Class: PicsolveDockerBuilder::Composer::Requirements::Postgres

Inherits:
Base
  • Object
show all
Defined in:
lib/picsolve_docker_builder/composer/requirements/postgres.rb

Overview

Postgres db requirements

Instance Attribute Summary

Attributes inherited from Base

#config, #name

Instance Method Summary collapse

Methods inherited from Base

#container, #create_secret, #gen_password, #get_secret, #initialize, #kubernetes, #namespace, #stage

Methods included from Base

#base_dir, #config, #config_file, #config_path, #create_logger, #default_config, #log, #read_config, #validate_config

Constructor Details

This class inherits a constructor from PicsolveDockerBuilder::Composer::Requirements::Base

Instance Method Details

#admin_postgres_secretObject

get administrative postgres secrets



112
113
114
 
# File 'lib/picsolve_docker_builder/composer/requirements/postgres.rb', line 112

def admin_postgres_secret
  get_secret('postgres').update('dbname' => 'postgres')
end

#create_postgres_database(admin_secret, container_secret) ⇒ Object

create postgres database rubocop:disable Metrics/MethodLength



56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
 
# File 'lib/picsolve_docker_builder/composer/requirements/postgres.rb', line 56

def create_postgres_database(admin_secret, container_secret)
  log.info "Create database #{user_and_db_name}"

  forward = ssh_forward(admin_secret['host'], admin_secret['port'].to_i)
  admin_secret['host'] = '127.0.0.1'
  admin_secret['port'] = forward.local_port

  conn = PG::Connection.open(admin_secret)

  user = conn.escape_string(container_secret['user'])
  password = conn.escape_string(container_secret['password'])
  name = conn.escape_string(container_secret['name'])

  # create user
  conn.exec(
    "CREATE USER \"#{user}\" " \
    "WITH PASSWORD '#{password}'"
  )

  # create db
  conn.exec(
    "CREATE DATABASE \"#{name}\""
  )

  # grant all rights to the user and the aws user
  conn.exec("
    GRANT ALL PRIVILEGES ON DATABASE \"#{name}\" to \"#{user}\";
    GRANT ALL PRIVILEGES ON DATABASE \"#{name}\" to \"rds_superuser\";
  ")

  conn.close

  admin_secret['dbname'] = name
  admin_secret['user'] = user
  admin_secret['password'] = password
  conn = PG::Connection.open(admin_secret)

  conn.exec("
    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES
    ON TABLES TO \"#{user}\";
    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES
    ON TABLES TO \"rds_superuser\";
    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES
    ON SEQUENCES TO \"#{user}\";
    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES
    ON SEQUENCES TO \"rds_superuser\";
    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES
    ON FUNCTIONS TO \"#{user}\";
    ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES
    ON FUNCTIONS TO \"rds_superuser\";
  ")
  conn.close
end

#create_postgres_secretObject

create a new postgres secret and create the according database



32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
 
# File 'lib/picsolve_docker_builder/composer/requirements/postgres.rb', line 32

def create_postgres_secret
  admin_secret = admin_postgres_secret

  log.info "Create secret for #{user_and_db_name} database"
  container_secret = {
    'name' => user_and_db_name,
    'user' => user_and_db_name,
    'password' => gen_password,
    'host' => admin_secret['host'],
    'port' => admin_secret['port']
  }
  create_postgres_database(
    admin_secret,
    container_secret
  )
  create_secret(
    user_and_db_name,
    container_secret
  )
  container_secret
end

#environmentObject 



133
134
135
 
# File 'lib/picsolve_docker_builder/composer/requirements/postgres.rb', line 133

def environment
  environment_secret
end

#environment_secretObject 



124
125
126
127
128
129
130
131
 
# File 'lib/picsolve_docker_builder/composer/requirements/postgres.rb', line 124

def environment_secret
  postgres_secret.map do |key, value|
    {
      'name'  => "#{name.upcase}_#{key.upcase}",
      'value' => value
    }
  end
end

#postgres_secretObject

get postgres secret for current container



23
24
25
26
27
28
29
 
# File 'lib/picsolve_docker_builder/composer/requirements/postgres.rb', line 23

def postgres_secret
  get_secret(user_and_db_name)
rescue KubeException => e
  raise e unless e.message.match(/not found/)
  log.info "Secret for #{user_and_db_name} database not found"
  create_postgres_secret
end

#postgres_secret_nameObject 



120
121
122
 
# File 'lib/picsolve_docker_builder/composer/requirements/postgres.rb', line 120

def postgres_secret_name
  "postgres-#{user_and_db_name}"
end

#ssh_forward(host, port) ⇒ Object 



12
13
14
15
16
17
18
19
20
 
# File 'lib/picsolve_docker_builder/composer/requirements/postgres.rb', line 12

def ssh_forward(host, port)
  @ssh = PicsolveDockerBuilder::Helpers::SshConnection.new(
    ssh_host: kubernetes.host,
    ssh_port: kubernetes.port
  )
  forward = @ssh.forward(host, port)
  @ssh.start
  forward
end

#user_and_db_nameObject 



116
117
118
 
# File 'lib/picsolve_docker_builder/composer/requirements/postgres.rb', line 116

def user_and_db_name
  "#{stage}-#{container.name}-#{name}"
end