.spec.js` around lines 35 - 41, The object literal
assigned to dbConfig has its keys in the wrong order for the sort-keys rule;
reorder the properties in the dbConfig object so that ssl appears before user
(i.e., database, host, password, ssl, user) to satisfy the linter failing in the
test file where dbConfig is defined.


await executeQuery('', dbConfig);

expect(getPool).toHaveBeenCalledWith(expect.objectContaining({ ssl: dbConfig.ssl }));
});

it('should successfully query mysql on the first try', async () => {
Expand Down Expand Up @@ -84,9 +98,9 @@ describe('serverless mysql utility', () => {
// when
await executeQueryWithParams('', [], dbConfig);

// then
// then - implementation adds ssl: {} when undefined so mysql uses secure connection (required for caching_sha2_password)
expect(getPool).toHaveBeenCalledTimes(1);
expect(getPool).toHaveBeenCalledWith(dbConfig);
expect(getPool).toHaveBeenCalledWith(expect.objectContaining({ ...dbConfig, ssl: {} }));
});

it('should successfully query mysql on the first try', async () => {
Expand Down
18 changes: 16 additions & 2 deletions __tests__/execute-transaction.spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,23 @@ describe('execute Transaction', () => {
// when
await executeTransaction(queries, dbConfig);

// then
// then - implementation adds ssl: {} when undefined so mysql uses secure connection (required for caching_sha2_password)
expect(getPool).toHaveBeenCalledTimes(1);
expect(getPool).toHaveBeenCalledWith(dbConfig);
expect(getPool).toHaveBeenCalledWith({ ...dbConfig, ssl: {} });
});

it('should pass through ssl config when provided', async () => {
const dbConfig = {
database: chance.word(),
host: chance.word(),
password: chance.word(),
user: chance.word(),
ssl: { ca: chance.string() },
};
Comment on lines +42 to +49

@coderabbitai coderabbitai Bot Feb 6, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Fix key order to satisfy sort-keys lint.

ESLint’s sort-keys rule expects ssl before user here.

🔧 Suggested reorder 
-            user: chance.word(),
-            ssl: { ca: chance.string() },
+            ssl: { ca: chance.string() },
+            user: chance.word(),
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
it('should pass through ssl config when provided', async () => {
const dbConfig = {
database: chance.word(),
host: chance.word(),
password: chance.word(),
user: chance.word(),
ssl: { ca: chance.string() },
};
it('should pass through ssl config when provided', async () => {
const dbConfig = {
database: chance.word(),
host: chance.word(),
password: chance.word(),
ssl: { ca: chance.string() },
user: chance.word(),
};
🧰 Tools
🪛 ESLint

[error] 48-48: Expected object keys to be in ascending order. 'ssl' should be before 'user'.

(sort-keys)

🤖 Prompt for AI Agents 
In `@__tests__/execute-transaction.spec.js` around lines 42 - 49, The object
literal assigned to dbConfig in the test violates sort-keys; reorder its
properties so "ssl" appears before "user" (e.g., database, host, password, ssl,
user) to satisfy the ESLint sort-keys rule in the test case that checks SSL
passthrough.


await executeTransaction([], dbConfig);

expect(getPool).toHaveBeenCalledWith(expect.objectContaining({ ssl: dbConfig.ssl }));
});

it('should successfully query mysql on the first try', async () => {
Expand Down
28 changes: 28 additions & 0 deletions __tests__/stream-query.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,4 +35,32 @@ describe('A Stream Query Function', () => {
// then
expect(result).toBeDefined();
});

it('should pass through ssl when provided in dbConfig', async () => {
// given: dbConfig with ssl defined so the ssl branch on line 18 is covered
const query = chance.string();
const sslConfig = { rejectUnauthorized: true };
const dbConfig = { ssl: sslConfig };

(createPool as jest.Mock).mockReturnValue({
pool: {
query: jest.fn().mockReturnValue({
stream: jest.fn().mockReturnValue({
once: jest.fn().mockImplementation((event, callback) => {
if (event === 'fields') {
callback();
}
}),
removeListener: jest.fn(),
}),
}),
},
});

// when
await streamQuery(query, dbConfig);

