public_git
/
postgres-operator
mirror of https://github.com/zalando/postgres-operator.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix escaping of parameter values and extra spaces. 

- document the newly introduced option (for now in the main README)
- make query error output more readable.
This commit is contained in:
Oleksii Kliukin 2017-11-06 13:04:36 +01:00
parent 415a7fdc4d
commit 71f57c9fe3
3 changed files with 25 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -201,6 +201,14 @@ The following steps will get you the docker image built and deployed.
$ make docker $ make docker
$ sed -e "s/\(image\:.*\:\).*$/\1$TAG/" manifests/postgres-operator.yaml|kubectl --context minikube create -f - $ sed -e "s/\(image\:.*\:\).*$/\1$TAG/" manifests/postgres-operator.yaml|kubectl --context minikube create -f -
### Operator Configuration Parameters
* api_roles_configuration - a map represented as *"key1:value1,key2:value2"*
of configuration parameters applied to the roles fetched from the API.
By default is set to *"log_statement:all"*. See [PostgreSQL documentation on ALTER ROLE .. SET](https://www.postgresql.org/docs/current/static/sql-alterrole.html) for to learn about the available options.
### Debugging the operator itself ### Debugging the operator itself
There is a web interface in the operator to observe its internal state. The operator listens on port 8080. It is possible to expose it to the localhost:8080 by doing: There is a web interface in the operator to observe its internal state. The operator listens on port 8080. It is possible to expose it to the localhost:8080 by doing:

2
pkg/util/config/config.go
View File

@ -71,7 +71,7 @@ type Config struct {
APIPort int `name:"api_port" default:"8080"` APIPort int `name:"api_port" default:"8080"`
RingLogLines int `name:"ring_log_lines" default:"100"` RingLogLines int `name:"ring_log_lines" default:"100"`
ClusterHistoryEntries int `name:"cluster_history_entries" default:"1000"` ClusterHistoryEntries int `name:"cluster_history_entries" default:"1000"`
APIRolesParameters map[string]string `name:"api_roles_configuration" default:"log_statement:all"` APIRolesParameters map[string]string `name:"api_roles_configuration" default:"log_statement:'all'"`
PodTerminateGracePeriod time.Duration `name:"pod_terminate_grace_period" default:"5m"` PodTerminateGracePeriod time.Duration `name:"pod_terminate_grace_period" default:"5m"`
} }

23
pkg/util/users/users.go
View File

@ -14,7 +14,7 @@ const (
createUserSQL = `SET LOCAL synchronous_commit = 'local'; CREATE ROLE "%s" %s %s;` createUserSQL = `SET LOCAL synchronous_commit = 'local'; CREATE ROLE "%s" %s %s;`
alterUserSQL = `ALTER ROLE "%s" %s` alterUserSQL = `ALTER ROLE "%s" %s`
alterRoleResetAllSQL = `ALTER ROLE "%s" RESET ALL` alterRoleResetAllSQL = `ALTER ROLE "%s" RESET ALL`
alterRoleSetSQL = `ALTER ROLE "%s" SET "%s" TO "%s"` alterRoleSetSQL = `ALTER ROLE "%s" SET %s TO %s`
grantToUserSQL = `GRANT %s TO "%s"` grantToUserSQL = `GRANT %s TO "%s"`
doBlockStmt = `SET LOCAL synchronous_commit = 'local'; DO $$ BEGIN %s; END;$$;` doBlockStmt = `SET LOCAL synchronous_commit = 'local'; DO $$ BEGIN %s; END;$$;`
passwordTemplate = "ENCRYPTED PASSWORD '%s'" passwordTemplate = "ENCRYPTED PASSWORD '%s'"
@ -96,7 +96,7 @@ func (strategy DefaultUserSyncStrategy) alterPgUserSet(user spec.PgUser, db *sql
queries := produceAlterRoleSetStmts(user) queries := produceAlterRoleSetStmts(user)
query := fmt.Sprintf(doBlockStmt, strings.Join(queries, ";")) query := fmt.Sprintf(doBlockStmt, strings.Join(queries, ";"))
if _, err = db.Query(query); err != nil { if _, err = db.Query(query); err != nil {
err = fmt.Errorf("dB error: %v, query: %q", err, query) err = fmt.Errorf("dB error: %v, query: %s", err, query)
return return
} }
return return
@ -122,7 +122,7 @@ func (s DefaultUserSyncStrategy) createPgUser(user spec.PgUser, db *sql.DB) (err
_, err = db.Query(query) // TODO: Try several times _, err = db.Query(query) // TODO: Try several times
if err != nil { if err != nil {
err = fmt.Errorf("dB error: %v, query: %q", err, query) err = fmt.Errorf("dB error: %v, query: %s", err, query)
return return
} }
@ -148,7 +148,7 @@ func (s DefaultUserSyncStrategy) alterPgUser(user spec.PgUser, db *sql.DB) (err
_, err = db.Query(query) // TODO: Try several times _, err = db.Query(query) // TODO: Try several times
if err != nil { if err != nil {
err = fmt.Errorf("dB error: %v query %q", err, query) err = fmt.Errorf("dB error: %v query %s", err, query)
return return
} }
@ -157,7 +157,7 @@ func (s DefaultUserSyncStrategy) alterPgUser(user spec.PgUser, db *sql.DB) (err
func produceAlterStmt(user spec.PgUser) string { func produceAlterStmt(user spec.PgUser) string {
// ALTER ROLE ... LOGIN ENCRYPTED PASSWORD .. // ALTER ROLE ... LOGIN ENCRYPTED PASSWORD ..
result := make([]string, 1) result := make([]string, 0)
password := user.Password password := user.Password
flags := user.Flags flags := user.Flags
@ -171,10 +171,10 @@ func produceAlterStmt(user spec.PgUser) string {
} }
func produceAlterRoleSetStmts(user spec.PgUser) []string { func produceAlterRoleSetStmts(user spec.PgUser) []string {
result := make([]string, 1) result := make([]string, 0)
result = append(result, fmt.Sprintf(alterRoleResetAllSQL, user.Name)) result = append(result, fmt.Sprintf(alterRoleResetAllSQL, user.Name))
for key, value := range(user.Parameters) { for key, value := range(user.Parameters) {
result = append(result, fmt.Sprintf(alterRoleSetSQL, user.Name, key, value)) result = append(result, fmt.Sprintf(alterRoleSetSQL, user.Name, key, quoteValue(value)))
} }
return result return result
} }
@ -191,3 +191,12 @@ func quoteMemberList(user spec.PgUser) string {
} }
return strings.Join(memberof, ",") return strings.Join(memberof, ",")
} }
// quoteVal quotes values to be used at ALTER ROLE SET param = value if necessary
func quoteValue(val string) string {
if (strings.HasPrefix(val, `"`) && strings.HasSuffix(val, `"`)) ||
(strings.HasPrefix(val, `'`) && strings.HasSuffix(val, `'`)) {
return val
}
return fmt.Sprintf(`"%s"`, strings.Trim(val," "))
}