Vault Issue caused by passing nil check

[aberinnj]

• Added a minor patch correcting the if-check for retrieving the username and password

time=2025-08-06T17:23:07.779Z level=INFO source=main.go:75 msg="FREE_INTERVAL end var is not present, will not periodically attempt to release memory"
time=2025-08-06T17:23:07.779Z level=INFO source=main.go:82 msg="RESTART_INTERVAL env var is not present, so will not restart myself periodically"
time=2025-08-06T17:23:07.779Z level=WARN source=config.go:175 msg="Configuring default database from CLI parameters is deprecated. Use of the '--config.file' argument is preferred. See https://github.com/oracle/oracle-db-appdev-monitoring?tab=readme-ov-file#standalone-binary"
time=2025-08-06T17:23:07.779Z level=INFO source=collector.go:54 msg="Initializing database" database=default
2025/08/06 17:23:12 Error returned by Secrets Service. Http Status Code: 400. Error Code: InvalidParameter. Opc request id: 2d9890aa915e8e2db177b62feb747771/6BAFA3D27E147ACC438756428D483DB5/5B97EA4B1A433CEEE2B6E7BCD3964F20. Message: query param secretName size must be between 1 and 255
Operation Name: GetSecretBundleByName
Timestamp: 2025-08-06 17:23:13 +0000 GMT
Client Version: Oracle-GoSDK/65.93.2
Request Endpoint: POST https://secrets.vaults.us-phoenix-1.oci.oraclecloud.com/20190301/secretbundles/actions/getByName?secretName=&vaultId=ocid1.vault.oc1.phx.eftfoyniaaahc.abyhqljstqhm23hznw7uanvqdcxrs4k34fspg5jg7cw3zylez5t5uzizb3fq
Troubleshooting Tips: See https://docs.oracle.com/iaas/Content/API/References/apierrors.htm#apierrors_400__400_invalidparameter for more information about resolving this error.
Also see https://docs.oracle.com/iaas/api/#/en/secretretrieval/20190301/SecretBundle/GetSecretBundleByName for details on this operation's requirements.
To get more info on the failing request, you can set OCI_GO_SDK_DEBUG env var to info or higher level to log the request/response details.
If you are unable to resolve this Secrets issue, please contact Oracle support and provide them this full error message.

Expected Behavior

Only the password secret is provided, retrieve only the password.

Actual Behavior

Both username and password are being retrieved, when only the password details is provided.
The second check without the necessary secretName causes the error in the Vault Request.

The Issue

The check here will cause an issue, if OCIConfig is defined, even with just the VaultID and now username or password secrets -- causing the nil check here to pass and therefore request the username and password from the vault.

[aberinnj]

In the config.go

		dbconfig.Vault = &VaultConfig{
			OCI: &OCIVault{
				ID: ociVaultID,
				// For the CLI, only the password may be loaded from a secret. If you need to load
				// both the username and password from OCI Vault, use the exporter configuration file.
				PasswordSecret: os.Getenv("OCI_VAULT_SECRET_NAME"),
			},
		}

tells me the Username will always be an empty string, perhaps we need to replace the environment variables first and add one for username in order to support username retrieval from the vault.

[andytael]

@aberinnj If you need to load both the username and password from OCI Vault, use the exporter configuration file.

[aberinnj]

@andytael I don't, only the password, hence the issue. I think the problem will remain given the code referenced

[andytael]

Wonder if this is the same problem #286

[aberinnj]

@andytael Yes, same issue, same problem caused by the same issue above, a vault request for the username is made when no username secret is supplied, leading to the an empty secretName in the POST

[andytael]

@aberinnj Have you tested this in your environment and it works as expected?