fix: set clustername in sql connection string (#2703)

2025-08-11 19:07:30 +00:00 · 2021-11-21 19:02:10 +01:00
parent aa3eb274b7
commit 56e10ecf30
2 changed files with 35 additions and 8 deletions
--- a/cmd/zitadel/startup.yaml
+++ b/cmd/zitadel/startup.yaml
@@ -34,6 +34,7 @@ EventstoreBase:
  MaxOpenConns: 3
  MaxConnLifetime: 30m
  MaxConnIdleTime: 30m
+  Options: $CR_OPTIONS
  SSL:
    Mode: $CR_SSL_MODE
    RootCert: $CR_ROOT_CERT
@@ -60,6 +61,7 @@ Queries:
    MaxOpenConns: 2
    MaxConnLifetime: 30m
    MaxConnIdleTime: 30m
+    Options: $CR_OPTIONS
    SSL:
      Mode: $CR_SSL_MODE
      RootCert: $CR_ROOT_CERT
@@ -82,6 +84,7 @@ Projections:
    MaxOpenConns: 3
    MaxConnLifetime: 30m
    MaxConnIdleTime: 30m
+    Options: $CR_OPTIONS
    SSL:
      Mode: $CR_SSL_MODE
      RootCert: $CR_ROOT_CERT
@@ -105,6 +108,7 @@ AuthZ:
          MaxOpenConns: 3
          MaxConnLifetime: 30m
          MaxConnIdleTime: 30m
+          Options: $CR_OPTIONS
          SSL:
            Mode: $CR_SSL_MODE
            RootCert: $CR_ROOT_CERT
@@ -123,6 +127,7 @@ AuthZ:
      MaxOpenConns: 3
      MaxConnLifetime: 30m
      MaxConnIdleTime: 30m
+      Options: $CR_OPTIONS
      SSL:
        Mode: $CR_SSL_MODE
        RootCert: $CR_ROOT_CERT
@@ -149,6 +154,7 @@ Auth:
        MaxOpenConns: 3
        MaxConnLifetime: 30m
        MaxConnIdleTime: 30m
+        Options: $CR_OPTIONS
        SSL:
          Mode: $CR_SSL_MODE
          RootCert: $CR_ROOT_CERT
@@ -168,6 +174,7 @@ Auth:
      MaxOpenConns: 3
      MaxConnLifetime: 30m
      MaxConnIdleTime: 30m
+      Options: $CR_OPTIONS
      SSL:
        Mode: $CR_SSL_MODE
        RootCert: $CR_ROOT_CERT
@@ -182,6 +189,7 @@ Auth:
    MaxOpenConns: 3
    MaxConnLifetime: 30m
    MaxConnIdleTime: 30m
+    Options: $CR_OPTIONS
    SSL:
      Mode: $CR_SSL_MODE
      RootCert: $CR_ROOT_CERT
@@ -208,6 +216,7 @@ Admin:
        MaxOpenConns: 3
        MaxConnLifetime: 30m
        MaxConnIdleTime: 30m
+        Options: $CR_OPTIONS
        SSL:
          Mode: $CR_SSL_MODE
          RootCert: $CR_ROOT_CERT
@@ -226,6 +235,7 @@ Admin:
    MaxOpenConns: 3
    MaxConnLifetime: 30m
    MaxConnIdleTime: 30m
+    Options: $CR_OPTIONS
    SSL:
      Mode: $CR_SSL_MODE
      RootCert: $CR_ROOT_CERT
@@ -252,6 +262,7 @@ Mgmt:
        MaxOpenConns: 3
        MaxConnLifetime: 30m
        MaxConnIdleTime: 30m
+        Options: $CR_OPTIONS
        SSL:
          Mode: $CR_SSL_MODE
          RootCert: $CR_ROOT_CERT
@@ -265,6 +276,7 @@ Mgmt:
    Host: $ZITADEL_EVENTSTORE_HOST
    Port: $ZITADEL_EVENTSTORE_PORT
    User: 'management'
+    Options: $CR_OPTIONS
    Database: 'management'
    Password: $CR_MANAGEMENT_PASSWORD
    MaxOpenConns: 3
@@ -383,6 +395,7 @@ Notification:
          MaxOpenConns: 2
          MaxConnLifetime: 30m
          MaxConnIdleTime: 30m
+          Options: $CR_OPTIONS
          SSL:
            Mode: $CR_SSL_MODE
            RootCert: $CR_ROOT_CERT
@@ -401,6 +414,7 @@ Notification:
      MaxOpenConns: 2
      MaxConnLifetime: 30m
      MaxConnIdleTime: 30m
+      Options: $CR_OPTIONS
      SSL:
        Mode: $CR_SSL_MODE
        RootCert: $CR_ROOT_CERT
--- a/internal/config/types/sql.go
+++ b/internal/config/types/sql.go
@@ -24,6 +24,10 @@ type SQL struct {
 	MaxOpenConns    uint32
 	MaxConnLifetime Duration
 	MaxConnIdleTime Duration
+
+	//Additional options to be appended as options=<Options>
+	//The value will be taken as is. So be sure to separate multiple options by a space
+	Options string
 }

 type SQLBase struct {
@@ -32,6 +36,10 @@ type SQLBase struct {
 	Database string
 	Schema   string
 	SSL      sslBase
+
+	//Additional options to be appended as options=<Options>
+	//The value will be taken as is. So be sure to separate multiple options by a space
+	Options string
 }

 type SQLUser struct {
@@ -68,23 +76,27 @@ func (s *SQL) connectionString() string {
 		"application_name=zitadel",
 		"sslmode=" + s.SSL.Mode,
 	}
+	if s.Options != "" {
+		fields = append(fields, "options="+s.Options)
+	}
 	if s.Password != "" {
 		fields = append(fields, "password="+s.Password)
 	}
-
+	s.checkSSL()
 	if s.SSL.Mode != sslDisabledMode {
-		fields = append(fields, []string{
-			"sslrootcert=" + s.SSL.RootCert,
-			"sslcert=" + s.SSL.Cert,
-			"sslkey=" + s.SSL.Key,
-		}...)
+		fields = append(fields, "sslrootcert="+s.SSL.RootCert)
+		if s.SSL.Cert != "" {
+			fields = append(fields, "sslcert="+s.SSL.Cert)
+		}
+		if s.SSL.Cert != "" {
+			fields = append(fields, "sslkey="+s.SSL.Key)
+		}
 	}

 	return strings.Join(fields, " ")
 }

 func (s *SQL) Start() (*sql.DB, error) {
-	s.checkSSL()
 	client, err := sql.Open("postgres", s.connectionString())
 	if err != nil {
 		return nil, errors.ThrowPreconditionFailed(err, "TYPES-9qBtr", "unable to open database connection")
@@ -103,7 +115,7 @@ func (s *SQL) checkSSL() {
 		s.SSL = &ssl{sslBase: sslBase{Mode: sslDisabledMode}}
 		return
 	}
-	if s.SSL.Cert == "" || s.SSL.Key == "" || s.SSL.RootCert == "" {
+	if s.SSL.RootCert == "" {
 		logging.LogWithFields("TYPES-LFdzP",
 			"cert set", s.SSL.Cert != "",
 			"key set", s.SSL.Key != "",
@@ -119,6 +131,7 @@ func (u SQLUser) Start(base SQLBase) (*sql.DB, error) {
 		User:     u.User,
 		Password: u.Password,
 		Database: base.Database,
+		Options:  base.Options,
 		SSL: &ssl{
 			sslBase: sslBase{
 				Mode:     base.SSL.Mode,