From 9e675fc970e123cfbdfdbf2656fcb9fccf22fa84 Mon Sep 17 00:00:00 2001
From: Mohamed Mohamed <therealmohamedmohamed@gmail.com>
Date: Mon, 24 Jun 2024 21:19:02 -0400
Subject: [PATCH] GROUP-105 Add AWS RDS certificate file to container

---
 .github/workflows/commit-stage.yml | 2 ++
 Dockerfile                         | 5 +++++
 build.gradle                       | 3 ---
 3 files changed, 7 insertions(+), 3 deletions(-)
 create mode 100644 Dockerfile

diff --git a/.github/workflows/commit-stage.yml b/.github/workflows/commit-stage.yml
index 017ee76..f082bb7 100644
--- a/.github/workflows/commit-stage.yml
+++ b/.github/workflows/commit-stage.yml
@@ -95,6 +95,8 @@ jobs:
           chmod +x gradlew
           ./gradlew bootBuildImage \
           --imageName ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }}
+      - name: Add Amazon RDS Root Certificate (us-east-1)
+        run: docker build -t ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }} .
       - name: OCI image vulnerability scanning
         uses: anchore/scan-action@v3
         id: scan
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..1e059b2
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,5 @@
+FROM ghcr.io/grouphq/group-service
+
+ARG cert=https://truststore.pki.rds.amazonaws.com/us-east-1/us-east-1-bundle.pem
+
+ADD $cert /home/cnb/.postgresql/root.crt
\ No newline at end of file
diff --git a/build.gradle b/build.gradle
index 30e02dc..d9a329e 100644
--- a/build.gradle
+++ b/build.gradle
@@ -58,9 +58,6 @@ repositories {
 
 bootBuildImage {
     imageName = "${project.name}"
-    bindings = [
-            "${projectDir}/.postgresql:/home/cnb/.postgresql:ro".toString()
-    ]
     environment = ["BP_JVM_VERSION" : "17.*"]
 }