From cc4c5249653f30a4927df6ed933b4fd036cb1ff2 Mon Sep 17 00:00:00 2001
From: share2kanna <ganeshkl@intelops.dev>
Date: Tue, 28 May 2024 20:32:12 +0530
Subject: [PATCH 1/3] Fixed the service user password fetching from vault in
 run migrations functionality

---
 .../common-pkg/postgres/db-init/db_migrate.go | 23 ++++++++++++++-----
 1 file changed, 17 insertions(+), 6 deletions(-)

diff --git a/capten/common-pkg/postgres/db-init/db_migrate.go b/capten/common-pkg/postgres/db-init/db_migrate.go
index 49a4aa83..c06029af 100644
--- a/capten/common-pkg/postgres/db-init/db_migrate.go
+++ b/capten/common-pkg/postgres/db-init/db_migrate.go
@@ -1,6 +1,7 @@
 package dbinit
 
 import (
+	"context"
 	"fmt"
 	"os"
 	"time"
@@ -12,6 +13,7 @@ import (
 	_ "github.com/golang-migrate/migrate/v4/source/file"
 	"github.com/intelops/go-common/logging"
 	"github.com/kelseyhightower/envconfig"
+	"github.com/kube-tarian/kad/capten/common-pkg/credential"
 	"github.com/pkg/errors"
 )
 
@@ -26,12 +28,13 @@ const (
 var log = logging.NewLogger()
 
 type DBConfig struct {
-	DBAddr    string `envconfig:"PG_DB_HOST" required:"true"`
-	DBPort    string `envconfig:"PG_DB_PORT" default:"5432"`
-	DBName    string `envconfig:"PG_DB_NAME" required:"true"`
-	Username  string `envconfig:"PG_DB_SERVICE_USERNAME" required:"true"`
-	Password  string `envconfig:"PG_DB_SERVICE_USERPASSWORD" required:"false"`
-	SourceURI string `envconfig:"PG_SOURCE_URI" default:"file:///postgres/migrations"`
+	DBAddr     string `envconfig:"PG_DB_HOST" required:"true"`
+	DBPort     string `envconfig:"PG_DB_PORT" default:"5432"`
+	DBName     string `envconfig:"PG_DB_NAME" required:"true"`
+	EntityName string `envconfig:"PG_DB_ENTITY_NAME" default:"postgres"`
+	Username   string `envconfig:"PG_DB_SERVICE_USERNAME" required:"true"`
+	Password   string `envconfig:"PG_DB_SERVICE_USERPASSWORD" required:"false"`
+	SourceURI  string `envconfig:"PG_SOURCE_URI" default:"file:///postgres/migrations"`
 }
 
 func RunMigrations(mode Mode) error {
@@ -40,6 +43,14 @@ func RunMigrations(mode Mode) error {
 		return err
 	}
 
+	if len(conf.Password) == 0 {
+		serviceCredential, err := credential.GetServiceUserCredential(context.Background(),
+			conf.EntityName, conf.Username)
+		if err != nil {
+			return errors.WithMessage(err, "DB user credential fetching failed")
+		}
+		conf.Password = serviceCredential.Password
+	}
 	return RunMigrationsWithConfig(conf, mode)
 }
 

From 042835e0d1434b76678b9887d2f457b54f6a1116 Mon Sep 17 00:00:00 2001
From: share2kanna <ganeshkl@intelops.dev>
Date: Tue, 28 May 2024 20:39:55 +0530
Subject: [PATCH 2/3] made service user password optional

---
 capten/common-pkg/postgres/db_client.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/capten/common-pkg/postgres/db_client.go b/capten/common-pkg/postgres/db_client.go
index 0380e18a..6a821e6d 100644
--- a/capten/common-pkg/postgres/db_client.go
+++ b/capten/common-pkg/postgres/db_client.go
@@ -28,7 +28,7 @@ const (
 
 type Config struct {
 	Username     string `envconfig:"PG_DB_SERVICE_USERNAME" required:"true"`
-	Password     string `envconfig:"PG_DB_SERVICE_USERPASSWORD" required:"true"`
+	Password     string `envconfig:"PG_DB_SERVICE_USERPASSWORD" required:"false"`
 	DBHost       string `envconfig:"PG_DB_HOST" required:"true"`
 	DBPort       string `envconfig:"PG_DB_PORT" required:"true"`
 	DatabaseName string `envconfig:"PG_DB_NAME" required:"true"`
@@ -68,7 +68,7 @@ func NewDBClient(logger logging.Logger) (store *DBClient, err error) {
 	logger.Debug("Getting db connection for ...")
 	session, err := NewDBFromENV(logger)
 	if err != nil {
-		return nil, fmt.Errorf("error while creating mariadb client session, %v", err)
+		return nil, fmt.Errorf("error while creating postgres client session, %v", err)
 	}
 	store = &DBClient{
 		session: session,

From c6a6cdf7a205565527443fa3686829cf095aa528 Mon Sep 17 00:00:00 2001
From: share2kanna <ganeshkl@intelops.dev>
Date: Tue, 28 May 2024 20:51:00 +0530
Subject: [PATCH 3/3] Fixed the dbclient initialization by reading password
 from vault

---
 capten/common-pkg/postgres/db_client.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/capten/common-pkg/postgres/db_client.go b/capten/common-pkg/postgres/db_client.go
index 6a821e6d..ec943cc5 100644
--- a/capten/common-pkg/postgres/db_client.go
+++ b/capten/common-pkg/postgres/db_client.go
@@ -2,11 +2,13 @@
 package postgresdb
 
 import (
+	"context"
 	"errors"
 	"fmt"
 
 	"github.com/intelops/go-common/logging"
 	"github.com/kelseyhightower/envconfig"
+	"github.com/kube-tarian/kad/capten/common-pkg/credential"
 	"github.com/kube-tarian/kad/capten/common-pkg/gerrors"
 
 	"gorm.io/driver/postgres"
@@ -31,6 +33,7 @@ type Config struct {
 	Password     string `envconfig:"PG_DB_SERVICE_USERPASSWORD" required:"false"`
 	DBHost       string `envconfig:"PG_DB_HOST" required:"true"`
 	DBPort       string `envconfig:"PG_DB_PORT" required:"true"`
+	EntityName   string `envconfig:"PG_DB_ENTITY_NAME" default:"postgres"`
 	DatabaseName string `envconfig:"PG_DB_NAME" required:"true"`
 	IsTLSEnabled bool   `envconfig:"PG_DB_TLS_ENABLED" default:"false"`
 }
@@ -46,6 +49,15 @@ func NewDBFromENV(logger logging.Logger) (*gorm.DB, error) {
 		return nil, err
 	}
 
+	if len(conf.Password) == 0 {
+		serviceCredential, err := credential.GetServiceUserCredential(context.Background(),
+			conf.EntityName, conf.Username)
+		if err != nil {
+			return nil, err
+		}
+		conf.Password = serviceCredential.Password
+	}
+
 	return NewDB(&conf, logger)
 }