Gorm How to refresh connection password

Your issue may already be reported! Please search on the issue track before creating one.

What version of Go are you using (go version)?

1.13

Which database and its version are you using?

Postgres 12.2

I have a gorm connection and I'm passing an AWS authentication token that expires every 15 minutes. So, the service will be able to connect to the DB for 15 minutes, but then it won't be able to. Is there a canonical way of passing the new token to gorm?

Here's what I have so far. First this connection function that wraps around gorm.Open:

func Connect(conf *config.DbConfig) (*gorm.DB, error) {
    host, port, err := net.SplitHostPort(conf.Host)
    if err != nil {
        return nil, err
    }
    sslMode := "require"
    if conf.DisableTLS {
        sslMode = "disable"
    }
    return gorm.Open(conf.Dialect,
        fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=%s",
            host, port, conf.Username, conf.Password, conf.Name, sslMode))
}

This is called in main like so:

        //IF WE WANT TO USE AWS TOKEN, REPLACE PW IN CONFIG WITH TOKEN
    if conf.DB.UseAwsToken {
        authToken, err := field.CreateAuthToken(&conf.DB)
        if err != nil {
            logger.Fatal(err)
        }
        conf.DB.Password = authToken
    }

       //CONNECT TO DB
    db, err := field.Connect(&conf.DB)
    if err != nil {
        logger.Fatal(err)
    }
    defer db.Close()

      //INITIALIZE CRON JOB THAT RUNS IN SEPARATE THREAD TO REFRESH CONNECTION
       if conf.DB.UseAwsToken {
        processorCron := cron.New()

        cronInterval := "@every 10m"
        if conf.DB.CronInterval > 0 {
            cronInterval = fmt.Sprintf("@every %s", conf.DB.CronInterval)
        }

        processorCron.AddFunc(cronInterval, func() {
            repo.RenewDB(&conf.DB)
        })
        processorCron.Start()
    }

The part I'm stuck with the actual code for the RenewDB function, in the spot with the TODO:

type Repo struct {
    db *gorm.DB
}

// FUNCTION 
func (r *Repo) RenewDB(dbConf *config.DbConfig) {
    var err error
    if dbConf.Password, err = CreateAuthToken(dbConf); err != nil {
        panic(fmt.Sprintf("failed at createAuthToken: %s\n", err.Error()))
    }

    //TODO: HOW DO I UPDATE GORM TO USE THE NEW AUTH TOKEN THAT I INSERTED
       // INTO dbConf?
}

//AUTH TOKEN GENERATOR
func CreateAuthToken(dbConf *config.DbConfig) (string, error) {
    awsSession, err := session.NewSession()
    if err != nil {
        return "", err
    }

    authToken, errToken := rdsutils.BuildAuthToken(dbConf.Host, dbConf.AwsRegion, dbConf.Username, awsSession.Config.Credentials)
    if errToken != nil {
        return "", errToken
    }

    return authToken, nil
}

Comment From: song-without-words

Try to put your token in config server like etcd, then read it with hot loading?

Comment From: Osiris1975

@The-Phantom-Of-The-Opera thanks for your response. I updated my original post to clarify what I'm trying to do.

Comment From: song-without-words

@Osiris1975 `// global variable var Db *gorm.DB

func Connect(conf *config.DbConfig) error { var err error // ---snip--- Db, err = gorm.Open("dialect", "url") }

func RenewDb(dbConf *config.DbConfig) { // ---snip Connect() // then use Db to exec sql. }` Is this can work?

Comment From: Osiris1975

@song-without-words thank you for your response. I originally had that solution, or something similar. The problem with this that was pointed out to me is that it isn't thread safe, and it overwrites the entire connection pool and will leave connections open. So many people are using RDS now that it'd be nice if GORM had some built-in support for this.

Comment From: github-actions[bot]

This issue will be automatically closed because it is marked as GORM V1 issue, we have released the public testing GORM V2 release and its documents https://v2.gorm.io/docs/ already, the testing release has been used in some production services for a while, and going to release the final version in following weeks, we are still actively collecting feedback before it, please open a new issue for any suggestion or problem, thank you

Also check out https://github.com/go-gorm/gorm/wiki/GORM-V2-Release-Note-Draft for how to use the public testing version and its changelog

Comment From: rockey5520

Hello @Osiris1975

I am too facing now similar need where my db password rotates at regular intervals and I wonder how you solved this issue from your side to recreate DB connection on detecting this change .

Thanks in advance for the help

Rakesh

Comment From: csamol

Any update @rockey5520 did you get it working?

Comment From: d-rk

see https://stackoverflow.com/a/77287404