Skip to content

Commit 66fb5c1

Browse files
authored
fix: update pgsodium extension scripts (#1397)
* fix: pgsodium after-create script * chore: bump version
1 parent 80161e4 commit 66fb5c1

File tree

3 files changed

+34
-2
lines changed

3 files changed

+34
-2
lines changed
Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,26 @@
11
grant execute on function pgsodium.crypto_aead_det_decrypt(bytea, bytea, uuid, bytea) to service_role;
22
grant execute on function pgsodium.crypto_aead_det_encrypt(bytea, bytea, uuid, bytea) to service_role;
33
grant execute on function pgsodium.crypto_aead_det_keygen to service_role;
4+
5+
CREATE OR REPLACE FUNCTION pgsodium.mask_role(masked_role regrole, source_name text, view_name text)
6+
RETURNS void
7+
LANGUAGE plpgsql
8+
SECURITY DEFINER
9+
SET search_path TO ''
10+
AS $function$
11+
BEGIN
12+
EXECUTE format(
13+
'GRANT SELECT ON pgsodium.key TO %s',
14+
masked_role);
15+
16+
EXECUTE format(
17+
'GRANT pgsodium_keyiduser, pgsodium_keyholder TO %s',
18+
masked_role);
19+
20+
EXECUTE format(
21+
'GRANT ALL ON %I TO %s',
22+
view_name,
23+
masked_role);
24+
RETURN;
25+
END
26+
$function$;
Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
do $$
2+
declare
3+
_extversion text := @extversion@;
4+
_r record;
5+
begin
6+
if _extversion is not null and _extversion != '3.1.8' then
7+
raise exception 'only pgsodium 3.1.8 is supported';
8+
end if;
9+
end $$;

ansible/vars.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,8 @@ postgres_major:
88

99
# Full version strings for each major version
1010
postgres_release:
11-
postgresorioledb-17: "17.0.1.019-orioledb"
12-
postgres15: "15.8.1.029"
11+
postgresorioledb-17: "17.0.1.020-orioledb"
12+
postgres15: "15.8.1.030"
1313

1414
# Non Postgres Extensions
1515
pgbouncer_release: "1.19.0"

0 commit comments

Comments
 (0)