Use urlencode on tracker and hub for DSN connections

[rleffd]

Hello,

There is a small bug if the password used to connect to database has special characters like ":", "@", "$" etc. with the tracker and hub components because of use of DSN string to connect to db. For db-migrator, all is working well as it not using a DSN. I have not tested the scanner yet, but it seems that it is the same behaviour as hub and tracker because it using a DSN string also.

It would be nice to add an urlencode variable for the db password to values and templates. All components are not using a DSN string to connect to DB, so it is necessary to keep existing password variable and add another one with the password urlencoded.

I've just done a test locally:

# Database configuration
db:
  host: "{{ .Values.db_instance_address }}"
  port: "{{ .Values.db_instance_port }}"
  database: {{ .Values.db_instance_app_username }}
  user: {{ .Values.db_instance_app_username }}
  password: {{ .Values.db_instance_app_password }}
  passwordEnc: {{ .Values.db_instance_app_pasword_encoded }}
  sslmode: require

and in all templates that is using a DSN string, I changed the secrets to:

password: {{ .Values.db.passwordEnc }}

It works well :)

[tegioz]

Hi @rleffd 👋

Thanks for reporting this 👍

We should be quoting strings that may contain special characters. Could you confirm that updating the secret templates to quote the password fixes the issue? The db-migrator one shouldn’t be a problem as it isn’t in yaml format.

password: {{ .Values.db.password | quote }}

[rleffd]

Not working with "quote":

error="cannot parse postgres://artifacthub:xxxxxx@:xxxxxx@xxxx:5432/artifacthub: failed to parse as URL (parse "postgres://artifacthub:xxxx@xxxx:5432/artifacthub": net/url: invalid userinfo)" cmd=hub

My password has @:*<}= characters.

[tegioz]

Oh I see, thanks 👍

[tegioz]

#4133 should fix this @rleffd 🙂