feat: Initial implementation of the PostgresFDW

[josephschorr]

The PostgresFDW allows SpiceDB to be used from within Postgres via the Postgres Foreign Data Wrapper protocol, as-if Postgres was speaking to another Postgres.

It supports querying (Check, LookupResources, LookupSubjects), as well as reads (RealRelationships), writes (WriteRelationships) and schema updates (ReadSchema/WriteSchema).

These operations are performed against "virtual" tables (permissions, relationships and schema) that are placed into the Postgres and translated by this proxy.

For more information, see the README.md

This is currently experimental and subject to changes

[codecov]

Codecov Report

❌ Patch coverage is 36.27628% with 1061 lines in your changes missing coverage. Please review.
✅ Project coverage is 74.53%. Comparing base (3e906b6) to head (1d80dac).
⚠️ Report is 5 commits behind head on main.

Files with missing lines	Patch %	Lines
internal/fdw/tables/permissions.go	0.00%	308 Missing ⚠️
internal/fdw/tables/relationships.go	25.68%	161 Missing and 4 partials ⚠️
internal/fdw/pgserver.go	0.00%	100 Missing ⚠️
internal/fdw/tables/matcher.go	61.04%	61 Missing and 29 partials ⚠️
internal/fdw/tables/select.go	56.29%	61 Missing and 12 partials ⚠️
internal/fdw/cursor.go	0.00%	53 Missing ⚠️
pkg/cmd/postgresfdw.go	49.50%	45 Missing and 5 partials ⚠️
internal/fdw/session.go	0.00%	37 Missing ⚠️
internal/fdw/tables/schema.go	0.00%	37 Missing ⚠️
internal/fdw/transaction.go	0.00%	28 Missing ⚠️
... and 9 more

❌ Your project status has failed because the head coverage (74.53%) is below the target coverage (75.00%). You can increase the head coverage or adjust the target coverage.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2806      +/-   ##
==========================================
- Coverage   75.78%   74.53%   -1.24%     
==========================================
  Files         460      483      +23     
  Lines       55026    56691    +1665     
==========================================
+ Hits        41694    42251     +557     
- Misses      10456    11490    +1034     
- Partials     2876     2950      +74     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[tstirrat15]

Suggested change

	- [spicedb postgres-fdw](#reference-spicedb-postgres-fdw) - serve a Postgres Foreign Data Wrapper for SpiceDB
	- [spicedb postgres-fdw](#reference-spicedb-postgres-fdw) - serve a Postgres Foreign Data Wrapper for SpiceDB

whitespace change

[tstirrat15]

General question: does this mean the postgres-fdw is now a part of the SpiceDB binary? When do we start to get concerned about the size of the binary?

[josephschorr]

Yes and the plan is any SpiceDB-adjacent systems will be as well.

I think, for now, we won't be worrying about it

[tstirrat15]

I don't see these assertions

[josephschorr]

Fixed

[tstirrat15]

Same

[josephschorr]

Fixed

[tstirrat15]

Same

[josephschorr]

Fixed

[tstirrat15]

Suggested change

	// slog.SetLogLoggerLevel(slog.LevelDebug)

[josephschorr]

Added comment

[tstirrat15]

I'm not sure this is a "now" issue, but is there a way that we can help ensure that we don't have index misses on ReadRels?

[josephschorr]

No; We do not have full coverage on all shapes of read rels that are possible (and likely never will). The best we could do is warn, but that's unrelated to these changes

[tstirrat15]

Yeah. My concern is that this implementation detail is kinda hidden, and that it might be relatively easy to write a postgres query that accidentally misses the indices and then it leaves the user wondering why SpiceDB is slow. I'm okay with saying that's a future problem, though.

[tstirrat15]

Something I wanna make sure we clarify in external documentation if I've got it right: the transaction support here doesn't sidestep the dual-write problem, right?

[josephschorr]

No, because postgres_fdw sadly does not support two-phase commit

[tstirrat15]

It doesn't have to be in this PR, but I'd wanna see observability and metrics for this as a fast follow

[josephschorr]

okay

[tstirrat15]

can use assert.NoError here if desired

[josephschorr]

Nah; I don't like error checking after cleanup in tests. It likely is returning an error (context canceled) when its forcibly shutdown at the end of the time

[tstirrat15]

See comments; otherwise this is looking good to me for the first implementation.

[tstirrat15]

Can use https://pkg.go.dev/github.com/stretchr/testify/require#EventuallyWithT for this if desired

[tstirrat15]

Is this necessary with t.Setenv?

[tstirrat15]

Is the caveat context also a todo here?

[josephschorr]

Yes, it has TODOs saying so

[tstirrat15]

Does this mean that the optional subject relation has to be defined, or is the assumption that it'll typically come through as an empty string and be handled as an unset value?

[josephschorr]

Empty string

[tstirrat15]

Docstring on this one? Also maybe pull it towards the top or into a separate file.

[josephschorr]

Why? Its used internally

[tstirrat15]

Just cuz it's used widely enough in this package. I ended up inferring it from usage as I was reading and then finding it in one of the last files I looked at and thinking that it would have been nicer to have it up front. I guess that's a review-time concern, though, so it's probably fine.

[tstirrat15]

What is this asserting? Is it functionally asserting that the interface is satisfied?

[josephschorr]

Its just making sure the accessors return what was defined

[tstirrat15]

See comments, otherwise LGTM

[tstirrat15]

Is there a condition that we can explicitly poll here? I don't want this to become a flake source.

[tstirrat15]

LGTM

[tstirrat15]

LGTM. I'm curious to see what the ramifications of CGO are.