Oracle exp dump, compressed with gzip

Oracle exp does not support immediate compression of dump files, AFAIK. A neat way to achieve this, and to avoid filling your HD with unnecessary GBs, is to use Unix/Linux FIFO special files:

mknod my_schema.dmp p
gzip < my_schema.dmp > my_schema.dmp.gz &
exp system/system@XE owner=my_schema file=my_schema.dmp
rm my_schema.dmp
Posted in Dev

Poor man’s password encryption in OpenShift

We all know that Spring’s config server is the latest hype. Some people don’t find it very amusing to store credentials for production environments as plain text in a Git repo that also hosts dev/test environment configs and is hence readable by anyone.

The solution Spring uses (in the simplest variant), is to store such credentials in encrypted form in Git, then serve them to clients unencrypted. The encrypted values look like this: {cipher}U2FsdGVkX18ZpAC0I1eoChSMTU/2p/jsp2KoHpnnVFI=, and they are decrypted with a (symmetric) key provided as an environment variable ENCRYPT_KEY.

We don’t use Spring config server (yet), however we face a similar problem in our OpenShift environment. Currently, all .yml config files for OpenShift projects are stored as plain text in Git. And DB credentials are passed to our Pods as environment variables which are stored in those .yml files.

Here’s an idea borrowing from Spring’s config server to solve this issue. What we achieve:

  • We store the environment variable DB_PASS in encrypted form in the .yml file.
  • We decrypt its value in a shell script used for starting our app, and pass it to the app unencrypted.

And here’s some Bash code:

$ CIPHER_KEY=123abc
$ DB_PASS="{cipher}$(echo affenscheisse | openssl aes-256-cbc -a -salt -pass pass:$CIPHER_KEY)"
$ echo $DB_PASS
$ if [[ $DB_PASS == {cipher}* ]]; then DB_PASS=$(echo ${DB_PASS#\{cipher\}} | openssl aes-256-cbc -a -salt -d -pass pass:$CIPHER_KEY); fi
$ echo $DB_PASS

Now here’s the question: aren’t we back at square one? How do we pass CIPHER_KEY into the Pod without storing it in plain text in the .yml file? 😀

Posted in Dev

Simple encrypt and decrypt with openssl

pi@raspi2:~ $ echo affenscheisse | openssl aes-256-cbc -a -salt -pass pass:123 | openssl aes-256-cbc -d -a -pass pass:123

pi@raspi2:~ $ echo affenscheisse > /tmp/secret; openssl aes-256-cbc -a -salt -pass pass:123 -in /tmp/secret -out /tmp/secret.enc; openssl aes-256-cbc -in /tmp/secret.enc -d -a -pass pass:123
Posted in Dev

Oracle create new user

I always forget, so here it is for copy&paste:

create user foo identified by foos_password default tablespace users temporary tablespace temp;
grant create session, create table, create trigger, create sequence, create procedure, create view to foo;
grant unlimited tablespace to foo;

Someone told me that

grant resource to foo;

Will suffice and includes create table and friends. I haven’t tried it yet.

Posted in Dev

Spring @RestController with logging interceptor

I recently had to add a (logging) interceptor to a Spring @RestController.
To do so, I needed to declare an explicit HandlerMapping, to which I added the interceptor. Funnily, if you do that, the HandlerAdapters that Spring usually registers by default are gone as well. Therefore, I had to declare them, too:

<!-- The handlerMapping allows us to add interceptors to our RestControllers -->
    <bean id="handlerMappingVerkauf"
        <property name="interceptors">
                <ref bean="verkaufRestLoggingInterceptor"/>
    <!-- A HandlerAdapter is usually registered by default. But if a handlerMapping is explicitly declared, a 
    	 handlerAdapter must be declared as well.
    <bean id="handlerAdapterVerkauf"

Found the solution here:

Posted in Dev

Context sensitivity in the Python parser

Not sure if context sensitivity is the proper term here, but this really took me some minutes to understand:
Running the following script

X = 1
def foo():
X = 0

leads to

UnboundLocalError: local variable 'X' referenced before assignment

Why? Because X is assigned in foo, but is not declared global. Hence, Python introduces it as a local variable. Reading a local variable before assignment raises an UnboundLocalError. Wow.

Posted in Dev

Create user in Oracle

Done a million times, always forget the exact syntax and statements.

create user dw identified by password default tablespace users temporary tablespace temp;
grant unlimited tablespace to dw;
grant create session, create table, create trigger, create sequence, create procedure to dw;
Posted in Dev