diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-03-10 23:53:31 +0100 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-03-10 23:53:31 +0100 |
commit | 17547340d42db38a0bca7bca934b01964991301b (patch) | |
tree | 5ab91e46b33eae8cf060b0e24f6f16f9a1888cff /kubernetes/common/postgres/configs | |
parent | b8316cdbeaed1c4929531da836f24639c745ab66 (diff) |
[COMMON] Allow special characters in postgress passwords
Postgres image that we are currently using uses sed to replace
passwords placeholders with their actual values at startup time.
This apprach is very fragile and leads to issues if & happens to be a
part of password as it has a special meaning in sed.
To fix this issue let's just extract the setup.sql file from the
container and process it on our own in init container using envsubst
and then mount it to the main container to be used.
Issue-ID: OOM-2317
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ifd51d8f0af0099958caa209185fb7a87a0480bd2
Diffstat (limited to 'kubernetes/common/postgres/configs')
-rw-r--r-- | kubernetes/common/postgres/configs/setup.sql | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/kubernetes/common/postgres/configs/setup.sql b/kubernetes/common/postgres/configs/setup.sql new file mode 100644 index 0000000000..f60b473242 --- /dev/null +++ b/kubernetes/common/postgres/configs/setup.sql @@ -0,0 +1,40 @@ +--- System Setup +SET application_name="container_setup"; + +CREATE EXTENSION IF NOT EXISTS pg_stat_statements; +CREATE EXTENSION IF NOT EXISTS pgaudit; + +ALTER USER postgres PASSWORD '${PG_ROOT_PASSWORD}'; + +CREATE USER ${PG_PRIMARY_USER} WITH REPLICATION; +ALTER USER ${PG_PRIMARY_USER} PASSWORD '${PG_PRIMARY_PASSWORD}'; + +CREATE USER "${PG_USER}" LOGIN; +ALTER USER "${PG_USER}" PASSWORD '${PG_PASSWORD}'; + +CREATE DATABASE ${PG_DATABASE}; +GRANT ALL PRIVILEGES ON DATABASE ${PG_DATABASE} TO "${PG_USER}"; + +CREATE TABLE IF NOT EXISTS primarytable (key varchar(20), value varchar(20)); +GRANT ALL ON primarytable TO ${PG_PRIMARY_USER}; + +--- PG_DATABASE Setup + +\c ${PG_DATABASE} + +CREATE EXTENSION IF NOT EXISTS pg_stat_statements; +CREATE EXTENSION IF NOT EXISTS pgaudit; + +--- Verify permissions via PG_USER + +\c ${PG_DATABASE} "${PG_USER}"; + +CREATE SCHEMA IF NOT EXISTS "${PG_USER}"; + +CREATE TABLE IF NOT EXISTS "${PG_USER}".testtable ( + name varchar(30) PRIMARY KEY, + value varchar(50) NOT NULL, + updatedt timestamp NOT NULL +); + +INSERT INTO "${PG_USER}".testtable (name, value, updatedt) VALUES ('CPU', '256', now()); |