Database backend – broken Postgres config

[vliubko]

Describe the bug
Trying to setup Postgres Backend from official guide https://www.vaultproject.io/docs/secrets/databases/postgresql.html and getting an pg error.
My password contains symbol # and that seems an error for parsing (or validation) of my config.

To Reproduce
Steps to reproduce the behavior:

1. Run vault secrets enable database
2. Run vault write database/config/my-postgresql-database \ plugin_name=postgresql-database-plugin \ allowed_roles="my-role" \ connection_url="postgresql://{{username}}:{{password}}@localhost:5432/" \ username="root" \ password="root#"
3. See error

* error creating database object: error verifying connection: pq: Could not detect default username. Please provide one explicitly

Expected behavior
My PostgreSQL allows me symbol # in password. I spent a lot of time finding what exactly broken my config :)

Environment:

• Vault Server Version (retrieve with vault status): 1.1.2
• Vault CLI Version (retrieve with vault version): v1.1.2 ('0082501623c0b704b87b1fbc84c2d725994bac54')
• Server Operating System/Architecture: Vault server in k8s from helm chart https://github.com/helm/charts/tree/master/incubator/vault
  Vault client MacOS

[ncabatoff]

I think the issue is that the # character has special meaning in URLs. So because we create a connection_url and expand {{password}} to be something with a #, that breaks parsing of the expanded URL. I don't see any potential workaround here, other than not using that character.

[vliubko]

Found it's lib/pq issue.

lib/pq#787

[michelvocks]

I'm going to close this issue since this has been fixed with #7089.