dbeaver
Cant define `CB_ADMIN_NAME` and `CB_ADMIN_PASSWORD` correctly with a predefine `.cloudbeaver.runtime.conf`
Describe the bug
Into a container, with dbeaver/cloudbeaver:prod image, when I try to define CB_ADMIN_NAME and CB_ADMIN_PASSWORD as environment variable, and also mount /opt/cloudbeaver/workspace/.data/.cloudbeaver.runtime.conf as a read-only volume : I can't connect. When I take a look, CB_ADMIN_NAME exist but CB_ADMIN_PASSWORD doesn't seem to be the same because I can't connect with my defined password.
My user/password seems to be defined in database.
To Reproduce Steps to reproduce the behavior:
- Add
CB_ADMIN_NAMEandCB_ADMIN_PASSWORDas a environment variable - mount
.cloudbeaver.runtime.conffile as a volume into your container with the following content (or any content, as long as you defineserver.databasevalues
{
"server": {
"serverName": "CloudBeaver Server",
"serverURL": "https://yyy.xxx.com",
"expireSessionAfterPeriod": 1800000,
"database": {
"createDatabase": true,
"password": "0123456789xyz",
"driver": "postgres-jdbc",
"pool": {
"minIdleConnections": 4.0,
"maxIdleConnections": 10.0,
"maxConnections": 100.0,
"validationQuery": "SELECT 1"
},
"initialDataConfiguration": "conf/initial-data.conf",
"user": "xxx@yyy",
"url": "jdbc:postgresql://yyy.xxx.com:5432/cloudbeaver"
}
},
"app": {
"anonymousAccessEnabled": true,
"supportsCustomConnections": false,
"publicCredentialsSaveEnabled": false,
"adminCredentialsSaveEnabled": true,
"enableReverseProxyAuth": false,
"resourceQuotas": {
"dataExportFileSizeLimit": 1.0E7,
"resourceManagerFileSizeLimit": 500000.0,
"sqlMaxRunningQueries": 100.0,
"sqlResultSetRowsLimit": 100000.0,
"sqlResultSetMemoryLimit": 2000000.0,
"sqlTextPreviewMaxLength": 4096.0,
"sqlBinaryPreviewMaxLength": 261120.0
},
"defaultNavigatorSettings": {},
"enabledFeatures": [],
"enabledAuthProviders": [
"local",
"reverseProxy"
],
"enabledDrivers": [],
"disabledDrivers": [
"sqlite:sqlite_jdbc",
"h2:h2_embedded",
"clickhouse:yandex_clickhouse",
"oracle:oracle_thin",
"db2:db2",
"generic:trino_jdbc",
"jaybird:jaybird",
"clickhouse:com_clickhouse",
"generic:derby_server",
"db2_i:db2_iseries"
]
}
}
- try to connect with your admin credentials once this is available
Additional context
Environment : Kubernetes, using image dbeaver/cloudbeaver:prod
Could you please try to:
- remove
"serverName": "CloudBeaver Server"from.cloudbeaver.runtime.conf - set serverName also as environment variable.
Then run your Cloudbeaver instance.
I'm struggling with this bug too. There is currently no way of skipping the initial setup and I've tried everything... documented and undocumented features.
The only success I had was loading the .cloudbeaver.runtime.conf, but... without defining any user, so I can't login... And if I start to play with "CB_ADMIN_XXX" (env variables in docker, .cloudbeaver.auto.conf) it starts again with the setup phase. Before you ask: yes I drop "serverName" in runtime config...
Please, help us!
Thank you for the description of the problem. Server name has to be explicitely set in run command (you can skip only Server base URL). Could you try to use following comand to skip the Easy Config of a new CloudBeaver instance:
docker run --name {some_name} --rm -ti -p {some_local_port}:8978 -e CB_SERVER_NAME=test -e CB_ADMIN_NAME=test -e CB_ADMIN_PASSWORD=test -v {way_to_empty_local_storage}:/opt/cloudbeaver/workspace dbeaver/cloudbeaver:22.0.4
Hi @kseniiaguzeeva , using only the environment variables (as you suggested) it works as expected: it skips the setup phase and it's possible to login with the user declared in the variables. But... the problem arises when I try to mount a runtime config and setup the admin user via env. I need to disable some drivers and set "simple view" as default, to give you an exact example of my use case.
Is there a way to define the admin user in the runtime config? Is there a way to define runtime settings in the env variables? How can I achieve my goal?
We will investigate a better way to define admin via variable and implement it. Regarding the second question: you already can set variables in the runtime config. If you've already tried without success, could you please give me a config example?
I'm sorry... I didn't understand the question, maybe because I wasn't clear in the first place!
The main problem I have is using both env variables and the runtime config. So I was wondering if there is there a way to define runtime settings (such as "authProvider", "anonymousAccessEnabled", ...) via env variables such as CB_SERVER_NAME. I do not think it's possible.
How i can see, problem is: you want to skip easy-config, but some settings from .cloudbeaver.runtime.conf is overridden and you want to find the way to configure server without easy-config?
@Wroud I would like to skip initial setup and set custom options.
My use case is: I need to disable some drivers and set "simple view" as default AND setup the admin user, skipping the initial config phase
I have also been struggling with something similar. I want to run Cloudbeaver on Kubernetes (Openshift) with some preconfigured settings such as a database connection. But when I map a configmap into one of the folders under /opt/cloudbeaver/workspace it becomes read-only and Cloudbeaver fails to start up.
Based on the documentation I started out with mapping to /opt/cloudbeaver/workspace/.data/.cloudbeaver.runtime.conf as described in https://cloudbeaver.io/docs/Server-configuration/ also with the result that the server could not start up so I changed to mapping into /opt/cloudbeaver/conf/cloudbeaver.conf and then it worked! Except that Cloudbeaver now seemed to ignore the environment variables such as CB_ADMIN_NAME so I couldn't log in. So then I put the admin username and password(!) in a configmap and mapped that to /opt/cloudbeaver/conf/initial-data.conf and it worked again. Until I added the mapping to /opt/cloudbeaver/workspace/GlobalConfiguration/.dbeaver/data-sources.json.
In the following example I have mounted configmaps as files in /opt/cloudbeaver/conf/cloudbeaver.conf and /opt/cloudbeaver/conf/initial-data.conf to overwrite the default settings. I have also mounted /opt/cloudbeaver/workspace/GlobalConfiguration/.dbeaver/data-sources.json in an attempt to create a predefined connection as described in https://cloudbeaver.io/docs/Configuring-server-datasources/ but alas then the server won't start up:
apiVersion: apps/v1
kind: Deploymentspec:
spec:
template:
spec:
containers:
- name: cloudbeaver
image: 'xxx/cloudbeaver:22.1.4'
ports:
- containerPort: 8978
protocol: TCP
env:
- name: CB_SERVER_NAME
value: xxx
- name: CB_SERVER_URL
value: xxx
- name: CB_ADMIN_NAME
value: xxx
envFrom:
- secretRef:
name: cb-admin-password
volumeMounts:
- name: conf
mountPath: "/opt/cloudbeaver/conf/cloudbeaver.conf"
subPath: "cloudbeaver.conf"
- name: initial-data
mountPath: "/opt/cloudbeaver/conf/initial-data.conf"
subPath: "initial-data.conf"
- name: data-sources
mountPath: "/opt/cloudbeaver/workspace/GlobalConfiguration/.dbeaver/data-sources.json"
subPath: "data-sources.json"
volumes:
- name: conf
configMap:
name: cb-config
- name: initial-data
configMap:
name: cb-initial-data
- name: data-sources
configMap:
name: cb-data-sources
The server logs include this when it fails to start up:
13:04:16.533 [main] DEBUG o.j.d.registry.EclipseWorkspaceImpl - Refreshing workspace contents
13:04:16.643 [main] ERROR o.j.d.registry.EclipseWorkspaceImpl - Can't create default project
org.eclipse.core.runtime.CoreException: Parent of resource: /opt/cloudbeaver/workspace/GlobalConfiguration/.project is marked as read-only.
Maybe I'm reading the documentation wrong or maybe this was just not meant for k8s where configmap volumes are read-only?
What is the best way to configure predefined settings on k8s? Please also consider that it would be best to have passwords stored as secrets.
UPDATE: The server does actually start up fine when mapping to /opt/cloudbeaver/workspace/GlobalConfiguration/.dbeaver/data-sources.json in spite of the error message.
@riccardomessineo we will make possible to set admin via the configuration file.
@jonpalle Thank you for the report. It looks like another issue. Could you please create a separate ticket? We will give an answer or fix the bug after its investigation.
The request is implemented.
I. Variables can be set in .cloudbeaver.runtime.conf.
II. In order to set a Navigator view, available drivers, anonymous access and admin credentials do following:
- Create .cloudbeaver.runtime.conf in .data folder in your workspace and set there
- Available drivers
- Anonymous access
- Navigator view
- Do not set the server name in the file
- server name
- admin name
- admin password
e.g.
docker run --name cloudbeaver --rm -ti -p 8978:8978 -e CB_SERVER_NAME=test -e CB_ADMIN_NAME=test -e CB_ADMIN_PASSWORD=test -v C:\var\cloudbeaver\workspace:/opt/cloudbeaver/workspace dbeaver/cloudbeaver:22.2.3