Commit 8cb2bdf9 authored by Leo Gordon's avatar Leo Gordon
Browse files

Do not expose the password in workers' url by storing it in an environment variable

parent 0b57242e
......@@ -29,36 +29,38 @@
use strict;
#use Bio::EnsEMBL::Utils::Exception;
#use Bio::EnsEMBL::Analysis;
use Bio::EnsEMBL::DBSQL::DBConnection;
#use Bio::EnsEMBL::Hive::URLFactory;
=head2 Bio::EnsEMBL::DBSQL::DBConnection::url
Arg [1] : none
Arg [1] : String $environment_variable_name_to_store_password_in (optional)
Example : $url = $dbc->url;
Description: Constructs a URL string for this database connection. Follows
the format defined for FTP urls and adopted by
Description: Constructs a URL string for this database connection.
Returntype : string of format mysql://<user>:<pass>@<host>:<port>/<dbname>
or sqlite:///<dbname>
Exceptions : none
Caller : general
=cut
sub Bio::EnsEMBL::DBSQL::DBConnection::url {
my $self = shift;
return undef unless($self->driver and $self->dbname);
my ($self, $psw_env_var_name) = @_;
my $url = $self->driver . '://';
if($self->username) {
$url .= $self->username;
$url .= ":".$self->password if($self->password);
$url .= "@";
if(my $psw_expression = $self->password) {
if($psw_env_var_name) {
$ENV{$psw_env_var_name} = $psw_expression;
$psw_expression = '${'.$psw_env_var_name.'}';
}
$url .= ':'.$psw_expression if($psw_expression);
}
$url .= '@';
}
if($self->host) {
$url .= $self->host;
......
......@@ -144,12 +144,13 @@ sub main {
and $self->{'db_conf'}->{'-user'}
and $self->{'db_conf'}->{'-dbname'}) { # connect to database specified
$self->{'dba'} = Bio::EnsEMBL::Hive::DBSQL::DBAdaptor->new( %{$self->{'db_conf'}} );
$self->{'url'} = $self->{'dba'}->dbc->url;
} else {
print "\nERROR : Connection parameters (reg_conf+reg_alias, url or dbhost+dbuser+dbname) need to be specified\n\n";
script_usage(1);
}
$self->{'safe_url'} = $self->{'dba'}->dbc->url('WORKER_PASSWORD');
my $queen = $self->{'dba'}->get_Queen;
my $pipeline_name = destringify(
......@@ -297,7 +298,7 @@ sub generate_worker_cmd {
if ($self->{'reg_alias'}) { # then we pass the connection parameters:
$worker_cmd .= ' -reg_alias '. $self->{'reg_alias'};
} else {
$worker_cmd .= ' -url '. $self->{'url'};
$worker_cmd .= ' -url '. $self->{'safe_url'};
}
foreach my $worker_option ('job_limit', 'life_span', 'retry_throwing_jobs', 'compile_module_once', 'hive_log_dir', 'debug') {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment