defined type for creating database schemas
This defined type helps create database schemas, and assign them to an `owner`. It is closely modeled after Postgresql::Server::Tablespace. It uses PostgreSQL's builtin IF NOT EXISTS to guarantee idempotency. (>= 9.3, else it checks pg_namespace). n.b.: This defined type *requires* that a `db` is passed. This is a concious design decision, since we find it rather useless to create such schemas in the default `postgres` database, and if *were* useful, one can always "over-specify". This addresses MODULES-1098.
This commit is contained in:
parent
327c7e9cd9
commit
324c291b3f
4 changed files with 161 additions and 0 deletions
24
README.md
24
README.md
|
@ -241,6 +241,7 @@ Resources:
|
|||
* [postgresql::server::database_grant](#resource-postgresqlserverdatabasegrant)
|
||||
* [postgresql::server::pg_hba_rule](#resource-postgresqlserverpghbarule)
|
||||
* [postgresql::server::role](#resource-postgresqlserverrole)
|
||||
* [postgresql::server::schema](#resource-postgresqlserverschema)
|
||||
* [postgresql::server::table_grant](#resource-postgresqlservertablegrant)
|
||||
* [postgresql::server::tablespace](#resource-postgresqlservertablespace)
|
||||
* [postgresql::validate_db_connection](#resource-postgresqlvalidatedbconnection)
|
||||
|
@ -735,6 +736,29 @@ Specifies how many concurrent connections the role can make. Defaults to `-1` me
|
|||
####`username`
|
||||
The username of the role to create, defaults to `namevar`.
|
||||
|
||||
###Resource: postgresql::server::schema
|
||||
This defined type can be used to create a schema. For example:
|
||||
|
||||
postgresql::server::schema { 'isolated':
|
||||
owner => 'jane',
|
||||
db => 'janedb',
|
||||
}
|
||||
|
||||
It will create the schema `jane` in the database `janedb` if neccessary,
|
||||
assigning the user `jane` ownership permissions.
|
||||
|
||||
####`namevar`
|
||||
The schema name to create.
|
||||
|
||||
###`db`
|
||||
Name of the database in which to create this schema. This must be passed.
|
||||
|
||||
####`owner`
|
||||
The default owner of the schema.
|
||||
|
||||
####`schema`
|
||||
Name of the schma. Defaults to `namevar`.
|
||||
|
||||
|
||||
###Resource: postgresql::server::table\_grant
|
||||
This defined type manages grant based access privileges for users. Consult the PostgreSQL documentation for `grant` for more information.
|
||||
|
|
44
manifests/server/schema.pp
Normal file
44
manifests/server/schema.pp
Normal file
|
@ -0,0 +1,44 @@
|
|||
# This defined types creates database schemas. See README.md for more details.
|
||||
define postgresql::server::schema(
|
||||
$db,
|
||||
$owner = undef,
|
||||
$schema = $title,
|
||||
) {
|
||||
$user = $postgresql::server::user
|
||||
$group = $postgresql::server::group
|
||||
$port = $postgresql::server::port
|
||||
$psql_path = $postgresql::server::psql_path
|
||||
$version = $postgresql::server::version
|
||||
|
||||
Postgresql_psql {
|
||||
db => $db,
|
||||
psql_user => $user,
|
||||
psql_group => $group,
|
||||
psql_path => $psql_path,
|
||||
port => $port,
|
||||
}
|
||||
|
||||
$schema_title = "Create Schema '${schema}'"
|
||||
$authorization = $owner? {
|
||||
undef => '',
|
||||
default => "AUTHORIZATION \"${owner}\"",
|
||||
}
|
||||
|
||||
if(versioncmp($version, '9.3') >= 0) {
|
||||
$schema_command = "CREATE SCHEMA IF NOT EXISTS \"${schema}\" ${authorization}"
|
||||
$unless = undef
|
||||
} else {
