Update lib/pq to at least version 1.1.0 to support new postgres encryption scheme #24016
Labels
Comments
|
For others who have found this issue, a work around (without changing the PostgreSQL encryption mechanism back to md5 for the server), you can manually generate the md5 password: |
remilapeyre
added a commit
to remilapeyre/terraform
that referenced
this issue
Nov 11, 2020
This is needed to make it possible to use the scram-sha-256 authentication method for the pg backend. It's not easy to write unit-tests for this since it requires a specific configuration of the PostgreSQL server, I did test it manually thought and everything seems to work like it should. Closes hashicorp#24016
Merged
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
ghost
locked as resolved and limited conversation to collaborators
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
PostgreSQL now supports scram-sha-256 as a password encryption mechanism. Sadly, the version of lib/pq that is currently used by Terraform as of today doesn't support this. However, lib/pq does support this in a newer version. This is actually a deal-breaker right now on databases that support this scheme as you'll get this when using PostgreSQL as a storage backend:
This is documented here. For reference: Terraform currently uses lib/pq version 1.0.0 but 1.1.0 added support for it.
It should, therefore, be as simple as bumping the minor version. I suggest going all the way up to the current version: 1.3.0
The text was updated successfully, but these errors were encountered: