Credentials has been presented into plain text into the discovery log and information for CDB/PDB and DB size is not populated.


Description

Credentials has been presented into plain text into the discovery log and information for CDB/PDB and DB size is not populated.

The following issues were observed before implementing a fix to the identification section of the pattern "Oracle DB on Unix"

  1. tnsnames.ora config file with different file structure and not located under default location was not parsed for all of the scenarios resulting to inconsistent results in table "defined_services".
  2. Table "cmdb_ci_db_instance_size" was populated separately into two extension sections "Get Oracle Instance size info" and "Get Oracle PDB info if exit" resulting to overwriting of the Size results, because the extension sections are independent from each other, doesn't inherit the results.
  3. Values for columns "Host name"; "Instance name"; "DB Name"; "DB Unique Name"; "Replication Enabled" were not collected (as per enhancement request).
  4. PDB sizes were not populated due to missing authentication into the EVAL script for Size information
  5. Credentials were parsed in plain text (when the SQL query was not authenticated successfully ) into the discovery log due to iteration of the credentials in EVAL script.

Steps to Reproduce

1. Run discovery against Linux server with Oracle DB.
2. Validate that pattern "Oracle DB On Unix" is triggered .
2. Navigate to horizontal discovery log.
3. Point step "populate size info for pdb" from extension section "Get Oracle PDB info if exit".
4. Observe the credentials are visible in a human readable format (plain text).

5. Navigate to table "cmdb_ci_db_ora_pdb_instance" information for PDB instances is not populated 

Workaround

  1. Removed the parsing of the tnsnames.ora file from the extension sections populating "defined_services" table, instead the parsing and the filtering is done into the identification section "Identification for Oracle DB entry point type(s) - no instance"
  2. Removed extension section "Get Oracle PDB info if exit", this is now shared library, part of extension section "Get Oracle Instance size info"
  3. Introduced new extension section "Extend Oracle Instance" for gathering additional attributes for the main Oracle table "cmdb_ci_db_ora_instance" such as "Host name"; "Instance name"; "DB Name"; "DB Unique Name"; "Replication type".
  4. The EVAL script was modified to check hide the credentials and of the response of the SQL query is unsuccessful, only error message to be displayed into the discovery log


The modified extension sections will be released as part of application "Discovery and Service Mapping Patterns" October release (Store version 1.0.70). As all the SQL queries are dependent from data coming from the identification section "Identification for Oracle DB entry point type(s) - no instance" of the pattern "Oracle DB on UNIX" which will be released for Quebec release and back-ported for Orlando patch 8 and Paris patch 2, all the customers using different releases before the mentioned should install the following modified pattern attached to the current KB article.

1. In the filter navigator type: sa_pattern.list

2. When you are in the view, right click on the "Name" column

3. Choose "Import XML" from the list

4. The following page appears:

5. Ensure that you are in the "Global" application

6. Choose one of the two files attached to the KB article (sa_pattern_28d607dbfead4be3887c843814455105.xml; sa_pattern_90eac2bedb021810a2713342399619c8.xml).

7. Upload the XML file.

8. Repeat the same procedure for the second XML file.

9. Navigate to pattern "Oracle DB on Unix" and open indetification section "Identification for Oracle DB entry point type(s) - no instance", verify that the changes are applied.


Related Problem: PRB1414686