Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add awsiamrds db auth driver #12566

Merged
merged 21 commits into from
Mar 20, 2024
Merged

feat: add awsiamrds db auth driver #12566

merged 21 commits into from
Mar 20, 2024

Conversation

f0ssel
Copy link
Contributor

@f0ssel f0ssel commented Mar 12, 2024
edited

f0ssel added a commit to coder/serpent that referenced this pull request Mar 18, 2024
@f0ssel
fix: implement yaml methods for enums
0d2ed47 
My tests are failing over at coder/coder#12566, enums are failing to marshal correctly, and this patch is what made it work on my branch when it was `clibase`.
@f0ssel f0ssel mentioned this pull request Mar 18, 2024
Merged
@f0ssel f0ssel marked this pull request as ready for review March 19, 2024 14:22
@f0ssel f0ssel requested a review from coadler March 19, 2024 14:22
kylecarbs
kylecarbs reviewed Mar 19, 2024
View reviewed changes
codersdk/deployment.go
@@ -154,6 +166,7 @@ type DeploymentValues struct {
CacheDir serpent.String `json:"cache_directory,omitempty" typescript:",notnull"`
InMemoryDatabase serpent.Bool `json:"in_memory_database,omitempty" typescript:",notnull"`
PostgresURL serpent.String `json:"pg_connection_url,omitempty" typescript:",notnull"`
PostgresAuth string `json:"pg_auth,omitempty" typescript:",notnull"`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a specific string format the connection has when connecting via AWS IAM? I think it'd be preferred to check for that over adding a new server option.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a missing password field, maybe an AWS domain in the URL, but I don't think there's anything that's enough to make an inference.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One thing that might be possible is if we detected the URL scheme and had people set awsiamrds://... instead of postgres://, or add a query param? It is unforunate we need a new flag just for aws auth, but it's probable we would exapand this in the future. My only worry is that just detecting it in the connection string would be non-obvious, since I haven't really seen it anywhere else, but to be fair I haven't really done much research.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah I wouldn't wanna change the protocol because that kinda implies it's not speaking postgres protocol. I think given we may have other auth schemes in the future we need to support, a flag seems fine to me and better than any parsing options I can think of.

@f0ssel f0ssel changed the title feat: add awsrdsiam db auth connector feat: add awsrdsiam db auth driver Mar 19, 2024
@f0ssel f0ssel changed the title feat: add awsrdsiam db auth driver feat: add awsiamrds db auth driver Mar 19, 2024
@f0ssel f0ssel merged commit 4d9fe05 into main Mar 20, 2024
32 checks passed
@f0ssel f0ssel deleted the f0ssel/awsrdsiam branch March 20, 2024 17:14
@github-actions github-actions bot locked and limited conversation to collaborators Mar 20, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@kylecarbs kylecarbs kylecarbs left review comments

@coadler coadler coadler approved these changes

Assignees

@f0ssel f0ssel

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Direct database authentication with AWS RDS
3 participants
@f0ssel @coadler @kylecarbs