Skip to content

Default SSLMode should remain 'disable' for local development compatibility #344

New issue
New issue
Closed
Closed
Default SSLMode should remain 'disable' for local development compatibility#344
Labels
bugSomething isn't working
@gandalf-at-lerian

Description

@gandalf-at-lerian
gandalf-at-lerian
opened on Mar 10, 2026

Context

In the v4 unification (PR #336), the default sslmode in buildConnectionString was changed from disable to require.

Where to change

File: commons/tenant-manager/postgres/manager.go
Line 838-839 (on v4.0.0-beta.2):

// Current (v4):
if sslmode == "" {
    sslmode = "require"  // ← line 839
}

// Should be:
if sslmode == "" {
    sslmode = "disable"
}

Problem

Teams routinely test locally against PostgreSQL instances without TLS configured. Changing the default to require breaks local development workflows when SSLMode is not explicitly set in the tenant configuration.

While require is the correct default for production, this change should be communicated clearly and potentially handled differently:

Options

  1. Keep disable as default and require explicit SSLMode=require in production configs
  2. Keep require as default but document the breaking change prominently in migration guide
  3. Use an environment-aware default (e.g., require in production, disable in development)

Impact

  • All services using buildConnectionString without explicit SSLMode in their PostgreSQLConfig
  • Local development environments
  • CI/CD pipelines with local PostgreSQL

Raised by

Jefferson Rodrigues (CTO) during multi-tenant task force review.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions