From b70d95cbb90f9d8665a3603bb22aa60e59607a6a Mon Sep 17 00:00:00 2001 From: hsiegeln <37154749+hsiegeln@users.noreply.github.com> Date: Mon, 13 Apr 2026 18:44:32 +0200 Subject: [PATCH] fix: pass database credentials to per-tenant servers via config The DockerTenantProvisioner hardcoded SPRING_DATASOURCE_USERNAME and SPRING_DATASOURCE_PASSWORD as "cameleer" / "cameleer_dev". With the installer generating random passwords, tenant servers failed to connect to PostgreSQL. Add datasourceUsername and datasourcePassword to ProvisioningProperties, pass them from the compose env vars, and use them in the provisioner. Co-Authored-By: Claude Opus 4.6 (1M context) --- docker-compose.yml | 2 ++ installer/install.sh | 2 ++ .../cameleer/saas/provisioning/DockerTenantProvisioner.java | 4 ++-- .../cameleer/saas/provisioning/ProvisioningProperties.java | 2 ++ 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index be509fa..fbebcea 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -127,6 +127,8 @@ services: SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD:-cameleer_dev} CAMELEER_SAAS_IDENTITY_LOGTOENDPOINT: ${LOGTO_ENDPOINT:-http://logto:3001} CAMELEER_SAAS_IDENTITY_LOGTOPUBLICENDPOINT: ${PUBLIC_PROTOCOL:-https}://${PUBLIC_HOST:-localhost} + CAMELEER_SAAS_PROVISIONING_DATASOURCEUSERNAME: ${POSTGRES_USER:-cameleer} + CAMELEER_SAAS_PROVISIONING_DATASOURCEPASSWORD: ${POSTGRES_PASSWORD:-cameleer_dev} CAMELEER_SAAS_PROVISIONING_PUBLICPROTOCOL: ${PUBLIC_PROTOCOL:-https} CAMELEER_SAAS_PROVISIONING_PUBLICHOST: ${PUBLIC_HOST:-localhost} CAMELEER_SAAS_IDENTITY_M2MCLIENTID: ${LOGTO_M2M_CLIENT_ID:-} diff --git a/installer/install.sh b/installer/install.sh index 792556e..075a16a 100644 --- a/installer/install.sh +++ b/installer/install.sh @@ -847,6 +847,8 @@ EOF SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD} CAMELEER_SAAS_IDENTITY_LOGTOENDPOINT: http://logto:3001 CAMELEER_SAAS_IDENTITY_LOGTOPUBLICENDPOINT: ${PUBLIC_PROTOCOL:-https}://${PUBLIC_HOST:-localhost} + CAMELEER_SAAS_PROVISIONING_DATASOURCEUSERNAME: ${POSTGRES_USER:-cameleer} + CAMELEER_SAAS_PROVISIONING_DATASOURCEPASSWORD: ${POSTGRES_PASSWORD} CAMELEER_SAAS_PROVISIONING_PUBLICPROTOCOL: ${PUBLIC_PROTOCOL:-https} CAMELEER_SAAS_PROVISIONING_PUBLICHOST: ${PUBLIC_HOST:-localhost} CAMELEER_SAAS_PROVISIONING_NETWORKNAME: ${COMPOSE_PROJECT_NAME:-cameleer-saas}_cameleer diff --git a/src/main/java/net/siegeln/cameleer/saas/provisioning/DockerTenantProvisioner.java b/src/main/java/net/siegeln/cameleer/saas/provisioning/DockerTenantProvisioner.java index 6ac509f..1c3a2ff 100644 --- a/src/main/java/net/siegeln/cameleer/saas/provisioning/DockerTenantProvisioner.java +++ b/src/main/java/net/siegeln/cameleer/saas/provisioning/DockerTenantProvisioner.java @@ -196,8 +196,8 @@ public class DockerTenantProvisioner implements TenantProvisioner { var env = new java.util.ArrayList<>(List.of( "SPRING_DATASOURCE_URL=" + props.datasourceUrl(), - "SPRING_DATASOURCE_USERNAME=cameleer", - "SPRING_DATASOURCE_PASSWORD=cameleer_dev", + "SPRING_DATASOURCE_USERNAME=" + props.datasourceUsername(), + "SPRING_DATASOURCE_PASSWORD=" + props.datasourcePassword(), "CAMELEER_SERVER_CLICKHOUSE_URL=jdbc:clickhouse://clickhouse:8123/cameleer", "CAMELEER_SERVER_CLICKHOUSE_USERNAME=" + props.clickhouseUser(), "CAMELEER_SERVER_CLICKHOUSE_PASSWORD=" + props.clickhousePassword(), diff --git a/src/main/java/net/siegeln/cameleer/saas/provisioning/ProvisioningProperties.java b/src/main/java/net/siegeln/cameleer/saas/provisioning/ProvisioningProperties.java index 932d0c4..8873a4c 100644 --- a/src/main/java/net/siegeln/cameleer/saas/provisioning/ProvisioningProperties.java +++ b/src/main/java/net/siegeln/cameleer/saas/provisioning/ProvisioningProperties.java @@ -11,6 +11,8 @@ public record ProvisioningProperties( String publicHost, String publicProtocol, String datasourceUrl, + String datasourceUsername, + String datasourcePassword, String clickhouseUrl, String clickhouseUser, String clickhousePassword,