How can I run PostgreSQL in CircleCI with SSL/TLS?

Question

In CircleCI, I would like to run tests that access a PostgreSQL database, but I would like to connect to it using SSL/TLS (with a self-signed certificate).

Ideally, it would use a default CircleCI PostgreSQL image, run using the Docker executor, and not need any volumes setup or need to copy anything into the container.

How can I do this?

Answer 1

You can have the following in your .circleci/config.yml file. It overrides the entrypoint to start bash, and then in bash it generates a self-signed certificate and private key, before running the original entrypoint.

version: 2
jobs:
  build:
    docker:
      - image: python:3.8.7
      - image: circleci/postgres:13.0
        environment:
          POSTGRES_PASSWORD: password
        entrypoint: bash
        command: >
          -c '
            openssl req -nodes -new -x509 -subj "/CN=localhost" -keyout server.key -out server.crt &&
            chown postgres server.key &&
            chmod 600 /server.key &&
            exec /docker-entrypoint.sh -c ssl=on -c ssl_cert_file=/server.crt -c ssl_key_file=/server.key
          '

The first image: is the one where the tests run, in this case it's a Python image, but should be able to replaced by the image of your choice