Sean Chittenden
2ebac5226c
PostgreSQL: leaked pg privs ( #14817 )
...
* Fix doc bug. Spell `collation` like `lc_collate`.
* Whitespace nit in error message
* Use %q as the format verb for error messages in postgresql_database resource messages.
* REVOKE the `GRANT` given to the connection user when creating a database.
For `ROLE`s who have been delegated `CREATEDB` privileges and are not a
superuser, in order for them to `CREATE DATABASE` they need to be a member
of the `ROLE` who will be `OWNER` for the new database. Once the
`CREATE DATABASE` is complete, `REVOKE` the `GRANT` that was given to role
so that the user who ran the `CREATE DATABASE` looses all privileges to the
target database (unless of course they're a superuser).
Fixes a regression introduced in #11452
* Delegated DBA ROLEs can now fix OWNER drift for PostgreSQL databases.
Uses the helper functions introduced in #11452
2017-05-31 20:03:32 +03:00
pbthorste
deb56bd93d
improve error message
2017-01-27 01:50:45 +01:00
pbthorste
daba1aff9d
grant role membership for when connection user is not superuser
2017-01-27 01:46:37 +01:00
pbthorste
11f680a88e
remove computed true for postgres connections
2017-01-11 22:55:50 +01:00
pbthorste
0c1175f78b
set default postgres connection limit
2017-01-11 22:45:30 +01:00
Sean Chittenden
a96f7408dd
Fix a few small grammar nits.
2016-12-27 15:50:25 -08:00
Sean Chittenden
9ab60ecc7b
Add an Exists function for each resource type. Also add a provider RWMutex.
...
Some of the checks didn't support concurrent updates. This should
improve the reliability of the provider.
2016-12-27 15:50:25 -08:00
Sean Chittenden
1d60e9ab04
Clean up the description on postgresql_database.owner.
2016-12-25 06:13:32 -08:00
Sean Chittenden
e2448473cb
Clean up the DatabaseCreate call.
2016-12-10 12:32:21 +11:00
Sean Chittenden
db5d7b0438
Style nit
2016-12-10 12:32:21 +11:00
Sean Chittenden
bfc2a2d42f
Commit WIP re: updated postgresql_role provider.
...
*Read() and *Update() still need to be updated.
2016-12-10 12:32:20 +11:00
Sean Chittenden
2e529146a5
Remove unused code.
2016-12-10 12:32:20 +11:00
Sean Chittenden
6b540ecb55
Don't use d.GetOk() when the zero value is a required attribute.
...
Add "pathological" test.
2016-12-10 12:32:20 +11:00
Sean Chittenden
37fdc958b3
Always remove the IS_TEMPLATE attribute before dropping a database.
2016-12-10 12:32:20 +11:00
Sean Chittenden
e9b2b38288
Remove SetId() call from *Read(), this isn't required for import to work.
2016-12-10 12:32:20 +11:00
Sean Chittenden
5280c37bea
`postgresql_database` resource provider should now be feature complete.
...
* Add support to import databases. See docs.
* Add support for renaming databases
* Add support for all known PostgreSQL database attributes, including:
* "allow_connections"
* "lc_ctype"
* "lc_collate"
* "connection_limit"
* "encoding"
* "is_template"
* "owner"
* "tablespace_name"
* "template"
2016-12-10 12:32:20 +11:00
Sean Chittenden
3779dfffa9
Use a string instead of the `%t` modifier for printing a bool in SQL
2016-12-10 12:32:19 +11:00
Sean Chittenden
5b66bf0745
ForceNew is required when changing the locale, ctype, and encoding.
...
This will cause someone some grief. TODO: Figure out how to prevent
someone from blowing off their foot if they twiddle this after the
fact.
2016-12-10 12:32:18 +11:00
Sean Chittenden
547dcf27e1
Decorate the computed attribute where appropriate
2016-12-10 12:32:18 +11:00
Sean Chittenden
242405bdf1
Factor out the validate function for connection limits
2016-12-10 12:32:18 +11:00
Sean Chittenden
02dea2edd9
Add missing descriptions to owner and name
2016-12-10 12:32:18 +11:00
Sean Chittenden
f3add9e7ef
Flesh out the CREATE DATABASE for PostgreSQL.
2016-12-10 12:32:18 +11:00
James Nugent
44af0d60df
provider/postgres: Fix acceptance tests
...
```
› PGSSLMODE=disable PGHOST=localhost PGUSER=postgres make testacc \
TEST=./builtin/providers/postgresql
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/09/05 15:39:23 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/postgresql -v -timeout 120m
=== RUN TestProvider
--- PASS: TestProvider (0.00s)
=== RUN TestProvider_impl
--- PASS: TestProvider_impl (0.00s)
=== RUN TestAccPostgresqlDatabase_Basic
--- PASS: TestAccPostgresqlDatabase_Basic (0.53s)
=== RUN TestAccPostgresqlDatabase_DefaultOwner
--- PASS: TestAccPostgresqlDatabase_DefaultOwner (0.51s)
=== RUN TestAccPostgresqlRole_Basic
--- PASS: TestAccPostgresqlRole_Basic (0.11s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/postgresql 1.160s
```
2016-09-05 15:39:57 -07:00
James Nugent
34a17d3b46
provider/postgres: Correct casing -> PostgreSQL
2016-09-05 15:04:48 -07:00
James Nugent
260179543a
provider/postgres: Clean up definitions and errors
...
This commit brings the Postgres provider up to "new" standards for error
wrapping and nested structure definitions.
2016-09-05 14:46:40 -07:00
Adrian Chelaru
e1eef15646
postgresql provider with "database" and "role" resources
2015-12-03 23:44:20 -08:00