Integrate TLS Support in ScyllaDB Driver Connection

[Daniel-Boll]

Overview: This issue focuses on the integration of TLS (Transport Layer Security) into the ScyllaDB driver, enhancing the security of data transmitted between the client and ScyllaDB nodes. This feature is based on the Scylla Rust Driver's TLS documentation and is a follow-up to issue #2, "Enhance connect Method to Support Authentication Parameters," since it involves modifications to the connection parameters.

Detailed Behavior: The TLS functionality should allow users to establish secure connections by specifying an ssl object in the connection parameters. This object will contain:

1. The file path to the trusted certificate authority (CA) certificate (in PEM format).
2. The SSL verify mode, dictated by an enum with options NONE (no verification) or PEER (verify the peer's certificate).

The proposed API change could look like this:

const session = await cluster.connect({
  keyspace: "keyspace",
  ssl: {
    caFilepath: "/path/to/ca.cert.pem",
    verifyMode: VerifyMode.PEER, // VerifyMode.NONE or VerifyMode.PEER
  },
});

Dependencies:

• This task is dependent on issue #2 since both require changes to the connect method parameters. The implementation should ensure compatibility with the authentication parameters introduced in issue #2.
• The task requires modifications to the project's CI configuration to include the OpenSSL dependency in the GitHub Actions' containers.

Implementation Considerations:

• The driver should be capable of loading the CA file from the provided path and setting the verification mode accordingly.
• Proper error handling should be implemented for scenarios like invalid paths, unreadable CA files, or unsupported verification modes.
• Changes to the GitHub Actions pipeline must be made to ensure that the OpenSSL dependency is available during CI builds.

Environment:

• This update will affect all environments and is crucial for users who transmit sensitive data or operate under strict security compliance requirements.

Related Issues or Discussions:

• Related to issue #2: "Enhance connect Method to Support Authentication Parameters."

Labels:

• enhancement
• security
• CI/CD

Assignees and Mentions:

• To be assigned to contributors with experience in Node.js, Rust, and CI/CD configurations, or those who worked on issue #2. Relevant contributors can be '@' mentioned or assigned.

Impact:

• Providing TLS support is critical for securing data in transit, especially for applications that handle sensitive information or operate in regulated industries.

Progress/Updates:

• This issue serves as the initial task creation. Progress will be tracked through comments, including discussions, decisions, and implementation phases.