oracledb_exporter icon indicating copy to clipboard operation
oracledb_exporter copied to clipboard

Published 20 hours ago verified publisher icon iamseth

DATA_SOURCE_NAME without the password

Open iwonaclk opened this issue 9 months ago • 4 comments

  • [x] question

What is the current behavior?

According to the documentation, the DATA_SOURCE_NAME needs to have the following string format (containing the user and pass):

"Ensure that the environment variable DATA_SOURCE_NAME is set correctly before starting. DATA_SOURCE_NAME should be in Oracle Database connection string format: oracle://user:pass@server/service_name[?OPTION1=VALUE1[&OPTIONn=VALUEn]...]"

What is the expected behavior?

Is there an easy way to set the DATA_SOURCE_NAME without telling the user and pass openly?

What is the motivation / use case for changing the behavior?

I would like to avoid showing the user and pass in DATA_SOURCE_NAME because of security purposes.

I can add an entry with the user and password into the Oracle Wallet, but how should look the DATA_SOURCE_NAME then?

Please tell us about your environment:

OracleDB_Exporter 0.5.2 Oracle Client FULL 19.3.0 Oracle Database 19

iwonaclk avatar May 13 '24 14:05 iwonaclk

I also tried this, documentation found is a bit confusing/unclear, some people pretend they made it work however for me it didn't work. Try playing with TNS_ADMIN, DATA_SOOURCE_NAME, WALLET_PATH ...

lucian-vanghele avatar May 16 '24 08:05 lucian-vanghele

I made it work, it is about how you define your entry inside the wallet: mkstore -wrl <wallet_location> -createCredential <db_connect_string>

The db_connect_string must be identical to the connection string that you specify in the URL used in the datasource definition (the part of the string that follows the @). It can be either the short form or the long form of the URL.

lucian-vanghele avatar May 24 '24 14:05 lucian-vanghele

Relieved to read someone has got it working. Any chance you could provide an example of a URL and db_connect_string that works for you?

Jansy-rm avatar May 30 '24 17:05 Jansy-rm

Managed to get it working using a SEP Wallet.

export DATA_SOURCE_NAME='oracle://username@hostname:1521/service?TRACE FILE=/tmp/trace.log&wallet=wallet_location'

mkstore -wrl <wallet_location> -create mkstore -wrl <wallet_location> -createCredential '(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=hostname)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=service)))' username "password"

/usr/local/bin/oracledb_exporter --default.metrics "/etc/oracledb_exporter/default-metrics.toml" --log.level debug --web.listen-address 0.0.0.0:9110`

Jansy-rm avatar May 30 '24 22:05 Jansy-rm