Question: Default username and password

[helio-frota]

Hi :+1:

This is working with any password... is that the default behavior ?

connect to postgres://postgres:aaaaaaaaaaaaaa@localhost:46341/

ckage' has been applied database=Database { username: "postgres", password: "aaaaaaaaaaaaaa", host: "localhost", port: 46341, name: "trustify" } self=Database { db: SqlxPostgresPoolConnection }
2024-05-02T17:28:10.982227Z  WARN trustify_server: Authentication is disabled
2024-05-02T17:28:10.982290Z  INFO trustify_common::db: connect to postgres://postgres:aaaaaaaaaaaaaa@localhost:46341/trustify
2024-05-02T17:28:11.084633Z  INFO trustify_infrastructure::infra: Infrastructure endpoint is disabled
2024-05-02T17:28:11.084759Z  INFO trustify_infrastructure::health::checks::local: received shutdown signal
2024-05-02T17:28:11.084810Z  INFO trustify_infrastructure::health::checks::local: check future returned
2024-05-02T17:28:11.085051Z  INFO trustify_infrastructure::app::http: JSON limit: 256.0 kiB
2024-05-02T17:28:11.085071Z  INFO trustify_infrastructure::app::http: Payload limit: 2.0 MiB
2024-05-02T17:28:11.085258Z  INFO trustify_infrastructure::app::http: Binding to: [::1]:8080
2024-05-02T17:28:11.085355Z  INFO actix_server::builder: starting 12 workers
2024-05-02T17:28:11.085389Z  INFO actix_server::server: Tokio runtime found; starting in existing Tokio runtime

thanks

[brianheineman]

@helio-frota I attempted to reproduce this manually by setting an invalid password in for the url using the sqlx example and I added a couple of integration tests (#64) to try to reproduce the problem. I was unable to reproduce the behavior you are seeing. Is it possible that the password for the postgres user is being explicitly set to "aaaaaaaaaaaaaa"? If you could provide a complete and concise example that reproduces the problem, it would help me understand where the issue might be.

[helio-frota]

@brianheineman thanks for quick response :+1:

Yes we have an example that is quick and easy to reproduce

• Clone https://github.com/trustification/trustify
• cargo run --bin trustd

We can also delete this directory .trustify/:

➜  trustify git:(main) cd .trustify/
➜  .trustify git:(main) ls
data/  postgres/  storage/

extra feedback: https://github.com/trustification/trustify/pull/226#issuecomment-2090437410 and https://github.com/trustification/trustify/pull/226#issuecomment-2091043690

thanks

[helio-frota]

update:

Is it possible that the password for the postgres user is being explicitly set to "aaaaaaaaaaaaaa"?

Yes, in this case it was. It means we can set any password? if yes then that is not an issue ( I think :man_shrugging: )

update 2:

a) there is the default password and we can update the password b) there is no default password and we can define the password

[helio-frota]

We are doing b) there is no default password and we can define the password

let settings = postgresql_embedded::Settings {
username: self.database.username.clone(),
password: self.database.password.clone(),
temporary: false,
installation_dir: db_dir.clone(),
timeout: Some(Duration::from_secs(30)),
data_dir,
..Default::default()
};
let mut postgresql = PostgreSQL::new(PostgreSQL::default_version(), settings);
postgresql.setup().await?;
postgresql.start().await?;

Your unit tests are using default settings

let mut postgresql = PostgreSQL::default();
postgresql.setup().await?;
postgresql.start().await?;

there is nothing wrong if we can define a password, I just got confused thinking that the default password was postgres and we should use that default password :+1:

Thanks, I'm ok closing this issue :+1: