-
Notifications
You must be signed in to change notification settings - Fork 242
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add option to connect to database without SSL (fix "SSL is not enabled on the server" error) #518
Comments
Hello, if you don't mind my opinion, I dont think The way it works right now is very simple and standardized on the GO comunity, each driver can have it own set of options and will parse it from the DSN. By creating a flag would mean that |
Hey @ericyd, and thanks for suggesting how to improve atlas. btw @crossworth, ent community members are always welcome here 😃 |
Hello 👋🏻 Thanks for the replies. While this tool is built with Go, I'm not compelled by the argument that the CLI usage should be beholden to the standards in the Go community. Atlas is distributed as a cross-platform binary, not a library. I have personally never had to specify This very much just my own opinion. Ultimately, the decision lies with the project maintainers and whatever you decide is good by me. I agree adding a query param is very low cost to the end user so it's really not a huge deal if this is not implemented.
Edit: If you decide not to implement a flag, the docs should at least be updated. None of the example Postgres URLs have Here's an example demonstrating how the docs are misleading Start Postgres container:
Connect to DB with
Inspect schema with Atlas
|
@ericyd I agree this should be better documented. Do you want to contribute a patch to the docs? Otherwise, I'll do it this week. |
I'll give it a shot. It might be a couple days before I can get to this though -- if you get to it first that is OK by me |
I'm looking into this more and realizing I don't fully understand the issue. Why is it that Postgres requires disabling SSL, but MariaDB and MySQL handle it just fine? I don't see anything indicating special SSL keys/certs for the MySQL/MariaDB connections. It's easy enough to say "add |
I see now -- it is literally just a https://github.com/lib/pq/blob/8446d16b8935fdf2b5c0fe333538ac395e3e1e4b/ssl.go#L19-L20 I'll submit a PR for some doc updates and more discussion can happen there if desired |
I just now took atlas for a spin for the first time. Using postgres in a local docker container. This SSL error message was the only hiccup/bump in the road. +1 for adding it to the docs so that it is less likely that others experience the same. Excited to see what this tool can do for my workflow :) |
thanks for the feedback @krilor, and welcome! @ericyd - yep you nailed it. I want to add a bit on the design choice to delegate the parsing of DSN to the drivers. I agree that from the user perspective it creates a "burden" to figure out the correct connection string per driver. However, I'd say that it generally would happen very little (perhaps a handful of time per team that's working with Atlas) and can be solved with better documentation as you've advised. Finally, thanks for these discussions - your clear writing style and attention to detail is very valuable, these discussions say alive forever and tend to have great SEO - so many will read them in the future 🙏 |
Type
Bug
System
OS: Mac OSX 11.6.3
DB: Postgres 12.8
Details
Installation went smoothly, but when I tried to inspect my existing local DB schema, I got an error
A quick search led me to this SO answer.
It appears that Atlas is attempting to connect with the raw DSN, without specifying an SSL mode (it appears the SSL is enabled by default):
atlas/cmd/action/provider.go
Line 35 in ee1ec7a
Perhaps this is necessary in some cases but for local DB inspection, probably not. The tests appear to get around this by explicitly disabling SSL:
atlas/internal/integration/postgres_test.go
Line 41 in ee1ec7a
I verified this fix by running Atlas with the
?sslmode=disable
query param added to my DB url, and it workedI am not well versed in Go to propose a specific solution but I think the most flexible option would be to add flag option for SSL mode (and perhaps default to
false
for inspection, since I would imagine inspecting a local DB is the most common initial step)The text was updated successfully, but these errors were encountered: