diff --git a/ingestion/src/metadata/ingestion/source/database/oracle/connection.py b/ingestion/src/metadata/ingestion/source/database/oracle/connection.py index d5d62bd34eec..da5f2c93dc29 100644 --- a/ingestion/src/metadata/ingestion/source/database/oracle/connection.py +++ b/ingestion/src/metadata/ingestion/source/database/oracle/connection.py @@ -13,10 +13,18 @@ Source connection handler """ +import base64 +import binascii +import io import os +import shutil import sys +import tempfile +import weakref +import zipfile from copy import deepcopy -from typing import Optional +from pathlib import Path +from typing import Any, Optional from urllib.parse import quote_plus import oracledb @@ -28,13 +36,14 @@ Workflow as AutomationWorkflow, ) from metadata.generated.schema.entity.services.connections.database.oracleConnection import ( - OracleConnection as OracleConnectionConfig, -) -from metadata.generated.schema.entity.services.connections.database.oracleConnection import ( + OracleAutonomousConnection, OracleDatabaseSchema, OracleServiceName, OracleTNSConnection, ) +from metadata.generated.schema.entity.services.connections.database.oracleConnection import ( + OracleConnection as OracleConnectionConfig, +) from metadata.generated.schema.entity.services.connections.testConnectionResult import ( TestConnectionResult, ) @@ -42,6 +51,7 @@ create_generic_db_connection, get_connection_args_common, get_connection_options_dict, + init_empty_connection_arguments, ) from metadata.ingestion.connections.connection import BaseConnection from metadata.ingestion.connections.secrets import connection_with_options_secrets @@ -68,24 +78,163 @@ class OracleConnection(BaseConnection[OracleConnectionConfig, Engine]): def __init__(self, connection: OracleConnectionConfig): super().__init__(connection) + self._wallet_temp_dir: str | None = None + self._wallet_cleanup_finalizer: Any = None + + def _set_wallet_temp_dir(self, wallet_temp_dir: str) -> None: + self._cleanup_wallet_temp_dir() + self._wallet_temp_dir = wallet_temp_dir + self._wallet_cleanup_finalizer = weakref.finalize( + self, + shutil.rmtree, + wallet_temp_dir, + ignore_errors=True, + ) + + def _cleanup_wallet_temp_dir(self) -> None: + wallet_temp_dir = self._wallet_temp_dir + if self._wallet_cleanup_finalizer and self._wallet_cleanup_finalizer.alive: + self._wallet_cleanup_finalizer() + elif wallet_temp_dir: + shutil.rmtree(wallet_temp_dir, ignore_errors=True) + + self._wallet_cleanup_finalizer = None + self._wallet_temp_dir = None + + def _is_autonomous_connection(self) -> bool: + return isinstance(self.service_connection.oracleConnectionType, OracleAutonomousConnection) + + @staticmethod + def _safe_extract_wallet_archive(zip_ref: zipfile.ZipFile, target_dir: str) -> None: + target_root = Path(target_dir).resolve() + + for member in zip_ref.infolist(): + member_path = (target_root / member.filename).resolve() + + if member_path != target_root and target_root not in member_path.parents: + raise ValueError("Invalid walletContent. Wallet zip contains unsafe file paths.") + + if member.is_dir(): + OracleConnection._mkdir_secure_within(member_path, target_root) + continue + + OracleConnection._mkdir_secure_within(member_path.parent, target_root) + with ( + zip_ref.open(member, "r") as source_file, + open( + member_path, + "wb", + opener=lambda path, flags: os.open(path, flags, 0o600), + ) as target_file, + ): + shutil.copyfileobj(source_file, target_file) + + @staticmethod + def _mkdir_secure_within(path: Path, root: Path) -> None: + """Create path and any intermediate dirs with 0o700, only within root.""" + if path == root: + return + if root not in path.parents: + raise ValueError(f"Refusing to create {path}: outside wallet root {root}.") + + current_path = root + for part in path.relative_to(root).parts: + current_path = current_path / part + try: + current_path.mkdir(mode=0o700, exist_ok=False) + except FileExistsError as exc: + if current_path.is_dir(): + continue + raise ValueError( + f"Invalid walletContent. Expected directory path but found existing file: {current_path}" + ) from exc + current_path.chmod(0o700) + + def _extract_wallet_content(self, wallet_content: SecretStr) -> str: + # Strip whitespace/newlines so wrapped base64 (e.g. from `base64 -i` on macOS, + # which inserts line breaks every 76 chars) decodes the same as a single line. + sanitized = "".join(wallet_content.get_secret_value().split()) + try: + decoded_wallet = base64.b64decode(sanitized, validate=True) + except (binascii.Error, TypeError) as exc: + raise ValueError("Invalid walletContent. Expected a base64-encoded wallet zip.") from exc + + wallet_temp_dir = tempfile.mkdtemp(prefix="oracle_wallet_") + self._set_wallet_temp_dir(wallet_temp_dir) + + try: + with zipfile.ZipFile(io.BytesIO(decoded_wallet)) as zip_ref: + self._safe_extract_wallet_archive(zip_ref, wallet_temp_dir) + except zipfile.BadZipFile as exc: + self._cleanup_wallet_temp_dir() + raise ValueError("Invalid walletContent. Expected a valid zip archive.") from exc + except Exception: + self._cleanup_wallet_temp_dir() + raise + + return wallet_temp_dir + + def _configure_autonomous_connection_arguments(self) -> None: + autonomous_connection = self.service_connection.oracleConnectionType + if not isinstance(autonomous_connection, OracleAutonomousConnection): + return + + if not self.service_connection.connectionArguments: + self.service_connection.connectionArguments = init_empty_connection_arguments() + if self.service_connection.connectionArguments.root is None: + self.service_connection.connectionArguments.root = {} + + connection_arguments: dict[str, Any] = self.service_connection.connectionArguments.root + + wallet_path = autonomous_connection.walletPath + if autonomous_connection.walletContent: + if self._wallet_temp_dir and Path(self._wallet_temp_dir).is_dir(): + wallet_path = self._wallet_temp_dir + else: + wallet_path = self._extract_wallet_content(autonomous_connection.walletContent) + else: + self._cleanup_wallet_temp_dir() + + if not wallet_path: + raise ValueError("Oracle Autonomous connections require either walletPath or walletContent.") + + connection_arguments["config_dir"] = wallet_path + connection_arguments["wallet_location"] = wallet_path + + if autonomous_connection.walletPassword: + connection_arguments["wallet_password"] = autonomous_connection.walletPassword.get_secret_value() + else: + connection_arguments.pop("wallet_password", None) + + def _uses_inline_wallet_content(self) -> bool: + connection_type = self.service_connection.oracleConnectionType + return bool(isinstance(connection_type, OracleAutonomousConnection) and connection_type.walletContent) def _get_client(self) -> Engine: """ Create connection """ + self._configure_autonomous_connection_arguments() + + if not self._is_autonomous_connection(): + try: + if self.service_connection.instantClientDirectory: + logger.info(f"Initializing Oracle thick client at {self.service_connection.instantClientDirectory}") + os.environ[LD_LIB_ENV] = self.service_connection.instantClientDirectory + oracledb.init_oracle_client(lib_dir=self.service_connection.instantClientDirectory) + except DatabaseError as err: + logger.info(f"Could not initialize Oracle thick client: {err}") + try: - if self.service_connection.instantClientDirectory: - logger.info(f"Initializing Oracle thick client at {self.service_connection.instantClientDirectory}") - os.environ[LD_LIB_ENV] = self.service_connection.instantClientDirectory - oracledb.init_oracle_client(lib_dir=self.service_connection.instantClientDirectory) - except DatabaseError as err: - logger.info(f"Could not initialize Oracle thick client: {err}") - - return create_generic_db_connection( - connection=self.service_connection, - get_connection_url_fn=self.get_connection_url, - get_connection_args_fn=get_connection_args_common, - ) + return create_generic_db_connection( + connection=self.service_connection, + get_connection_url_fn=self.get_connection_url, + get_connection_args_fn=get_connection_args_common, + ) + except Exception: + if self._uses_inline_wallet_content(): + self._cleanup_wallet_temp_dir() + raise def test_connection( self, @@ -139,6 +288,8 @@ def get_connection_dict(self) -> dict: connection_dict["database"] = connection_copy.oracleConnectionType.oracleServiceName elif isinstance(connection_copy.oracleConnectionType, OracleTNSConnection): connection_dict["host"] = connection_copy.oracleConnectionType.oracleTNSConnection + elif isinstance(connection_copy.oracleConnectionType, OracleAutonomousConnection): + connection_dict["host"] = connection_copy.oracleConnectionType.tnsAlias # Add connection options if present if connection_copy.connectionOptions and connection_copy.connectionOptions.root: @@ -191,6 +342,10 @@ def _handle_connection_type(url: str, connection: OracleConnectionConfig) -> str url += connection.oracleConnectionType.oracleTNSConnection return url + if isinstance(connection.oracleConnectionType, OracleAutonomousConnection): + url += connection.oracleConnectionType.tnsAlias + return url + # If not TNS, we add the hostPort url += connection.hostPort diff --git a/ingestion/tests/unit/test_source_connection.py b/ingestion/tests/unit/test_source_connection.py index 5a253db733d1..5a80ef5fd625 100644 --- a/ingestion/tests/unit/test_source_connection.py +++ b/ingestion/tests/unit/test_source_connection.py @@ -9,7 +9,13 @@ # See the License for the specific language governing permissions and # limitations under the License. +import base64 +import io +import tempfile +import zipfile +from pathlib import Path from unittest import TestCase +from unittest.mock import patch from trino.auth import BasicAuthentication, JWTAuthentication, OAuth2Authentication @@ -75,14 +81,15 @@ MySQLScheme, ) from metadata.generated.schema.entity.services.connections.database.oracleConnection import ( - OracleConnection as OracleConnectionConfig, -) -from metadata.generated.schema.entity.services.connections.database.oracleConnection import ( + OracleAutonomousConnection, OracleDatabaseSchema, OracleScheme, OracleServiceName, OracleTNSConnection, ) +from metadata.generated.schema.entity.services.connections.database.oracleConnection import ( + OracleConnection as OracleConnectionConfig, +) from metadata.generated.schema.entity.services.connections.database.pinotDBConnection import ( PinotDBConnection, PinotDBScheme, @@ -1248,7 +1255,7 @@ def test_oracle_url(self): hostPort="localhost:1541", scheme=OracleScheme.oracle_cx_oracle, oracleConnectionType=OracleDatabaseSchema(databaseSchema="testdb"), - connectionOptions=dict(test_key_1="test_value_1", test_key_2="test_value_2"), # noqa: C408 + connectionOptions={"test_key_1": "test_value_1", "test_key_2": "test_value_2"}, ) assert OracleConnection.get_connection_url(oracle_conn_obj) in expected_url @@ -1264,7 +1271,7 @@ def test_oracle_url(self): hostPort="localhost:1541", scheme=OracleScheme.oracle_cx_oracle, oracleConnectionType=OracleServiceName(oracleServiceName="testdb"), - connectionOptions=dict(test_key_1="test_value_1", test_key_2="test_value_2"), # noqa: C408 + connectionOptions={"test_key_1": "test_value_1", "test_key_2": "test_value_2"}, ) assert OracleConnection.get_connection_url(oracle_conn_obj) in expected_url @@ -1282,6 +1289,210 @@ def test_oracle_url(self): ) assert OracleConnection.get_connection_url(oracle_conn_obj) == expected_url + expected_url = "oracle+cx_oracle://admin:password@myadb_high" + oracle_conn_obj = OracleConnectionConfig( + username="admin", + password="password", + oracleConnectionType=OracleAutonomousConnection( + tnsAlias="myadb_high", + walletPath="/tmp/my_wallet", + ), + ) + assert OracleConnection.get_connection_url(oracle_conn_obj) == expected_url + + expected_url = [ + "oracle+cx_oracle://admin:password@myadb_high?test_key_2=test_value_2&test_key_1=test_value_1", + "oracle+cx_oracle://admin:password@myadb_high?test_key_1=test_value_1&test_key_2=test_value_2", + ] + oracle_conn_obj = OracleConnectionConfig( + username="admin", + password="password", + oracleConnectionType=OracleAutonomousConnection( + tnsAlias="myadb_high", + walletPath="/tmp/my_wallet", + ), + connectionOptions={"test_key_1": "test_value_1", "test_key_2": "test_value_2"}, + ) + assert OracleConnection.get_connection_url(oracle_conn_obj) in expected_url + + @patch("metadata.ingestion.source.database.oracle.connection.oracledb.init_oracle_client") + @patch("metadata.ingestion.source.database.oracle.connection.create_generic_db_connection") + def test_oracle_autonomous_wallet_path_args(self, mock_create_generic_db_connection, mock_init_oracle_client): + connection = OracleConnectionConfig( + username="admin", + password="password", + instantClientDirectory="/instantclient", + oracleConnectionType=OracleAutonomousConnection( + tnsAlias="myadb_high", + walletPath="/tmp/my_wallet", + walletPassword="wallet_password", + ), + ) + oracle_connection = OracleConnection(connection) + mock_create_generic_db_connection.return_value = "dummy_engine" + + oracle_connection._get_client() + + assert mock_init_oracle_client.call_count == 0 + assert oracle_connection.service_connection.connectionArguments.root["config_dir"] == "/tmp/my_wallet" + assert oracle_connection.service_connection.connectionArguments.root["wallet_location"] == "/tmp/my_wallet" + assert oracle_connection.service_connection.connectionArguments.root["wallet_password"] == "wallet_password" + + @patch("metadata.ingestion.source.database.oracle.connection.create_generic_db_connection") + def test_oracle_autonomous_wallet_content_args(self, mock_create_generic_db_connection): + wallet_bytes = io.BytesIO() + with zipfile.ZipFile(wallet_bytes, "w", zipfile.ZIP_DEFLATED) as zip_file: + zip_file.writestr("tnsnames.ora", "MYADB_HIGH=(DESCRIPTION=...)") + + encoded_wallet = base64.b64encode(wallet_bytes.getvalue()).decode("utf-8") + + connection = OracleConnectionConfig( + username="admin", + password="password", + oracleConnectionType=OracleAutonomousConnection( + tnsAlias="myadb_high", + walletContent=encoded_wallet, + ), + ) + oracle_connection = OracleConnection(connection) + mock_create_generic_db_connection.return_value = "dummy_engine" + + oracle_connection._get_client() + + wallet_dir = Path(oracle_connection.service_connection.connectionArguments.root["config_dir"]) + assert wallet_dir.is_dir() + assert (wallet_dir / "tnsnames.ora").exists() + + # Repeated _get_client calls should reuse the same extracted wallet directory. + oracle_connection._get_client() + assert oracle_connection.service_connection.connectionArguments.root["config_dir"] == str(wallet_dir) + + oracle_connection._cleanup_wallet_temp_dir() + assert not wallet_dir.exists() + + @patch("metadata.ingestion.source.database.oracle.connection.create_generic_db_connection") + def test_oracle_autonomous_wallet_content_cleanup_on_connection_failure(self, mock_create_generic_db_connection): + wallet_bytes = io.BytesIO() + with zipfile.ZipFile(wallet_bytes, "w", zipfile.ZIP_DEFLATED) as zip_file: + zip_file.writestr("tnsnames.ora", "MYADB_HIGH=(DESCRIPTION=...)") + + encoded_wallet = base64.b64encode(wallet_bytes.getvalue()).decode("utf-8") + connection = OracleConnectionConfig( + username="admin", + password="password", + oracleConnectionType=OracleAutonomousConnection( + tnsAlias="myadb_high", + walletContent=encoded_wallet, + ), + ) + oracle_connection = OracleConnection(connection) + wallet_dir = None + + def raise_connection_error(**kwargs): + nonlocal wallet_dir + wallet_dir = kwargs["connection"].connectionArguments.root["config_dir"] + raise RuntimeError("engine creation failed") + + mock_create_generic_db_connection.side_effect = raise_connection_error + + with self.assertRaises(RuntimeError): + oracle_connection._get_client() + + assert wallet_dir is not None + assert not Path(wallet_dir).exists() + assert oracle_connection._wallet_temp_dir is None + + @patch("metadata.ingestion.source.database.oracle.connection.create_generic_db_connection") + def test_oracle_autonomous_wallet_content_zip_slip_rejected(self, mock_create_generic_db_connection): + wallet_bytes = io.BytesIO() + with zipfile.ZipFile(wallet_bytes, "w", zipfile.ZIP_DEFLATED) as zip_file: + zip_file.writestr("../malicious.txt", "malicious") + + encoded_wallet = base64.b64encode(wallet_bytes.getvalue()).decode("utf-8") + + connection = OracleConnectionConfig( + username="admin", + password="password", + oracleConnectionType=OracleAutonomousConnection( + tnsAlias="myadb_high", + walletContent=encoded_wallet, + ), + ) + oracle_connection = OracleConnection(connection) + mock_create_generic_db_connection.return_value = "dummy_engine" + + with self.assertRaises(ValueError) as error: + oracle_connection._get_client() + + assert "unsafe file paths" in str(error.exception) + assert oracle_connection._wallet_temp_dir is None + + @patch("metadata.ingestion.source.database.oracle.connection.create_generic_db_connection") + def test_oracle_autonomous_wallet_content_invalid_base64_rejected(self, mock_create_generic_db_connection): + connection = OracleConnectionConfig( + username="admin", + password="password", + oracleConnectionType=OracleAutonomousConnection( + tnsAlias="myadb_high", + walletContent="Zm9v$", + ), + ) + oracle_connection = OracleConnection(connection) + mock_create_generic_db_connection.return_value = "dummy_engine" + + with self.assertRaises(ValueError) as error: + oracle_connection._get_client() + + assert "base64-encoded wallet zip" in str(error.exception) + assert oracle_connection._wallet_temp_dir is None + + def test_oracle_mkdir_secure_within_rejects_path_outside_root(self): + # _safe_extract_wallet_archive validates containment before calling + # _mkdir_secure_within, but the helper must also be defensive on its own + # so a future caller cannot accidentally trigger an unbounded recursion + # (or worse, write outside the wallet temp dir). + root = Path(tempfile.mkdtemp(prefix="oracle_wallet_root_")) + outside = Path(tempfile.mkdtemp(prefix="oracle_wallet_outside_")) / "evil" + try: + with self.assertRaises(ValueError) as error: + OracleConnection._mkdir_secure_within(outside, root) + assert "outside wallet root" in str(error.exception) + assert not outside.exists() + finally: + import shutil + + shutil.rmtree(root, ignore_errors=True) + shutil.rmtree(outside.parent, ignore_errors=True) + + @patch("metadata.ingestion.source.database.oracle.connection.create_generic_db_connection") + def test_oracle_autonomous_wallet_content_accepts_wrapped_base64(self, mock_create_generic_db_connection): + # macOS `base64 -i` wraps lines every 76 chars; ensure ingestion strips + # whitespace before decoding so users do not have to. + wallet_bytes = io.BytesIO() + with zipfile.ZipFile(wallet_bytes, "w", zipfile.ZIP_DEFLATED) as zip_file: + zip_file.writestr("tnsnames.ora", "MYADB_HIGH=(DESCRIPTION=...)") + + raw = base64.b64encode(wallet_bytes.getvalue()).decode("utf-8") + wrapped = "\n".join(raw[i : i + 76] for i in range(0, len(raw), 76)) + "\n" + + connection = OracleConnectionConfig( + username="admin", + password="password", + oracleConnectionType=OracleAutonomousConnection( + tnsAlias="myadb_high", + walletContent=wrapped, + ), + ) + oracle_connection = OracleConnection(connection) + mock_create_generic_db_connection.return_value = "dummy_engine" + + oracle_connection._get_client() + + wallet_dir = Path(oracle_connection.service_connection.connectionArguments.root["config_dir"]) + assert (wallet_dir / "tnsnames.ora").exists() + + oracle_connection._cleanup_wallet_temp_dir() + def test_exasol_url(self): from metadata.ingestion.source.database.exasol.connection import ( get_connection_url, diff --git a/openmetadata-spec/src/main/resources/json/schema/entity/services/connections/database/oracleConnection.json b/openmetadata-spec/src/main/resources/json/schema/entity/services/connections/database/oracleConnection.json index 307b1531be8e..e7ad356d6a79 100644 --- a/openmetadata-spec/src/main/resources/json/schema/entity/services/connections/database/oracleConnection.json +++ b/openmetadata-spec/src/main/resources/json/schema/entity/services/connections/database/oracleConnection.json @@ -63,6 +63,37 @@ "required": [ "oracleTNSConnection" ] + }, + "OracleAutonomousConnection": { + "title": "Oracle Autonomous Connection", + "type": "object", + "properties": { + "tnsAlias": { + "title": "TNS Alias", + "description": "Service alias defined in the wallet tnsnames.ora file, such as myadb_high.", + "type": "string" + }, + "walletPath": { + "title": "Wallet Path", + "description": "Path to the extracted Oracle wallet directory on the ingestion host.", + "type": "string" + }, + "walletContent": { + "title": "Wallet Content", + "description": "Base64-encoded Oracle wallet zip content. OpenMetadata tolerates embedded whitespace and line breaks when decoding, so both wrapped and unwrapped base64 are accepted. For Docker/Kubernetes, a single unwrapped line is still recommended for easier copy/paste and environment variable usage: download the wallet zip from Oracle Cloud Console and encode it without line wrapping — `base64 -w 0 Wallet_mydb.zip` on Linux or `base64 -i Wallet_mydb.zip | tr -d '\\n'` on macOS — then paste the result here. OpenMetadata extracts it at runtime; no volume mounts needed.", + "type": "string", + "format": "password" + }, + "walletPassword": { + "title": "Wallet Password", + "description": "Wallet password for Oracle Autonomous mTLS connections, if required.", + "type": "string", + "format": "password" + } + }, + "required": [ + "tnsAlias" + ] } }, "properties": { @@ -97,7 +128,7 @@ "oracleConnectionType": { "title": "Oracle Connection Type", "type": "object", - "description": "Connect with oracle by either passing service name or database schema name.", + "description": "Connect with Oracle by using schema, service name, TNS connection string, or Oracle Autonomous wallet configuration.", "oneOf": [ { "$ref": "#/definitions/OracleDatabaseSchema" @@ -107,6 +138,9 @@ }, { "$ref": "#/definitions/OracleTNSConnection" + }, + { + "$ref": "#/definitions/OracleAutonomousConnection" } ] }, diff --git a/openmetadata-ui/src/main/resources/ui/public/locales/en-US/Database/Oracle.md b/openmetadata-ui/src/main/resources/ui/public/locales/en-US/Database/Oracle.md index 889eeaf94a43..5fa8e5e34cfb 100644 --- a/openmetadata-ui/src/main/resources/ui/public/locales/en-US/Database/Oracle.md +++ b/openmetadata-ui/src/main/resources/ui/public/locales/en-US/Database/Oracle.md @@ -77,6 +77,7 @@ Connect with oracle by either passing service name or database schema name. - **Database Schema**: Using a database schema name when connecting to an Oracle database allows the user to access only the objects within that schema, rather than the entire database. - **Oracle Service Name**: Oracle Service Name is a unique identifier for a database instance or group of instances that perform a particular function. - **Oracle TNS Connection**: You can directly use the TNS connection string, e.g., `(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1530)))(CONNECT_DATA=(SID=MYSERVICENAME)))`. +- **Oracle Autonomous Connection**: Use a wallet-based Oracle Autonomous Database setup by providing a `tnsAlias` plus either a wallet directory path or inline wallet content. $$ $$section @@ -99,6 +100,48 @@ TNS connection string you would set in `tnsnames.ora`, e.g., `(DESCRIPTION=(ADDR Note that if this is informed, we will ignore the `hostPort` property, so you should make sure that the `HOST` entry is present here. $$ +$$section +### Oracle Autonomous TNS Alias $(id="tnsAlias") + +Service alias from the wallet `tnsnames.ora`, such as `myadb_high`. + +For Autonomous mode, OpenMetadata uses this alias as the Oracle DSN target and does not require `hostPort`. +$$ + +$$section +### Wallet Path $(id="walletPath") + +Path to the extracted Oracle wallet directory on the ingestion host. + +Use this when wallet files are already present on the host running ingestion. +$$ + +$$section +### Wallet Content $(id="walletContent") + +Base64-encoded wallet zip content as a single unwrapped line. Recommended for Docker/Kubernetes deployments where you cannot mount wallet files onto the ingestion pod. + +**How to generate:** + +Linux: +```bash +base64 -w 0 Wallet_mydb.zip +``` + +macOS (the default `base64` wraps lines every 76 characters; pipe through `tr` to strip them): +```bash +base64 -i Wallet_mydb.zip | tr -d '\n' +``` + +Copy the output and paste it into this field. OpenMetadata stores it as a secret, then decodes and extracts it at runtime inside the pod — no volume mounts or pre-provisioning needed. +$$ + +$$section +### Wallet Password $(id="walletPassword") + +Wallet password used by Oracle Autonomous mTLS connections, if your wallet requires one. +$$ + $$section ### Instant Client Directory $(id="instantClientDirectory") diff --git a/openmetadata-ui/src/main/resources/ui/src/generated/api/automations/createWorkflow.ts b/openmetadata-ui/src/main/resources/ui/src/generated/api/automations/createWorkflow.ts index 45d4d0e93897..49ccd64aaa40 100644 --- a/openmetadata-ui/src/main/resources/ui/src/generated/api/automations/createWorkflow.ts +++ b/openmetadata-ui/src/main/resources/ui/src/generated/api/automations/createWorkflow.ts @@ -1274,7 +1274,8 @@ export interface ConfigObject { */ instantClientDirectory?: string; /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ oracleConnectionType?: OracleConnectionType; /** @@ -4555,7 +4556,8 @@ export interface OpenAPISchemaConnection { } /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ export interface OracleConnectionType { /** @@ -4574,6 +4576,28 @@ export interface OracleConnectionType { * (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1530)))(CONNECT_DATA=(SID=MYSERVICENAME))). */ oracleTNSConnection?: string; + /** + * Service alias defined in the wallet tnsnames.ora file, such as myadb_high. + */ + tnsAlias?: string; + /** + * Base64-encoded Oracle wallet zip content. OpenMetadata tolerates embedded whitespace and + * line breaks when decoding, so both wrapped and unwrapped base64 are accepted. For + * Docker/Kubernetes, a single unwrapped line is still recommended for easier copy/paste and + * environment variable usage: download the wallet zip from Oracle Cloud Console and encode + * it without line wrapping — `base64 -w 0 Wallet_mydb.zip` on Linux or `base64 -i + * Wallet_mydb.zip | tr -d '\n'` on macOS — then paste the result here. OpenMetadata + * extracts it at runtime; no volume mounts needed. + */ + walletContent?: string; + /** + * Wallet password for Oracle Autonomous mTLS connections, if required. + */ + walletPassword?: string; + /** + * Path to the extracted Oracle wallet directory on the ingestion host. + */ + walletPath?: string; [property: string]: any; } diff --git a/openmetadata-ui/src/main/resources/ui/src/generated/api/services/createDatabaseService.ts b/openmetadata-ui/src/main/resources/ui/src/generated/api/services/createDatabaseService.ts index ec105e3e7f20..d9da9ae98f53 100644 --- a/openmetadata-ui/src/main/resources/ui/src/generated/api/services/createDatabaseService.ts +++ b/openmetadata-ui/src/main/resources/ui/src/generated/api/services/createDatabaseService.ts @@ -786,7 +786,8 @@ export interface Connection { */ instantClientDirectory?: string; /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ oracleConnectionType?: OracleConnectionType; /** @@ -2169,7 +2170,8 @@ export enum HiveMetastoreConnectionDetailsType { } /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ export interface OracleConnectionType { /** @@ -2188,6 +2190,28 @@ export interface OracleConnectionType { * (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1530)))(CONNECT_DATA=(SID=MYSERVICENAME))). */ oracleTNSConnection?: string; + /** + * Service alias defined in the wallet tnsnames.ora file, such as myadb_high. + */ + tnsAlias?: string; + /** + * Base64-encoded Oracle wallet zip content. OpenMetadata tolerates embedded whitespace and + * line breaks when decoding, so both wrapped and unwrapped base64 are accepted. For + * Docker/Kubernetes, a single unwrapped line is still recommended for easier copy/paste and + * environment variable usage: download the wallet zip from Oracle Cloud Console and encode + * it without line wrapping — `base64 -w 0 Wallet_mydb.zip` on Linux or `base64 -i + * Wallet_mydb.zip | tr -d '\n'` on macOS — then paste the result here. OpenMetadata + * extracts it at runtime; no volume mounts needed. + */ + walletContent?: string; + /** + * Wallet password for Oracle Autonomous mTLS connections, if required. + */ + walletPassword?: string; + /** + * Path to the extracted Oracle wallet directory on the ingestion host. + */ + walletPath?: string; [property: string]: any; } diff --git a/openmetadata-ui/src/main/resources/ui/src/generated/api/services/ingestionPipelines/createIngestionPipeline.ts b/openmetadata-ui/src/main/resources/ui/src/generated/api/services/ingestionPipelines/createIngestionPipeline.ts index a3afef6e8105..b4c7305f63e9 100644 --- a/openmetadata-ui/src/main/resources/ui/src/generated/api/services/ingestionPipelines/createIngestionPipeline.ts +++ b/openmetadata-ui/src/main/resources/ui/src/generated/api/services/ingestionPipelines/createIngestionPipeline.ts @@ -4450,7 +4450,8 @@ export interface ConfigObject { */ instantClientDirectory?: string; /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ oracleConnectionType?: OracleConnectionType; /** @@ -7148,7 +7149,8 @@ export interface OpenAPISchemaConnection { } /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ export interface OracleConnectionType { /** @@ -7167,6 +7169,28 @@ export interface OracleConnectionType { * (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1530)))(CONNECT_DATA=(SID=MYSERVICENAME))). */ oracleTNSConnection?: string; + /** + * Service alias defined in the wallet tnsnames.ora file, such as myadb_high. + */ + tnsAlias?: string; + /** + * Base64-encoded Oracle wallet zip content. OpenMetadata tolerates embedded whitespace and + * line breaks when decoding, so both wrapped and unwrapped base64 are accepted. For + * Docker/Kubernetes, a single unwrapped line is still recommended for easier copy/paste and + * environment variable usage: download the wallet zip from Oracle Cloud Console and encode + * it without line wrapping — `base64 -w 0 Wallet_mydb.zip` on Linux or `base64 -i + * Wallet_mydb.zip | tr -d '\n'` on macOS — then paste the result here. OpenMetadata + * extracts it at runtime; no volume mounts needed. + */ + walletContent?: string; + /** + * Wallet password for Oracle Autonomous mTLS connections, if required. + */ + walletPassword?: string; + /** + * Path to the extracted Oracle wallet directory on the ingestion host. + */ + walletPath?: string; [property: string]: any; } diff --git a/openmetadata-ui/src/main/resources/ui/src/generated/entity/automations/testServiceConnection.ts b/openmetadata-ui/src/main/resources/ui/src/generated/entity/automations/testServiceConnection.ts index b5253577e495..1fcc7cc839db 100644 --- a/openmetadata-ui/src/main/resources/ui/src/generated/entity/automations/testServiceConnection.ts +++ b/openmetadata-ui/src/main/resources/ui/src/generated/entity/automations/testServiceConnection.ts @@ -1156,7 +1156,8 @@ export interface ConfigObject { */ instantClientDirectory?: string; /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ oracleConnectionType?: OracleConnectionType; /** @@ -4437,7 +4438,8 @@ export interface OpenAPISchemaConnection { } /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ export interface OracleConnectionType { /** @@ -4456,6 +4458,28 @@ export interface OracleConnectionType { * (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1530)))(CONNECT_DATA=(SID=MYSERVICENAME))). */ oracleTNSConnection?: string; + /** + * Service alias defined in the wallet tnsnames.ora file, such as myadb_high. + */ + tnsAlias?: string; + /** + * Base64-encoded Oracle wallet zip content. OpenMetadata tolerates embedded whitespace and + * line breaks when decoding, so both wrapped and unwrapped base64 are accepted. For + * Docker/Kubernetes, a single unwrapped line is still recommended for easier copy/paste and + * environment variable usage: download the wallet zip from Oracle Cloud Console and encode + * it without line wrapping — `base64 -w 0 Wallet_mydb.zip` on Linux or `base64 -i + * Wallet_mydb.zip | tr -d '\n'` on macOS — then paste the result here. OpenMetadata + * extracts it at runtime; no volume mounts needed. + */ + walletContent?: string; + /** + * Wallet password for Oracle Autonomous mTLS connections, if required. + */ + walletPassword?: string; + /** + * Path to the extracted Oracle wallet directory on the ingestion host. + */ + walletPath?: string; [property: string]: any; } diff --git a/openmetadata-ui/src/main/resources/ui/src/generated/entity/automations/workflow.ts b/openmetadata-ui/src/main/resources/ui/src/generated/entity/automations/workflow.ts index 1ecd66ef9655..980320f544da 100644 --- a/openmetadata-ui/src/main/resources/ui/src/generated/entity/automations/workflow.ts +++ b/openmetadata-ui/src/main/resources/ui/src/generated/entity/automations/workflow.ts @@ -1818,7 +1818,8 @@ export interface ConfigObject { */ instantClientDirectory?: string; /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ oracleConnectionType?: OracleConnectionType; /** @@ -4936,7 +4937,8 @@ export interface OpenAPISchemaConnection { } /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ export interface OracleConnectionType { /** @@ -4955,6 +4957,28 @@ export interface OracleConnectionType { * (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1530)))(CONNECT_DATA=(SID=MYSERVICENAME))). */ oracleTNSConnection?: string; + /** + * Service alias defined in the wallet tnsnames.ora file, such as myadb_high. + */ + tnsAlias?: string; + /** + * Base64-encoded Oracle wallet zip content. OpenMetadata tolerates embedded whitespace and + * line breaks when decoding, so both wrapped and unwrapped base64 are accepted. For + * Docker/Kubernetes, a single unwrapped line is still recommended for easier copy/paste and + * environment variable usage: download the wallet zip from Oracle Cloud Console and encode + * it without line wrapping — `base64 -w 0 Wallet_mydb.zip` on Linux or `base64 -i + * Wallet_mydb.zip | tr -d '\n'` on macOS — then paste the result here. OpenMetadata + * extracts it at runtime; no volume mounts needed. + */ + walletContent?: string; + /** + * Wallet password for Oracle Autonomous mTLS connections, if required. + */ + walletPassword?: string; + /** + * Path to the extracted Oracle wallet directory on the ingestion host. + */ + walletPath?: string; [property: string]: any; } diff --git a/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/connections/database/oracleConnection.ts b/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/connections/database/oracleConnection.ts index 27ed75c2f96c..4b35ce41ad6e 100644 --- a/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/connections/database/oracleConnection.ts +++ b/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/connections/database/oracleConnection.ts @@ -36,7 +36,8 @@ export interface OracleConnection { */ instantClientDirectory?: string; /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ oracleConnectionType: OracleConnectionType; /** @@ -120,7 +121,8 @@ export interface FilterPattern { } /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ export interface OracleConnectionType { /** @@ -139,6 +141,28 @@ export interface OracleConnectionType { * (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1530)))(CONNECT_DATA=(SID=MYSERVICENAME))). */ oracleTNSConnection?: string; + /** + * Service alias defined in the wallet tnsnames.ora file, such as myadb_high. + */ + tnsAlias?: string; + /** + * Base64-encoded Oracle wallet zip content. OpenMetadata tolerates embedded whitespace and + * line breaks when decoding, so both wrapped and unwrapped base64 are accepted. For + * Docker/Kubernetes, a single unwrapped line is still recommended for easier copy/paste and + * environment variable usage: download the wallet zip from Oracle Cloud Console and encode + * it without line wrapping — `base64 -w 0 Wallet_mydb.zip` on Linux or `base64 -i + * Wallet_mydb.zip | tr -d '\n'` on macOS — then paste the result here. OpenMetadata + * extracts it at runtime; no volume mounts needed. + */ + walletContent?: string; + /** + * Wallet password for Oracle Autonomous mTLS connections, if required. + */ + walletPassword?: string; + /** + * Path to the extracted Oracle wallet directory on the ingestion host. + */ + walletPath?: string; [property: string]: any; } diff --git a/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/connections/serviceConnection.ts b/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/connections/serviceConnection.ts index ff214cd6ae23..b251c67a1652 100644 --- a/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/connections/serviceConnection.ts +++ b/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/connections/serviceConnection.ts @@ -1425,7 +1425,8 @@ export interface ConfigObject { */ instantClientDirectory?: string; /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ oracleConnectionType?: OracleConnectionType; /** @@ -4477,7 +4478,8 @@ export interface OpenAPISchemaConnection { } /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ export interface OracleConnectionType { /** @@ -4496,6 +4498,28 @@ export interface OracleConnectionType { * (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1530)))(CONNECT_DATA=(SID=MYSERVICENAME))). */ oracleTNSConnection?: string; + /** + * Service alias defined in the wallet tnsnames.ora file, such as myadb_high. + */ + tnsAlias?: string; + /** + * Base64-encoded Oracle wallet zip content. OpenMetadata tolerates embedded whitespace and + * line breaks when decoding, so both wrapped and unwrapped base64 are accepted. For + * Docker/Kubernetes, a single unwrapped line is still recommended for easier copy/paste and + * environment variable usage: download the wallet zip from Oracle Cloud Console and encode + * it without line wrapping — `base64 -w 0 Wallet_mydb.zip` on Linux or `base64 -i + * Wallet_mydb.zip | tr -d '\n'` on macOS — then paste the result here. OpenMetadata + * extracts it at runtime; no volume mounts needed. + */ + walletContent?: string; + /** + * Wallet password for Oracle Autonomous mTLS connections, if required. + */ + walletPassword?: string; + /** + * Path to the extracted Oracle wallet directory on the ingestion host. + */ + walletPath?: string; [property: string]: any; } diff --git a/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/databaseService.ts b/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/databaseService.ts index 92b4e8196598..e9db6db00b5d 100644 --- a/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/databaseService.ts +++ b/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/databaseService.ts @@ -917,7 +917,8 @@ export interface Connection { */ instantClientDirectory?: string; /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ oracleConnectionType?: OracleConnectionType; /** @@ -2300,7 +2301,8 @@ export enum HiveMetastoreConnectionDetailsType { } /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ export interface OracleConnectionType { /** @@ -2319,6 +2321,28 @@ export interface OracleConnectionType { * (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1530)))(CONNECT_DATA=(SID=MYSERVICENAME))). */ oracleTNSConnection?: string; + /** + * Service alias defined in the wallet tnsnames.ora file, such as myadb_high. + */ + tnsAlias?: string; + /** + * Base64-encoded Oracle wallet zip content. OpenMetadata tolerates embedded whitespace and + * line breaks when decoding, so both wrapped and unwrapped base64 are accepted. For + * Docker/Kubernetes, a single unwrapped line is still recommended for easier copy/paste and + * environment variable usage: download the wallet zip from Oracle Cloud Console and encode + * it without line wrapping — `base64 -w 0 Wallet_mydb.zip` on Linux or `base64 -i + * Wallet_mydb.zip | tr -d '\n'` on macOS — then paste the result here. OpenMetadata + * extracts it at runtime; no volume mounts needed. + */ + walletContent?: string; + /** + * Wallet password for Oracle Autonomous mTLS connections, if required. + */ + walletPassword?: string; + /** + * Path to the extracted Oracle wallet directory on the ingestion host. + */ + walletPath?: string; [property: string]: any; } diff --git a/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/ingestionPipelines/ingestionPipeline.ts b/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/ingestionPipelines/ingestionPipeline.ts index c1d38ef63da9..cc0fb8e4970c 100644 --- a/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/ingestionPipelines/ingestionPipeline.ts +++ b/openmetadata-ui/src/main/resources/ui/src/generated/entity/services/ingestionPipelines/ingestionPipeline.ts @@ -4982,7 +4982,8 @@ export interface ConfigObject { */ instantClientDirectory?: string; /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ oracleConnectionType?: OracleConnectionType; /** @@ -7661,7 +7662,8 @@ export interface OpenAPISchemaConnection { } /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ export interface OracleConnectionType { /** @@ -7680,6 +7682,28 @@ export interface OracleConnectionType { * (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1530)))(CONNECT_DATA=(SID=MYSERVICENAME))). */ oracleTNSConnection?: string; + /** + * Service alias defined in the wallet tnsnames.ora file, such as myadb_high. + */ + tnsAlias?: string; + /** + * Base64-encoded Oracle wallet zip content. OpenMetadata tolerates embedded whitespace and + * line breaks when decoding, so both wrapped and unwrapped base64 are accepted. For + * Docker/Kubernetes, a single unwrapped line is still recommended for easier copy/paste and + * environment variable usage: download the wallet zip from Oracle Cloud Console and encode + * it without line wrapping — `base64 -w 0 Wallet_mydb.zip` on Linux or `base64 -i + * Wallet_mydb.zip | tr -d '\n'` on macOS — then paste the result here. OpenMetadata + * extracts it at runtime; no volume mounts needed. + */ + walletContent?: string; + /** + * Wallet password for Oracle Autonomous mTLS connections, if required. + */ + walletPassword?: string; + /** + * Path to the extracted Oracle wallet directory on the ingestion host. + */ + walletPath?: string; [property: string]: any; } diff --git a/openmetadata-ui/src/main/resources/ui/src/generated/metadataIngestion/testSuitePipeline.ts b/openmetadata-ui/src/main/resources/ui/src/generated/metadataIngestion/testSuitePipeline.ts index 72ebb62587c3..9247f0663ef1 100644 --- a/openmetadata-ui/src/main/resources/ui/src/generated/metadataIngestion/testSuitePipeline.ts +++ b/openmetadata-ui/src/main/resources/ui/src/generated/metadataIngestion/testSuitePipeline.ts @@ -1523,7 +1523,8 @@ export interface ConfigObject { */ instantClientDirectory?: string; /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ oracleConnectionType?: OracleConnectionType; /** @@ -4575,7 +4576,8 @@ export interface OpenAPISchemaConnection { } /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ export interface OracleConnectionType { /** @@ -4594,6 +4596,28 @@ export interface OracleConnectionType { * (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1530)))(CONNECT_DATA=(SID=MYSERVICENAME))). */ oracleTNSConnection?: string; + /** + * Service alias defined in the wallet tnsnames.ora file, such as myadb_high. + */ + tnsAlias?: string; + /** + * Base64-encoded Oracle wallet zip content. OpenMetadata tolerates embedded whitespace and + * line breaks when decoding, so both wrapped and unwrapped base64 are accepted. For + * Docker/Kubernetes, a single unwrapped line is still recommended for easier copy/paste and + * environment variable usage: download the wallet zip from Oracle Cloud Console and encode + * it without line wrapping — `base64 -w 0 Wallet_mydb.zip` on Linux or `base64 -i + * Wallet_mydb.zip | tr -d '\n'` on macOS — then paste the result here. OpenMetadata + * extracts it at runtime; no volume mounts needed. + */ + walletContent?: string; + /** + * Wallet password for Oracle Autonomous mTLS connections, if required. + */ + walletPassword?: string; + /** + * Path to the extracted Oracle wallet directory on the ingestion host. + */ + walletPath?: string; [property: string]: any; } diff --git a/openmetadata-ui/src/main/resources/ui/src/generated/metadataIngestion/workflow.ts b/openmetadata-ui/src/main/resources/ui/src/generated/metadataIngestion/workflow.ts index d3f53c775e54..1caf31f98829 100644 --- a/openmetadata-ui/src/main/resources/ui/src/generated/metadataIngestion/workflow.ts +++ b/openmetadata-ui/src/main/resources/ui/src/generated/metadataIngestion/workflow.ts @@ -1514,7 +1514,8 @@ export interface ConfigObject { */ instantClientDirectory?: string; /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ oracleConnectionType?: OracleConnectionType; /** @@ -4594,7 +4595,8 @@ export interface OpenAPISchemaConnection { } /** - * Connect with oracle by either passing service name or database schema name. + * Connect with Oracle by using schema, service name, TNS connection string, or Oracle + * Autonomous wallet configuration. */ export interface OracleConnectionType { /** @@ -4613,6 +4615,28 @@ export interface OracleConnectionType { * (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1530)))(CONNECT_DATA=(SID=MYSERVICENAME))). */ oracleTNSConnection?: string; + /** + * Service alias defined in the wallet tnsnames.ora file, such as myadb_high. + */ + tnsAlias?: string; + /** + * Base64-encoded Oracle wallet zip content. OpenMetadata tolerates embedded whitespace and + * line breaks when decoding, so both wrapped and unwrapped base64 are accepted. For + * Docker/Kubernetes, a single unwrapped line is still recommended for easier copy/paste and + * environment variable usage: download the wallet zip from Oracle Cloud Console and encode + * it without line wrapping — `base64 -w 0 Wallet_mydb.zip` on Linux or `base64 -i + * Wallet_mydb.zip | tr -d '\n'` on macOS — then paste the result here. OpenMetadata + * extracts it at runtime; no volume mounts needed. + */ + walletContent?: string; + /** + * Wallet password for Oracle Autonomous mTLS connections, if required. + */ + walletPassword?: string; + /** + * Path to the extracted Oracle wallet directory on the ingestion host. + */ + walletPath?: string; [property: string]: any; }