sql_exporter

package module

v0.0.0-...-946bba2 Latest Latest Go to latest Published: Mar 22, 2023 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/thaddak/sql_exporter

Links

Open Source Insights

README ¶

sql_exporter

modifications to https://github.com/free/sql_exporter version 0.5.

Added the capability to encrypt the dsn. The orginal code exposes the login credentials in the dsn. The encryption function is adapted from https://gist.github.com/humamfauzi/a29ea50edeb175e2e8a9e3456b91fe36

Set the secret key by using the environment variable SQLEXPORTER_KEY. The challenge is to keep the environment of the sql_exporter process secure.

The key is a 64 byte HEX.

export SQLEXPORTER_KEY=badbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbada

Alternatively you can bake the key into the code itself (as commented in the code).

To generate the encrypted dsn, the easiest way is to paste the following into https://go.dev/play/. Make sure you change the key and dsn to your own. In the example below, the dsn is sqlserver://username:password@my.target.host:1433/ and the key is "badbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbada".

package main

import (
	"crypto/aes"
	"crypto/cipher"
	"crypto/rand"
	"encoding/base64"
	"encoding/hex"
	"fmt"
	"io"
)

func main() {
	exampleString := "sqlserver://username:password@my.target.host:1433/"
	toBinary := []byte(exampleString)

	// Secret Key; DO NOT USE THIS IN REAL APPLICATION
	key, _ := hex.DecodeString("badbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbadbada")
	block, err := aes.NewCipher(key)
	if err != nil {
		panic(err)
	}

	gcm, err := cipher.NewGCM(block)
	if err != nil {
		panic(err)
	}

	nonce := make([]byte, gcm.NonceSize())
	nonce3 := make([]byte, 23)
	if _, err = io.ReadFull(rand.Reader, nonce); err != nil {
		fmt.Println(err)
	}
	if _, err = io.ReadFull(rand.Reader, nonce3); err != nil {
		fmt.Println(err)
	}

	// nonce should be append in the seal for decryption
	// it also could use different kind of header for identification
	result := gcm.Seal(nonce, nonce, toBinary, nil)

	encryptedString := base64.StdEncoding.EncodeToString(result)
	fmt.Println("ENCRYPTED", encryptedString)

}

Once you have the encrypted string, you configure the dsn as below.

target:
  data_source_name: 'encrypted://Yoca7r/sjkIUzZSFKGTjNxCjWZIXvanutcC9tti7AqwvAM7PrkkmOl5fZcMcfnGYrwyPLFuudH+AMmN6Z8pQPoBWPGwmEHyQ1Vu8wPMu'

Documentation ¶

Index ¶

func OpenConnection(ctx context.Context, logContext, dsn string, maxConns, maxIdleConns int) (*sql.DB, error)
func PingDB(ctx context.Context, conn *sql.DB) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func OpenConnection ¶

func OpenConnection(ctx context.Context, logContext, dsn string, maxConns, maxIdleConns int) (*sql.DB, error)

OpenConnection extracts the driver name from the DSN (expected as the URI scheme), adjusts it where necessary (e.g. some driver supported DSN formats don't include a scheme), opens a DB handle ensuring early termination if the context is closed (this is actually prevented by `database/sql` implementation), sets connection limits and returns the handle.

Below is the list of supported databases (with built in drivers) and their DSN formats. Unfortunately there is no dynamic way of loading a third party driver library (as e.g. with Java classpaths), so any driver additions require a binary rebuild.

MySQL ¶

Using the https://github.com/go-sql-driver/mysql driver, DSN format (passed to the driver stripped of the `mysql://` prefix):

mysql://username:password@protocol(host:port)/dbname?param=value

PostgreSQL ¶

Using the https://godoc.org/github.com/lib/pq driver, DSN format (passed through to the driver unchanged):

postgres://username:password@host:port/dbname?param=value

MS SQL Server ¶

Using the https://github.com/denisenkom/go-mssqldb driver, DSN format (passed through to the driver unchanged):

sqlserver://username:password@host:port/instance?param=value

Clickhouse ¶

Using the https://github.com/kshvakov/clickhouse driver, DSN format (passed to the driver with the`clickhouse://` prefix replaced with `tcp://`):

clickhouse://host:port?username=username&password=password&database=dbname&param=value

func PingDB ¶

func PingDB(ctx context.Context, conn *sql.DB) error

PingDB is a wrapper around sql.DB.PingContext() that terminates as soon as the context is closed.

sql.DB does not actually pass along the context to the driver when opening a connection (which always happens if the database is down) and the driver uses an arbitrary timeout which may well be longer than ours. So we run the ping call in a goroutine and terminate immediately if the context is closed.

Types ¶

This section is empty.

Source Files ¶

View all Source files

sql.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL