feat: medusa cloud

[dwene]

Summary by CodeRabbit

• Chores
  • Added a new environment variable to control database SSL usage.
  • Updated configuration to use the new environment variable for managing database SSL settings.
  • Upgraded the Medusa product reviews package to version 1.1.0.

[coderabbitai]

Walkthrough

A new environment variable, DATABASE_SSL_DISABLED, was added to the Medusa application's .env.template file to allow control over SSL usage for database connections. The Medusa configuration file was updated to utilize this environment variable, replacing the previously hardcoded SSL option in the database configuration with a conditional setting. Additionally, the version of the @lambdacurry/medusa-product-reviews dependency was updated from 0.0.7 to 1.1.0 in the Medusa app's package.json. No changes were made to the signatures of exported or public entities.

Changes

Files/Paths	Change Summary
apps/medusa/.env.template	Added DATABASE_SSL_DISABLED=true to the environment variable template file.
apps/medusa/medusa-config.ts	Introduced usage of DATABASE_SSL_DISABLED environment variable; replaced fixed SSL setting with conditional SSL configuration.
apps/medusa/package.json	Updated dependency @lambdacurry/medusa-product-reviews version from 0.0.7 to 1.1.0.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant MedusaApp
    participant EnvFile
    participant Database

    User->>EnvFile: Sets DATABASE_SSL_DISABLED in .env
    MedusaApp->>EnvFile: Reads DATABASE_SSL_DISABLED
    MedusaApp->>Database: Configures connection (SSL enabled/disabled based on env var)

Loading

Possibly related PRs

• chore(medusa): update dependency #44: Updates the @lambdacurry/medusa-product-reviews dependency version, similar to this PR's update from 0.0.7 to 1.1.0.

Tip

⚡💬 Agentic Chat (Pro Plan, General Availability)

• We're introducing multi-step agentic chat in review comments and issue comments, within and outside of PR's. This feature enhances review and issue discussions with the CodeRabbit agentic chat by enabling advanced interactions, including the ability to create pull requests directly from comments and add commits to existing pull requests.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between dd1c4f1 and 2eb5071.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (1)

• apps/medusa/package.json (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• apps/medusa/package.json

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[medusajs]

Name	Deployment Status	Preview Link	Timestamp
Medusa Starter	✅ Ready	Preview	Mon, 21 Apr 2025 16:02:35 GMT

[coderabbitai]

Actionable comments posted: 1

🔭 Outside diff range comments (1)

apps/medusa/medusa-config.ts (1)

39-87: 💡 Verification agent

🧩 Analysis chain

Verify the usage of DATABASE_SSL_DISABLED variable.

While you've correctly defined the DATABASE_SSL_DISABLED variable, I don't see where it's actually used in the configuration to control SSL settings. There should be a configuration property in the database section that uses this variable.

---

🏁 Script executed:

#!/bin/bash
# Search for previous occurrences of SSL configuration
git show HEAD~1:apps/medusa/medusa-config.ts | grep -A 10 -B 10 "ssl:"

# Check if there are any other files that might use database configuration
find apps/medusa -type f -name "*.ts" -o -name "*.js" | xargs grep -l "databaseDriverOptions\|ssl:" | head -n 5

Length of output: 745

---

Use DATABASE_SSL_DISABLED to configure database SSL

The DATABASE_SSL_DISABLED variable is defined but not applied in your database settings. Please update apps/medusa/medusa-config.ts to include a databaseDriverOptions.ssl property under projectConfig, for example:

• File: apps/medusa/medusa-config.ts
Location: within the projectConfig object

Suggested diff:

 projectConfig: {
   databaseUrl: process.env.DATABASE_URL,
+  databaseDriverOptions: {
+    ssl: process.env.DATABASE_SSL_DISABLED !== 'true',
+  },
   redisUrl: REDIS_URL,
   redisPrefix: process.env.REDIS_PREFIX,
   http: {
     /* … */
   },
 },

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5163973 and 1c01045.

📒 Files selected for processing (2)

• apps/medusa/.env.template (1 hunks)
• apps/medusa/medusa-config.ts (1 hunks)

🔇 Additional comments (1)

apps/medusa/medusa-config.ts (1)

8-8: Good addition of environment variable parsing.

Using the environment variable to control SSL configuration provides flexibility across different environments.

[coderabbitai]

💡 Verification agent

❓ Verification inconclusive

Carefully consider this default for production environments.

Adding the DATABASE_SSL_DISABLED=true variable is a good way to make SSL configuration explicit and customizable. However, setting the default to disable SSL in the template file could lead to insecure configurations if this template is used as a starting point for production environments.

Consider either:

1. Setting the default to false to prioritize security in production
2. Adding a comment that clearly indicates this setting should be changed for production environments

---

🏁 Script executed:

#!/bin/bash
# Check if there are any security guidelines or documentation about database connections
find . -type f -name "*.md" | xargs grep -l "database security\|SSL connection\|production configuration" | head -n 5

Length of output: 119

---

Enforce SSL by default for production
Disabling SSL by default in your template risks insecure DB connections if this file is copied into prod. Please update apps/medusa/.env.template at line 17:

• File: apps/medusa/.env.template
• Line: 17

Suggested change (pick one):

- DATABASE_SSL_DISABLED=true
+ # For production, leave SSL enabled. Set this to `true` only in local/dev.
+ DATABASE_SSL_DISABLED=false

Or, if you prefer to keep the default as true for dev, add a clear comment above it:

+ # ⚠️ In production ensure this is set to `false` to enforce SSL
  DATABASE_SSL_DISABLED=true

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	DATABASE_SSL_DISABLED=true
	# For production, leave SSL enabled. Set this to `true` only in local/dev.
	DATABASE_SSL_DISABLED=false