f601cfccf1
In the bug, a user tried setting a devstack password with a "@" in it. As it turns out, sqlalchmey turns the connection-string into a sqlalchemy.engine.url.URL object [1] which returns a RFC1738 quoted string. However, alembic's set_main_option [2] uses python string-interpolation which interprets '%' characters. This means you end up with an interpolation traceback when using any quoted character (':@/') in a user/password (more likely password). Avoid this by ensuring the URL is safe for python interpolation in set_main_option by replacing '%' -> '%%'. I convinced myself this is safe because sqlalchemy correctly parses the quoted and unquoted versions just the same --- >>> str(sqlalchemy.engine.url.make_url('mysql+pymysql://foo:crazy:@/pw@/moo')) 'mysql+pymysql://foo:crazy%3A%40%2Fpw@/moo' >>> str(sqlalchemy.engine.url.make_url('mysql+pymysql://foo:crazy%3A%40%2Fpw@/moo')) 'mysql+pymysql://foo:crazy%3A%40%2Fpw@/moo' --- A test is added [1] https://github.com/zzzeek/sqlalchemy/blob/master/lib/sqlalchemy/engine/url.py [2] http://alembic.zzzcomputing.com/en/latest/api/config.html#alembic.config.Config.set_main_option Change-Id: I3ef7e3e539e35ce040573f2044ab6eb3c990200a Closes-Bug: #1695299 |
||
---|---|---|
.. | ||
alembic_migrations | ||
metadef_api | ||
migrate_repo | ||
__init__.py | ||
api.py | ||
metadata.py | ||
models.py | ||
models_metadef.py |