|
||||
$schema_command = "CREATE SCHEMA \"${schema}\" ${authorization}"
|
||||
$unless = "SELECT nspname FROM pg_namespace WHERE nspname='${schema}'"
|
||||
}
|
||||
|
||||
postgresql_psql { $schema_title:
|
||||
command => $schema_command,
|
||||
unless => $unless,
|
||||
require => Class['postgresql::server'],
|
||||
}
|
||||
|
||||
if($owner != undef and defined(Postgresql::Server::Role[$owner])) {
|
||||
Postgresql::Server::Role[$owner]->Postgresql_psql[$schema_title]
|
||||
}
|
||||
}
|
61
spec/acceptance/server/schema_spec.rb
Normal file
61
spec/acceptance/server/schema_spec.rb
Normal file
|
@ -0,0 +1,61 @@
|
|||
require 'spec_helper_acceptance'
|
||||
|
||||
describe 'postgresql::server::schema:', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
|
||||
after :all do
|
||||
# Cleanup after tests have ran
|
||||
apply_manifest("class { 'postgresql::server': ensure => absent }", :catch_failures => true)
|
||||
end
|
||||
|
||||
it 'should create a schema for a user' do
|
||||
begin
|
||||
pp = <<-EOS.unindent
|
||||
$db = 'schema_test'
|
||||
$user = 'psql_schema_tester'
|
||||
$password = 'psql_schema_pw'
|
||||
|
||||
class { 'postgresql::server': }
|
||||
|
||||
# Since we are not testing pg_hba or any of that, make a local user for ident auth
|
||||
user { $user:
|
||||
ensure => present,
|
||||
}
|
||||
|
||||
postgresql::server::role { $user:
|
||||
password_hash => postgresql_password($user, $password),
|
||||
}
|
||||
|
||||
postgresql::server::database { $db:
|
||||
owner => $user,
|
||||
require => Postgresql::Server::Role[$user],
|
||||
}
|
||||
|
||||
# Create a rule for the user
|
||||
postgresql::server::pg_hba_rule { "allow ${user}":
|
||||
type => 'local',
|
||||
database => $db,
|
||||
user => $user,
|
||||
auth_method => 'ident',
|
||||
order => 1,
|
||||
}
|
||||
|
||||
postgresql::server::schema { $user:
|
||||
db => $db,
|
||||
owner => $user,
|
||||
require => Postgresql::Server::Database[$db],
|
||||
}
|
||||
EOS
|
||||
|
||||
apply_manifest(pp, :catch_failures => true)
|
||||
apply_manifest(pp, :catch_changes => true)
|
||||
|
||||
## Check that the user can create a table in the database
|
||||
psql('--command="create table psql_schema_tester.foo (foo int)" schema_test', 'psql_schema_tester') do |r|
|
||||
expect(r.stdout).to match(/CREATE TABLE/)
|
||||
expect(r.stderr).to eq('')
|
||||
end
|
||||
ensure
|
||||
psql('--command="drop table psql_schema_tester.foo" schema_test', 'psql_schema_tester')
|
||||
end
|
||||
end
|
||||
|
||||
end
|
32
spec/unit/defines/server/schema_spec.rb
Normal file
32
spec/unit/defines/server/schema_spec.rb
Normal file
|
@ -0,0 +1,32 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe 'postgresql::server::schema', :type => :define do
|
||||
let :facts do
|
||||
{
|
||||
:osfamily => 'Debian',
|
||||
:operatingsystem => 'Debian',
|
||||
:operatingsystemrelease => '6.0',
|
||||
:kernel => 'Linux',
|
||||
:concat_basedir => tmpfilename('schema'),
|
||||
:id => 'root',
|
||||
:path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
|
||||
}
|
||||
end
|
||||
|
||||
let :title do
|
||||
'test'
|
||||
end
|
||||
|
||||
let :params do
|
||||
{
|
||||
:owner => 'jane',
|
||||
:db => 'janedb',
|
||||
}
|
||||
end
|
||||
|
||||
let :pre_condition do
|
||||
"class {'postgresql::server':}"
|
||||
end
|
||||
|
||||
it { should contain_postgresql__server__schema('test') }
|
||||
end
|
Loading…
Reference in a new issue