Feature Request: pg_pwd_file

[mariuskh]

Description: We are migrating to a cloud infrastructure where we use short-lived passwords for database access. This becomes a challenge when we are using the direct import mode, where the job reconnects to Postgres for every batch of data. If the job lasts longer than the token lifetime, the job will fail.

Suggestion: We suggest to add a directive and/or command line argument pg_pwd_file (or pg_pwd_path) to specify the path to a password file. The file can be updated with fresh tokens, and ora2pg reads the file every time it reconnects to Postgres.

We have already tested this concept by adding the following code to the function _send_to_pgdb:

        if ($ENV{PG_PASSWORD_FILE}) {
                open(FH, '<', $ENV{PG_PASSWORD_FILE}) or die $!;
                $self->{pg_pwd} = <FH>;
                chomp($self->{pg_pwd});
                close(FH);
        }

This works for our purpose, but we wanted to suggest this feature also in the official version.

Thank you for considering the suggestion.

[darold]

Commit be247bb add this feature. You just have to set PG_PWD to the path of your password file, if it exists on disk it will be read by Ora2Pg to extract the password.

[mariuskh]

Thanks for including this!

It looks to me that it will only work the first time, since the path will be overwritten by the password. Maybe one can use a local variable inside the function to make sure the path is not overwritten? Or one could add a separate attribute to hold the path?

[darold]

Ah ok, you want it to be read each time the function is called not just password read from file, I understand.

[darold]

Commit bf7c4c5 fixes this behavior.

[mariuskh]

I believe there is still an issue. After the file is read the first time, $self->{pg_pwd} does no longer contain the path, so it won't be able to read the file the second time. Please correct me if I'm wrong :)