Discussion: Ready for Use

[wellwelwel]

Hey @sidorares and @dougwilson 🙋🏻‍♂️

Current Status

From that point on, any change would be a new idea, so this is where I stop. The aim is to close this issue after the first version has been published on npmjs.

The current state can be seen as a dismemberment of this responsibility.

---

Discussion

My thought would be to unify the old and new certificates by default, to ensure that current users can continue using the 'Amazon RDS' option without errors for both mysqljs and node-mysql2. Then separate the certificates by period, so new users can use only the certificates they're interested in.

In practice:

• The default import would bring in all the certificates (preventing major changes).
• We would update the documentation for the new usage based on this dependency.
• Next years, when there is a new update from AWS, it will be much easier to include the new certificates.

Topics from #5 (comment):

• [...] I think the intention was to add later more profiles from other known services.
  • Apart the dependency name, there is no reason to restrict a certificate set from other instances apart from AWS.
• Are the any other AWS services that have different cert bundle?
  • Initially, probably the AWS GovCloud.
• Are there any other popular services that might benefit from a npm packaged cert distribution?
  • Maybe node-postgres and any Node.js driver for SQL compatible with RDS instances.

An example of how to use this dependency with other SQL drivers for Node.js:

const awsCaBundle = require('aws-ssl-profiles');

const ca = awsCaBundle.ca.join('');

---

Tests

• Each certificate is parsed and checked for signatures.
• Ensure that the array is correctly sized according to the number of certificates.

These tests ensure that the certificates aren't corrupted individually or that the array isn't properly populated.

---

Notes

Although the current certificates are based on the latest MySQL2 update, this dependency intended to work with both mysqljs and node-mysql2.

As a dependency that can be installed directly with mysqljs and node-mysql2, including other drivers, I opted to bring in all the common documents from the open-source community.

[sidorares]

@wellwelwel do you want to continue with publishing? I'm not sure what are the optimal steps here, possible option:

• you push first version from your local computer with your npm credentials
• optionally: add myself and Doug to the list of npm owners
• configure release-please secret in this repo with your token

[wellwelwel]

Thank you for your trust 💙

Can I generate a NPM_TOKEN exclusive for this repository and send it to you?

---

These are the available settings:

[sidorares]

Can I generate a NPM_TOKEN exclusive for this repository and send it to you?

I'm not sure, previously I'd use npm to generate the token, and it was scoped per account or package, yo can probably do the same ( token scoped to https://www.npmjs.com/package/aws-ssl-profiles package ) and add it to this repo as NPM_TOKEN secret. Probably no need to share it with me, I prefer release-please to publish changes for me but maybe add me as a co-owner to npm as a backup

[wellwelwel]

@sidorares, sorry, I meant that I don't have the privileges to include secrets to this repository. The sharing reason would be for you to include the token as a secret, so we could reactivate the release-please 🙋🏻‍♂️

Also, the package is published on npm and I invited you and @dougwilson.

[sidorares]

@wellwelwel try again, I think I accidentally made you a maintainer, now you are an admin