LCORE-622: ssl_mode in PostgreSQL configuration should contain just limited set of values

[tisnik]

Description

LCORE-622: ssl_mode in PostgreSQL configuration should contain just limited set of values

Type of change

• Refactor
• New feature
• Bug fix
• CVE fix
• Optimization
• Documentation Update
• Configuration Update
• Bump-up service version
• Bump-up dependent library
• Bump-up library or tool used for development (does not change the final image)
• CI configuration change
• Konflux configuration change
• Unit tests improvement
• Integration tests improvement
• End to end tests improvement
• Benchmarks improvement

Tools used to create PR

• Assisted-by: N/A
• Generated by: N/A

Related Tickets & Documents

• Related Issue #LCORE-622

Summary by CodeRabbit

• Refactor
  • Improved type safety for PostgreSQL SSL mode configuration with stricter validation constraints.

[coderabbitai]

Warning

Rate limit exceeded

@tisnik has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 50 minutes and 56 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 5afd4e74-00a1-46c2-a22c-a3d5ed7dc67d

📥 Commits

Reviewing files that changed from the base of the PR and between 5f8678f and ad1f431.

📒 Files selected for processing (4)

• docs/openapi.json
• src/constants.py
• src/models/config.py
• tests/unit/models/config/test_postgresql_database_configuration.py

Walkthrough

The PR tightens type safety around PostgreSQL SSL mode configuration by introducing a Literal union of valid modes. The POSTGRES_DEFAULT_SSL_MODE constant is narrowed from Final[str] to Final[Literal["prefer"]], and the PostgreSQLDatabaseConfiguration.ssl_mode field is constrained to accept only valid PostgreSQL SSL modes while using the updated constant as its default.

Changes

PostgreSQL SSL Mode Type Safety

Layer / File(s)	Summary
PostgreSQL SSL mode literal type definition src/constants.py	Literal import is added and POSTGRES_DEFAULT_SSL_MODE is type-narrowed from Final[str] to Final[Literal["prefer"]] to establish the type-safe constant.
Database configuration field type constraint src/models/config.py	PostgreSQLDatabaseConfiguration.ssl_mode field is constrained to a Literal union of valid PostgreSQL SSL modes and updated to use default=constants.POSTGRES_DEFAULT_SSL_MODE.

---

🎯 2 (Simple) | ⏱️ ~8 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: restricting PostgreSQL ssl_mode to a limited set of values, which matches the implementation across constants.py and config.py.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

✨ Simplify code

• Create PR with simplified code

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}