add ssl connection

configuration/Cargo.toml

@@ -22,7 +22,8 @@ opentelemetry-jaeger = { version = "0.18", features = [
     "collector_client",
     "isahc_collector_client",
 ], optional = true }
-scylla = "0.15.1"
+openssl = "0.10.68"
+scylla = { version = "0.15.1", features = ["ssl"] }
 toml = "0.8.4"
 tracing = "0.1.34"
 tracing-subscriber = { version = "0.3.15", features = [

configuration/src/configs/tx_details_storage.rs

@@ -12,6 +12,20 @@ pub struct TxDetailsStorageConfig {
 }
 
 impl TxDetailsStorageConfig {
+    async fn create_ssl_context(&self) -> anyhow::Result<openssl::ssl::SslContext> {
+        // Initialize SslContextBuilder with TLS method
+        let ca_cert_path = std::env::var("SCYLLA_CA_CERT")?;
+        let client_cert_path = std::env::var("SCYLLA_CLIENT_CERT")?;
+        let client_key_path = std::env::var("SCYLLA_CLIENT_KEY")?;
+
+        let mut builder = openssl::ssl::SslContextBuilder::new(openssl::ssl::SslMethod::tls())?;
+        builder.set_ca_file(ca_cert_path)?;
+        builder.set_certificate_file(client_cert_path, openssl::ssl::SslFiletype::PEM)?;
+        builder.set_private_key_file(client_key_path, openssl::ssl::SslFiletype::PEM)?;
+        builder.check_private_key()?;
+        Ok(builder.build())
+    }
+
     pub async fn scylla_client(&self) -> scylla::Session {
         let mut load_balancing_policy_builder =
             scylla::transport::load_balancing::DefaultPolicy::builder();
@@ -25,13 +39,19 @@ impl TxDetailsStorageConfig {
             .load_balancing_policy(load_balancing_policy_builder.build())
             .build()
             .into_handle();
+        let ssl_context = if let Ok(ssl_context) = self.create_ssl_context().await {
+            Some(ssl_context)
+        } else {
+            None
+        };
 
         let mut session: scylla::SessionBuilder = scylla::SessionBuilder::new()
             .known_node(self.scylla_url.clone())
             .keepalive_interval(std::time::Duration::from_secs(
                 self.scylla_keepalive_interval,
             ))
-            .default_execution_profile_handle(scylla_execution_profile_handle);
+            .default_execution_profile_handle(scylla_execution_profile_handle)
+            .ssl_context(ssl_context);
 
         if let Some(user) = self.scylla_user.clone() {
             if let Some(password) = self.scylla_password.clone() {

tx-details-storage/src/lib.rs

@@ -40,8 +40,8 @@ impl TxDetailsStorage {
             .query_unpaged(
                 "CREATE KEYSPACE IF NOT EXISTS tx_details
                 WITH REPLICATION = {
-                    'class': 'SimpleStrategy',
-                    'replication_factor': 1
+                    'class': 'NetworkTopologyStrategy',
+                    'replication_factor': 3
                 }",
                 &[],
             )