// then: createPool was called with ssl from dbConfig (not default {})
expect(createPool).toHaveBeenCalledWith(expect.objectContaining({ ssl: sslConfig }));
});
});
10 changes: 4 additions & 6 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
"author": "@TractorZoom",
"license": "MIT",
"scripts": {
"build": "rimraf lib && tsc --project tsconfig.build.json && cp package.json lib",
"build": "npx rimraf lib && tsc --project tsconfig.build.json && cp package.json lib",
"commit": "git-cz",
"test": "jest",
"prettier:all": "prettier --write './**/*.*'",
Expand All @@ -19,9 +19,6 @@
"@babel/preset-env": "7.20.2",
"@commitlint/cli": "17.4.2",
"@commitlint/config-conventional": "17.4.2",
"@semantic-release/changelog": "6.0.2",
"@semantic-release/git": "10.0.1",
"@semantic-release/release-notes-generator": "10.0.3",
"@types/jest": "29.5.3",
"@types/node": "16.18.11",
"@typescript-eslint/eslint-plugin": "5.48.2",
Expand All @@ -40,7 +37,7 @@
"jest": "29.3.1",
"prettier": "2.8.3",
"pretty-quick": "3.1.3",
"semantic-release": "19.0.5",
"semantic-release": "^25.0.3",
"ts-jest": "29.0.3",
"typescript": "4.9.4",
"uuid": "9.0.0"
Expand All @@ -67,5 +64,6 @@
"serverless-mysql",
"sql"
],
"types": "index.d.ts"
"types": "index.d.ts",
"packageManager": "yarn@4.12.0+sha512.f45ab632439a67f8bc759bf32ead036a1f413287b9042726b7cc4818b7b49e14e9423ba49b18f9e06ea4941c1ad062385b1d8760a8d5091a1a31e5f6219afca8"
}
10 changes: 1 addition & 9 deletions release.config.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,24 +28,16 @@ module.exports = {
[
'@semantic-release/release-notes-generator',
{
preset: 'angular',
parserOpts: {
noteKeywords: ['breaking', 'chore'],
},
preset: 'angular',
writerOpts: {
commitsSort: ['subject', 'scope'],
},
},
],
'@semantic-release/changelog',
'@semantic-release/github',
'@semantic-release/npm',
[
'@semantic-release/git',
{
assets: ['package.json'],
message: 'chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}',
},
],
],
};
1 change: 1 addition & 0 deletions src/execute-query.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ async function wrap<T extends RowData[] | QueryInfo>(
host: dbConfig.host,
password: dbConfig.password,
user: dbConfig.user,
ssl: dbConfig.ssl !== undefined ? dbConfig.ssl : {},

@coderabbitai coderabbitai Bot Feb 6, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

# First, let's find test files and check getPool mocks
rg -n -A 10 'getPool' --glob '*spec*' --glob '*test*'

Repository: TractorZoom/serverless-mysql-utils

Length of output: 8850

🏁 Script executed:

# Also check the execute-query.ts file to see how getPool is used
cat -n src/execute-query.ts | head -40

Repository: TractorZoom/serverless-mysql-utils

Length of output: 1504

🏁 Script executed:

# Find all test files to understand the structure
fd -e spec.ts -e test.ts

Repository: TractorZoom/serverless-mysql-utils

Length of output: 108

🏁 Script executed:

# Let's see the full execute-query.spec.js file, especially the beforeEach and how mockPool is configured
cat -n __tests__/execute-query.spec.js | head -70

Repository: TractorZoom/serverless-mysql-utils

Length of output: 2933

🏁 Script executed:

# Also check if there are methods added to mockPool later in the file
cat -n __tests__/execute-query.spec.js | sed -n '48,90p'

Repository: TractorZoom/serverless-mysql-utils

Length of output: 1855

🏁 Script executed:

# Let's check the executeQueryWithParams test section to see if execute method is mocked
cat -n __tests__/execute-query.spec.js | sed -n '88,150p'

Repository: TractorZoom/serverless-mysql-utils

Length of output: 2769

🏁 Script executed:

# Also look for any setup or teardown that might be relevant
cat -n __tests__/execute-query.spec.js | tail -100

Repository: TractorZoom/serverless-mysql-utils

Length of output: 4297

Add pool method mocks to the test beforeEach setup.

The test file initializes mockPool as an empty object and doesn't set up query and execute methods in beforeEach. Tests that call executeQuery or executeQueryWithParams without first setting up these methods (e.g., lines 17-32 and 89-104 in __tests__/execute-query.spec.js) will fail with "pool.query is not a function" or "pool.execute is not a function". Update beforeEach to include default mocks for these methods:

beforeEach(() => {
    mockPool = {
        query: jest.fn().mockResolvedValue([[], null]),
        execute: jest.fn().mockResolvedValue([[], null]),
    };
    getPool.mockResolvedValue(mockPool);
});

This ensures all tests have functional pool methods available, and individual tests can override them as needed.

🧰 Tools
🪛 ESLint

[error] 18-18: Expected object keys to be in ascending order. 'ssl' should be before 'user'.

(sort-keys)

🤖 Prompt for AI Agents 
In `@src/execute-query.ts` at line 18, Update the test setup in beforeEach to
initialize mockPool with default jest.fn() implementations for query and execute
so tests calling executeQuery or executeQueryWithParams don't hit "pool.query is
not a function" / "pool.execute is not a function"; specifically set mockPool =
{ query: jest.fn().mockResolvedValue([[], null]), execute:
jest.fn().mockResolvedValue([[], null]) } and keep
getPool.mockResolvedValue(mockPool) so individual tests can still override these
mocks as needed.

});

let data: T;
Expand Down
1 change: 1 addition & 0 deletions src/execute-transaction.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ export async function executeTransaction(queries: string[], dbConfig: Connection
host: dbConfig.host,
password: dbConfig.password,
user: dbConfig.user,
ssl: dbConfig.ssl !== undefined ? dbConfig.ssl : {},
});

conn = await pool.getConnection();
Expand Down
1 change: 1 addition & 0 deletions src/stream-query.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ export const streamQuery = (
host: dbConfig.host,
password: dbConfig.password,
user: dbConfig.user,
ssl: dbConfig.ssl !== undefined ? dbConfig.ssl : {},
});

const queryStream = pool.pool.query(query).stream(streamOptions);
Expand Down
Loading
Loading