dbshell crashes on django-cockroachdb 3.1
robert-kisteleki opened this issue · 4 comments
Using:
- python 3.7.x
- cockroachdb 20.1.6
- django 3.1.2
- django-cockroachdb 3.1
DATABASE settings:
DATABASES = {
'cockroach': {
'ENGINE': 'django_cockroachdb',
[some params]
},
'cockroach-pg': {
'ENGINE': 'django.db.backends.postgresql',
[equivalent params]
},
}
I get:
$ ./manage.py dbshell --database=cockroach-pg
psql (11.9 (Debian 11.9-0+deb10u1), server 9.5.0)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES128-GCM-SHA256, bits: 128, compression: off)
Type "help" for help.
...
but
$ ./manage.py dbshell --database=cockroach
Traceback (most recent call last):
File "./manage.py", line 10, in <module>
execute_from_command_line(sys.argv)
File "/home/me/python37/lib/python3.7/site-packages/django/core/management/__init__.py", line 401, in execute_from_command_line
utility.execute()
File "/home/me/python37/lib/python3.7/site-packages/django/core/management/__init__.py", line 395, in execute
self.fetch_command(subcommand).run_from_argv(self.argv)
File "/home/me/python37/lib/python3.7/site-packages/django/core/management/base.py", line 330, in run_from_argv
self.execute(*args, **cmd_options)
File "/home/me/python37/lib/python3.7/site-packages/django/core/management/base.py", line 371, in execute
output = self.handle(*args, **options)
File "/home/me/python37/lib/python3.7/site-packages/django/core/management/commands/dbshell.py", line 26, in handle
connection.client.runshell(options['parameters'])
TypeError: runshell() takes 1 positional argument but 2 were given
If I'm not mistaken DatabaseClient.runshell does not have the right signature for some reason.
Thanks for the report. An update is required for django/django@5b884d4.
Technically, this issue is indeed resolved. However, the solution has side-effects.
In my case the CockroachDB connection itself (that is, outside of Django) works via "cockroachdb sql --certs-dir=[...]" with a client key+certificate in [CERTSDIR].
If I specify user, database, password, ... in the Django settings, then:
$ manage.py dbshell
Usage:
cockroach sql [options] [flags]
[...]
ERROR: unknown flag: --password
Failed running "sql"
CommandError: "cockroach sql --database=[DATABASE] --certs-dir=[CERTSDIR] --user=[USER] --password=[PASSWORD] --host=[HOST] --port=[PORT]" returned non-zero exit status 1.
However, if the password or other parameters are missing then I get a 500 via the app:
OperationalError at /[URL]
fe_sendauth: no password supplied
or
OperationalError at /[URL]
ERROR: password authentication failed for user [USER]
ERROR: node is running secure mode, SSL connection required
Meaning either dbshell doesn't work or the app doesn't. I can't seem to make both of it work at the same time, unless I maintain two entries in DB settings.
Thanks. That looks to be a separate issue. It also affects django-cockroachdb 3.0.x and 2.2.x I believe. Could you try removing these lines:
django-cockroachdb/django_cockroachdb/client.py
Lines 31 to 32 in 2468e5c
(Those lines came from e8c559a and may have never been tested.)
After removing those lines, I see a password prompt:
$ python manage.py dbshell
#
# Welcome to the CockroachDB SQL shell.
# All statements must be terminated by a semicolon.
# To exit, type: \q.
#
Enter password:
Is that what you would expect? I don't see a way to automatically provide a password to cockroach sql
besides the --url postgresql://[user[:passwd]@]host[:port]/[db][?parameters...]
option, however, that could be a security issue since the password would be viewable by other system users if they invoke ps aux | grep cockroach
.
[...]
Enter password:
Is that what you would expect?
No, it isn't. As I mentioned above, I am using a client key+certificate. I belive the username is in the certificate as Subject Name and there is no password at all.
I don't see a way to automatically provide a password to
cockroach sql
besides the--url postgresql://[user[:passwd]@]host[:port]/[db][?parameters...]
option, however, that could be a security issue since the password would be viewable by other system users if they invokeps aux | grep cockroach
.
I agree that's not a good way forward. I'll go ahead and open a different issue instead as you advised.