Set postgres db owner to confluence user.

[patcon]

• This allows a database to be imported using a more flexible backup,
  taken with the --no-owner flag. However, in order for the new
  database to work as expected, the database my be owned by the user
  expected to interact with it. This way, the table ownership is
  automatically set to this db user during import, and this db user can
  continue to access later.

[patcon]

Basically making the database be owned by the user accessing it, which gets around some edge-cases with importing/exporting where the confluence db user can't manage the database properly

[bflad]

Does the postgresql_database resource accept the owner attribute like the README documentation?
https://github.com/chef-cookbooks/database#examples

# create a postgresql database with additional parameters
postgresql_database 'mr_softie' do
  connection(
    :host     => '127.0.0.1',
    :port     => 5432,
    :username => 'postgres',
    :password => node['postgresql']['password']['postgres']
  )
  template 'DEFAULT'
  encoding 'DEFAULT'
  tablespace 'DEFAULT'
  connection_limit '-1'
  owner 'postgres'
  action :create
end

[patcon]

Ah, had never noticed that resource attr before :) thanks

[patcon]

Force pushed to take your suggestion into account @bflad

[patcon]

Hm. Except it might create a chicken and egg situation with the user, which we create second. We'll probably need to separate out the user :create from the user :grant if we want to get around that. Any objections?

[patcon]

(Not ready to be merged until the above comment is dealt with, to clarify)

[legal90]

@patcon Could you please give an example - what problem does this pull request solve?

[patcon]

Sure!

Before this, the database was owned by postgres and confluence simply had grants on it. Any tables that were subsequently created via the confluence user DID have table-level ownership by confluence. This doesn't normally have obvious effects, but comes unto play when importing a backup in certain circumstances, when the behaviour of psql is to recreate the tables with ownership matching the database ownership (ie. postgres). In that case, all the table-level ownership is also postgres, and the confluence user can't do anything :)

Basically, it seems that it was an oversight that the database wasn't owned by the confluence database user.

[legal90]

@patcon Thank you! Now it's clear for me :)

But yes, this PR should be modified, because user should be already created when we try to create a DB. Otherwise, there will be an error like this:

       Recipe: confluence::database


           ================================================================================
           Error executing action `create` on resource 'postgresql_database[confluence]'
           ================================================================================

           PG::UndefinedObject
           -------------------
           ERROR:  role "confluence" does not exist

[patcon]

👍 :)

[patcon]

ok, this should be good now, but I haven't tested it yet, so I'll have to do that later

Also, I realized by consulting the docs that postgres didn't need grants if the user owns the database, and mysql doesn't have table ownership -- only grants (it's a no-op resource attr in the mysql_database resource :)

[legal90]

@patcon It works fine, thank you!

[lock]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.