Spaces:
Running
Running
Commit
·
5fe33c9
1
Parent(s):
18b3eb0
Deploy Signal Generator app
Browse files- .env.example +0 -10
- src/db/local_database.py +41 -12
.env.example
DELETED
|
@@ -1,10 +0,0 @@
|
|
| 1 |
-
# API Security
|
| 2 |
-
API_SECRET=change_this_to_a_secure_random_string
|
| 3 |
-
|
| 4 |
-
# Database Configuration (TiDB / MySQL)
|
| 5 |
-
DB_HOST=gateway01.us-west-2.prod.aws.tidbcloud.com
|
| 6 |
-
DB_PORT=4000
|
| 7 |
-
DB_USERNAME=your_username
|
| 8 |
-
DB_PASSWORD=your_password
|
| 9 |
-
DB_DATABASE=gotti
|
| 10 |
-
DB_SSL_CA=src/db/isrgrootx1.pem
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
src/db/local_database.py
CHANGED
|
@@ -115,20 +115,49 @@ class LocalDatabase:
|
|
| 115 |
# SSL Configuration for TiDB
|
| 116 |
ssl_ca = os.getenv('DB_SSL_CA')
|
| 117 |
if ssl_ca:
|
| 118 |
-
#
|
| 119 |
-
if
|
| 120 |
-
|
| 121 |
-
|
| 122 |
-
|
| 123 |
-
|
| 124 |
-
|
| 125 |
-
|
| 126 |
-
|
| 127 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 128 |
self.mysql_config['ssl_verify_cert'] = True
|
| 129 |
self.mysql_config['ssl_verify_identity'] = True
|
| 130 |
-
|
| 131 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 132 |
|
| 133 |
self.compress = compress
|
| 134 |
|
|
|
|
| 115 |
# SSL Configuration for TiDB
|
| 116 |
ssl_ca = os.getenv('DB_SSL_CA')
|
| 117 |
if ssl_ca:
|
| 118 |
+
# Handle if the content itself is passed (begins with ---)
|
| 119 |
+
if "-----BEGIN CERTIFICATE-----" in ssl_ca:
|
| 120 |
+
try:
|
| 121 |
+
import tempfile
|
| 122 |
+
# Create a temporary file for the certificate
|
| 123 |
+
# We use a fixed location in /tmp relative to workdir if possible or tempfile
|
| 124 |
+
# But tempfile is safer. We need it to persist for the process life.
|
| 125 |
+
# Be careful about file cleanup, but for a container it's fine.
|
| 126 |
+
|
| 127 |
+
# Create a persistent temp file (won't be deleted automatically on close)
|
| 128 |
+
# We'll save it to a known location for debugging: /tmp/tidb_ca.pem
|
| 129 |
+
tmp_ca_path = Path("/tmp/tidb_ca.pem")
|
| 130 |
+
|
| 131 |
+
# If on Windows (local dev), assume execution in app dir
|
| 132 |
+
if os.name == 'nt':
|
| 133 |
+
tmp_ca_path = Path("tidb_ca.pem")
|
| 134 |
+
|
| 135 |
+
with open(tmp_ca_path, "w", encoding='utf-8') as f:
|
| 136 |
+
f.write(ssl_ca)
|
| 137 |
+
|
| 138 |
+
self.mysql_config['ssl_ca'] = str(tmp_ca_path)
|
| 139 |
self.mysql_config['ssl_verify_cert'] = True
|
| 140 |
self.mysql_config['ssl_verify_identity'] = True
|
| 141 |
+
print(f"🔒 Using provided SSL Certificate content (saved to {tmp_ca_path})")
|
| 142 |
+
except Exception as e:
|
| 143 |
+
print(f"⚠️ Failed to write SSL CA content: {e}")
|
| 144 |
+
else:
|
| 145 |
+
# Resolve relative path if needed (existing logic)
|
| 146 |
+
if not os.path.isabs(ssl_ca):
|
| 147 |
+
project_root = Path(__file__).parent.parent.parent
|
| 148 |
+
ssl_ca_path = project_root / ssl_ca
|
| 149 |
+
|
| 150 |
+
if ssl_ca_path.exists():
|
| 151 |
+
self.mysql_config['ssl_ca'] = str(ssl_ca_path)
|
| 152 |
+
self.mysql_config['ssl_verify_cert'] = True
|
| 153 |
+
self.mysql_config['ssl_verify_identity'] = True
|
| 154 |
+
print(f"🔒 Using SSL Certificate from file: {ssl_ca_path}")
|
| 155 |
+
else:
|
| 156 |
+
print(f"⚠️ SSL CA file not found at {ssl_ca_path}")
|
| 157 |
+
elif os.path.exists(ssl_ca):
|
| 158 |
+
self.mysql_config['ssl_ca'] = ssl_ca
|
| 159 |
+
self.mysql_config['ssl_verify_cert'] = True
|
| 160 |
+
self.mysql_config['ssl_verify_identity'] = True
|
| 161 |
|
| 162 |
self.compress = compress
|
| 163 |
|