From bf78c36b3047ad8e90edeaac9b10aa44c0e8cb65 Mon Sep 17 00:00:00 2001
From: Kenny Krug <kenny.krug@gsa.gov>
Date: Tue, 4 Feb 2025 09:05:57 -0500
Subject: [PATCH 1/6] Database Engine Version Upgrade #1486 ssl new options

---
 config/prod.exs | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/config/prod.exs b/config/prod.exs
index 5ab7c166f..1e8ab4adc 100644
--- a/config/prod.exs
+++ b/config/prod.exs
@@ -19,11 +19,18 @@ config :challenge_gov, Web.Endpoint,
 config :challenge_gov, ChallengeGov.Repo,
   url: System.get_env("DATABASE_URL"),
   ssl: true,
-  ssl_opts: [
+  ssl_opts = [
     cacertfile: "priv/certs/us-gov-west-1-bundle.pem",
-    verify: :verify_none,
-    versions: [:"tlsv1.2", :"tlsv1.3"]
+    server_name_indication: "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com",
+    verify: :verify_peer,
+    # using erlang library ssl_verify_fun for ssl verification
+    verify_fun: {&:ssl_verify_hostname.verify_fun/3, [check_hostname: "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com"]}
   ],
+  # ssl_opts: [
+  #   cacertfile: "priv/certs/us-gov-west-1-bundle.pem",
+  #   verify: :verify_none,
+  #   versions: [:"tlsv1.2", :"tlsv1.3"]
+  # ],
   pool_size: String.to_integer(System.get_env("POOL_SIZE") || "15"),
   loggers: [{LoggerJSON.Ecto, :log, [:info]}]
 

From 7345c1269e56934dc4f9274476004b6a5c2a9d29 Mon Sep 17 00:00:00 2001
From: Kenny Krug <kenny.krug@gsa.gov>
Date: Tue, 4 Feb 2025 09:11:08 -0500
Subject: [PATCH 2/6] Database Engine Version Upgrade #1486 lint fix

---
 config/prod.exs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/prod.exs b/config/prod.exs
index 1e8ab4adc..28f8fd165 100644
--- a/config/prod.exs
+++ b/config/prod.exs
@@ -19,7 +19,7 @@ config :challenge_gov, Web.Endpoint,
 config :challenge_gov, ChallengeGov.Repo,
   url: System.get_env("DATABASE_URL"),
   ssl: true,
-  ssl_opts = [
+  ssl_opts: [
     cacertfile: "priv/certs/us-gov-west-1-bundle.pem",
     server_name_indication: "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com",
     verify: :verify_peer,

From 12903f909edc05890ba6e888596f8b44cb0cc41f Mon Sep 17 00:00:00 2001
From: Kenny Krug <kenny.krug@gsa.gov>
Date: Tue, 4 Feb 2025 09:22:39 -0500
Subject: [PATCH 3/6] Database Engine Version Upgrade #1486 lint fix

---
 config/prod.exs | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/config/prod.exs b/config/prod.exs
index 28f8fd165..da680871d 100644
--- a/config/prod.exs
+++ b/config/prod.exs
@@ -23,14 +23,8 @@ config :challenge_gov, ChallengeGov.Repo,
     cacertfile: "priv/certs/us-gov-west-1-bundle.pem",
     server_name_indication: "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com",
     verify: :verify_peer,
-    # using erlang library ssl_verify_fun for ssl verification
     verify_fun: {&:ssl_verify_hostname.verify_fun/3, [check_hostname: "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com"]}
   ],
-  # ssl_opts: [
-  #   cacertfile: "priv/certs/us-gov-west-1-bundle.pem",
-  #   verify: :verify_none,
-  #   versions: [:"tlsv1.2", :"tlsv1.3"]
-  # ],
   pool_size: String.to_integer(System.get_env("POOL_SIZE") || "15"),
   loggers: [{LoggerJSON.Ecto, :log, [:info]}]
 

From 92ba76cbab899e1a86cee1bce169b9b3f7f4050c Mon Sep 17 00:00:00 2001
From: Kenny Krug <kenny.krug@gsa.gov>
Date: Tue, 4 Feb 2025 09:26:17 -0500
Subject: [PATCH 4/6] Database Engine Version Upgrade #1486 lint fix

---
 config/prod.exs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/config/prod.exs b/config/prod.exs
index da680871d..f0aca3c33 100644
--- a/config/prod.exs
+++ b/config/prod.exs
@@ -23,7 +23,9 @@ config :challenge_gov, ChallengeGov.Repo,
     cacertfile: "priv/certs/us-gov-west-1-bundle.pem",
     server_name_indication: "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com",
     verify: :verify_peer,
-    verify_fun: {&:ssl_verify_hostname.verify_fun/3, [check_hostname: "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com"]}
+    verify_fun: {&:ssl_verify_hostname.verify_fun/3, [
+      check_hostname: "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com"
+    ]}
   ],
   pool_size: String.to_integer(System.get_env("POOL_SIZE") || "15"),
   loggers: [{LoggerJSON.Ecto, :log, [:info]}]

From f1297e96f90cd948b85d6e32284f10c26a4db525 Mon Sep 17 00:00:00 2001
From: Kenny Krug <kenny.krug@gsa.gov>
Date: Tue, 4 Feb 2025 09:37:46 -0500
Subject: [PATCH 5/6] Database Engine Version Upgrade #1486 lint fix

---
 config/prod.exs | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/config/prod.exs b/config/prod.exs
index f0aca3c33..7ba3354bd 100644
--- a/config/prod.exs
+++ b/config/prod.exs
@@ -21,11 +21,15 @@ config :challenge_gov, ChallengeGov.Repo,
   ssl: true,
   ssl_opts: [
     cacertfile: "priv/certs/us-gov-west-1-bundle.pem",
-    server_name_indication: "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com",
+    server_name_indication:
+      "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com",
     verify: :verify_peer,
-    verify_fun: {&:ssl_verify_hostname.verify_fun/3, [
-      check_hostname: "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com"
-    ]}
+    verify_fun:
+      {&:ssl_verify_hostname.verify_fun/3,
+        [
+          check_hostname:
+            "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com"
+        ]}
   ],
   pool_size: String.to_integer(System.get_env("POOL_SIZE") || "15"),
   loggers: [{LoggerJSON.Ecto, :log, [:info]}]

From 47872fcfca191e06f289eef8a1f6236e5d975481 Mon Sep 17 00:00:00 2001
From: Kenny Krug <kenny.krug@gsa.gov>
Date: Tue, 4 Feb 2025 09:43:58 -0500
Subject: [PATCH 6/6] Database Engine Version Upgrade #1486 running out of
 things to try

---
 config/prod.exs | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/config/prod.exs b/config/prod.exs
index 7ba3354bd..ac597950f 100644
--- a/config/prod.exs
+++ b/config/prod.exs
@@ -21,15 +21,7 @@ config :challenge_gov, ChallengeGov.Repo,
   ssl: true,
   ssl_opts: [
     cacertfile: "priv/certs/us-gov-west-1-bundle.pem",
-    server_name_indication:
-      "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com",
-    verify: :verify_peer,
-    verify_fun:
-      {&:ssl_verify_hostname.verify_fun/3,
-        [
-          check_hostname:
-            "cg-aws-broker-prodo0g0lv1irkwn9f3.ci7nkegdizyy.us-gov-west-1.rds.amazonaws.com"
-        ]}
+    verify: :verify_peer
   ],
   pool_size: String.to_integer(System.get_env("POOL_SIZE") || "15"),
   loggers: [{LoggerJSON.Ecto, :log, [:info]}]